path: root/createrepo/bin/createrepo-lirionde

#!/usr/bin/env bash

declare -a REPOS
declare GPGID

REPOSDEF=( 'all' 'el' 'suse' )

function hayulp {
	printf 'USAGE: %b -g GPG_ID [ -r REPO [ -r REPO ... ] ]\n' "$(basename "$0")"
	printf '\n'
	(
		printf -- '-r,\n'
		printf -- '--repos;Repo to be published.\n'
		printf ';Specify multiple times for multiple repositores.\n'
		printf ';Default: all, el, suse\n'
		printf -- '-g,\n'
		printf -- '--gpg-id;GPG key ID with which to sign the repository metadata file\n'
	)|column -ts\;
}

while [[ $# -gt 0 ]]; do
	case "$1" in
		"-r"|"--repo")
			REPOS+=( "$2" )
			shift # past argument
			shift # past value
		;;
		"-g"|"--gpg")
			GPGID="$2"
			shift
			shift
		;;
		"-"*)
			hayulp
			printf '\nUnknown option: %b\n' "$1" >&2
			exit 101
		;;
		*)
			hayulp
			printf '\nWrong syntax.\n' "$1" >&2
			exit 101
		;;
	esac
done

if [ "${#REPOS[@]}" -lt 1 ]; then
	REPOS=( "${REPOSDEF[@]}" )
	# if we can't be sure that indexes are sequential ints:
	# for idx in "${!REPOSDEF[@]}"; do REPOS["$idx"]="${REPOSDEF[$idx]}"; done
fi
if [ -z "$GPGID" ]; then
	# We do not accept that, we mandate here that repositories have to be GPG signed.
	# You actually can set up repositories without GPG signatures - we don't, it's
	# insecure and bad practice.
	hayulp
	printf '\nNo GPG ID supplied, exiting.\n' >&2
	exit 101
fi

# test signature creation
printf 'Testing GPG signing: '
MYTMP="$(mktemp -p /tmp createrepo-lirionde.XXXXXX)" || exit 110
gpg --local-user "$GPGID" --detach-sign --armour "$MYTMP" || exit 111
rm -f "$MYTMP" "${MYTMP}.asc" || exit 112
printf 'done.\n'

for repo in "${REPOS[@]}"; do
	faketime "$(date -I) 13:37:08" createrepo_c --update "/var/cache/rpm/$repo" || exit 120
	rm -vf "/var/cache/rpm/${repo}/repodata/repomd.xml.asc" || exit 121
	faketime "$(date -I) 13:37:08" gpg --local-user "$GPGID" \
		--detach-sign --armour "/var/cache/rpm/${repo}/repodata/repomd.xml" \
		|| exit 122
done