Open nik9000 opened 9 years ago
Ok - I was too positive when I said that RPM signing worked on OSX "well". It works, but the rpm the comes with homebrew needs a tweak:
cat ~/.rpmmacros
%__gpg_check_password_cmd %{__gpg} \
gpg --homedir %{_gpg_path} --batch --no-verbose --passphrase-fd 3 -u %{_gpg_name} -so -
__gpg_sign_cmd %{__gpg} \
gpg --homedir %{_gpg_path} --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning \
-u %{_gpg_name} -sbo %{__signature_filename} %{__plaintext_filename}
It tries to quote some thing that gpg doesn't want quoted.
+1
The rest of the rpm build process works very well on osx with rpm installed using homebrew but the signing process is broken because expect is different. Compare:
The issue here is that
-
doesn't seem to have its traditional "read the from stdin" meaning on OSX when used here. I don't have any clue why. What about moving that sleep into the script itself?I also noticed while debugging this that the way that some errors weren't being propagated through expect because, I have no idea. Maybe its OSX again. I can't tell. Anyway, all the error handling out with
So far as I can tell
expect default
causes expect to wait for rpm to respond after the last message and thenlassign [wait]
waits for rpm to finish and sets a bunch of variables. theif
bit exits expect with the same return code the rpm used or some negative return code if something went more horribly wrong.