You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by bi...@apache.org on 2012/12/23 23:36:23 UTC

svn commit: r1425544 - /maven/project/tools/scrape-nexus-releases/inventory.py

Author: bimargulies
Date: Sun Dec 23 22:36:23 2012
New Revision: 1425544

URL: http://svn.apache.org/viewvc?rev=1425544&view=rev
Log:
Add gpg signature checking.

Modified:
    maven/project/tools/scrape-nexus-releases/inventory.py

Modified: maven/project/tools/scrape-nexus-releases/inventory.py
URL: http://svn.apache.org/viewvc/maven/project/tools/scrape-nexus-releases/inventory.py?rev=1425544&r1=1425543&r2=1425544&view=diff
==============================================================================
--- maven/project/tools/scrape-nexus-releases/inventory.py (original)
+++ maven/project/tools/scrape-nexus-releases/inventory.py Sun Dec 23 22:36:23 2012
@@ -4,6 +4,7 @@ import sys
 import argparse
 import os
 import shutil
+import gnupg
 
 def fetch_inventory(options):
     """Return a list of search result objects, one for each of the specified group patterns."""
@@ -106,6 +107,7 @@ def do_inventory(options, inventories):
     archive_report.close()
     
 def do_download(options, inventories):
+    gpg = gnupg.GPG(gpgbinary="/usr/local/bin/gpg") # why isn't it found in path?
     nexusurl = options.url
     output_dir = options.output
     headers = { 'Accept' : 'application/json' }
@@ -137,7 +139,6 @@ def do_download(options, inventories):
             md5_path = repo_path + ".md5"
             asc_repo_path = repo_path + ".asc"
             asc_md5_repo_path = repo_path + ".asc.md5"
-            
 
             for path in [ repo_path, asc_repo_path, md5_path, asc_md5_repo_path]:
                 url = nexusurl + ('/service/local/repositories/{0}/content/{1}'.format(repository, path))
@@ -161,6 +162,16 @@ def do_download(options, inventories):
                 shutil.copyfileobj(r.raw, outstream)
                 outstream.close()
                 sys.stdout.write('done.\n')
+                if path == repo_path:
+                    rel_path = full_outputpath
+                if path == asc_repo_path:
+                    asc_rel_path = full_outputpath
+                    
+                
+            sig_stream = open(asc_rel_path, 'rb')
+            verified = gpg.verify_file(sig_stream, rel_path)
+            sig_stream.close()
+            print("Verified: {0}".format(verified.username))
     
 if __name__ == '__main__':
     options = cliargs()