Remove PASS_NAME_{GPG,KEY} from main settings file

The values were specific to Foreman, but we have other projects. The code is now modified to ensure the variables are set before they're used. It now also loads the common Foreman settings file for projects that inherit the Foreman settings. Previously it only loaded the version specific settings. Some care is taken in Foreman's common settings to only export values when no inheritance is taking place.
theforeman · Sep 3, 2024 · 7336048 · 7336048
1 parent 5c2679c
commit 7336048
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 7 deletions.
diff --git a/export_gpg_private b/export_gpg_private
@@ -2,6 +2,8 @@
 
 . settings
 
+require_pass_name_key
+
 if [[ ! -d $KEYDIR ]] ; then
 	echo "Keydir $KEYDIR doesn't exist"
 	exit 1

diff --git a/generate_gpg b/generate_gpg
@@ -13,6 +13,8 @@ if [[ -n $FULLGPGKEY ]] ; then
 	exit 2
 fi
 
+require_pass_name_gpg
+
 mkdir -m 0700 $KEYDIR
 
 ( gopass show --password "$PASS_NAME_GPG" 2> /dev/null || gopass generate "$PASS_NAME_GPG" 20 ) > /dev/null

diff --git a/import_gpg_private b/import_gpg_private
@@ -2,6 +2,8 @@
 
 . settings
 
+require_pass_name_key
+
 if [[ ! -d "$KEYDIR" ]] ; then
 	mkdir -p -m 0700 "$KEYDIR"
 fi

diff --git a/releases/foreman/settings b/releases/foreman/settings
@@ -1,3 +1,11 @@
-TAR_PROJECTS="foreman foreman-proxy foreman-installer foreman-selinux"
-RPM_PACKAGES=(foreman foreman-installer foreman-proxy foreman-release foreman-selinux)
-PACKAGING_SUBDIR="packages/foreman"
+# This deals with inheritance with other projects
+if [[ -z $FOREMAN_VERSION ]] ; then
+	TAR_PROJECTS="foreman foreman-proxy foreman-installer foreman-selinux"
+	RPM_PACKAGES=(foreman foreman-installer foreman-proxy foreman-release foreman-selinux)
+	PACKAGING_SUBDIR="packages/foreman"
+else
+	FOREMAN_VERSION=$VERSION
+fi
+
+PASS_NAME_GPG="theforeman/releases/foreman/${FOREMAN_VERSION}-gpg"
+PASS_NAME_KEY="theforeman/releases/foreman/${FOREMAN_VERSION}-key"
diff --git a/settings b/settings
@@ -28,10 +28,9 @@ load_settings() {
       exit 1
     elif [[ "$FOREMAN_VERSION" != "none" ]]; then
       # load foreman settings, which will contain keys etc
+      . releases/foreman/settings
       . "releases/foreman/${FOREMAN_VERSION}/settings"
     fi
-  else
-    FOREMAN_VERSION="$VERSION"
   fi
 }
 
@@ -67,11 +66,24 @@ GPG_EXPIRE="1y"
 
 load_settings
 
-PASS_NAME_GPG="theforeman/releases/foreman/$FOREMAN_VERSION-gpg"
-PASS_NAME_KEY="theforeman/releases/foreman/$FOREMAN_VERSION-key"
 HALFGPGKEY="$(echo ${FULLGPGKEY: -16} | tr '[A-Z]' '[a-z]')"
 
+require_pass_name_gpg() {
+	if [[ -z $PASS_NAME_GPG ]] ; then
+		echo "Set PASS_NAME_GPG in the settings"
+		exit 1
+	fi
+}
+
+require_pass_name_key() {
+	if [[ -z $PASS_NAME_KEY ]] ; then
+		echo "Set PASS_NAME_KEY in the settings"
+		exit 1
+	fi
+}
+
 show_gpg_password() {
+	require_pass_name_gpg
 	gopass show --password "$PASS_NAME_GPG"
 }