From fb1d22b1dc4d5f4b828e0d828221e97264dbfd51 Mon Sep 17 00:00:00 2001 From: Andrejus Date: Sat, 25 Feb 2023 00:17:47 +0000 Subject: [PATCH] fix: apt signing --- Dockerfile | 4 +++- script/_utils.sh | 19 +++++++++++++++---- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 996107b..067b782 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,9 @@ RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selectio ENV DEBIAN_FRONTEND noninteractive RUN apt-get -qq update RUN apt-get -qq install --no-install-recommends \ - software-properties-common sudo + software-properties-common \ + wget \ + sudo # Create user with sudo priviledge RUN useradd -r -u 1001 --create-home -m "test-user" diff --git a/script/_utils.sh b/script/_utils.sh index 6696bde..3bb73f1 100755 --- a/script/_utils.sh +++ b/script/_utils.sh @@ -1,5 +1,7 @@ # Utility functions for common tasks +ARCH=$(dpkg --print-architecture) + # @arg $1 URL to download # @arg $2 Path to file function download_file { @@ -52,14 +54,23 @@ function install { # * components - apt components function add_repository { key=$(jq -r ".key" <<<"$1") - repository=$(jq -r ".repository" <<<"$1") + echo "Updating apt repository ${key}..." + signingKey=$(jq -r ".signingKey" <<<"$1") + repository=$(jq -r ".repository" <<<"$1") components=$(jq -r ".components" <<<"$1") - source="deb [arch=$(dpkg --print-architecture)] ${repository} ${components}" - echo "$source" | sudo tee "/etc/apt/sources.list.d/${key}.list" >/dev/null + + signingKeyPath="/etc/apt/keyrings/${key}.gpg" + sourcesListPath="/etc/apt/sources.list.d/${key}.list" + source="deb [signed-by=${signingKeyPath} arch=${ARCH}] ${repository} ${components}" + + sudo mkdir -p /etc/apt/keyrings + sudo mkdir -p /etc/apt/sources.list.d + + echo "$source" | sudo tee "$sourcesListPath" >/dev/null wget -O- "$signingKey" | gpg --dearmor | - sudo tee "/etc/apt/keyrings/${key}.gpg" >/dev/null + sudo tee "$signingKeyPath" >/dev/null } # @arg $1 package list file to install