Skip to content

Commit

Permalink
OpenPGP key support
Browse files Browse the repository at this point in the history
This adds a repository type as a keyring and content types to handle
keys, keyids and key signatures.

fixes #3024
  • Loading branch information
mdellweg committed Sep 26, 2024
1 parent 361392f commit 0f39a6c
Show file tree
Hide file tree
Showing 13 changed files with 1,638 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGES/3024.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Added OpenPGP keyring repository type and OpenPGP key content type.
Original file line number Diff line number Diff line change
@@ -0,0 +1,197 @@
# Generated by Django 4.2.4 on 2023-10-06 18:40

from django.db import migrations, models
import django.db.models.deletion
import pulpcore.app.util


class Migration(migrations.Migration):
dependencies = [
("core", "0123_upstreampulp_q_select"),
]

operations = [
migrations.CreateModel(
name="OpenPGPKeyring",
fields=[
(
"repository_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.repository",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
},
bases=("core.repository",),
),
migrations.CreateModel(
name="OpenPGPPublicKey",
fields=[
(
"content_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.content",
),
),
("raw_data", models.BinaryField()),
("fingerprint", models.CharField(max_length=64)),
("created", models.DateTimeField()),
(
"_pulp_domain",
models.ForeignKey(
default=pulpcore.app.util.get_domain_pk,
on_delete=django.db.models.deletion.PROTECT,
to="core.domain",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"unique_together": {("_pulp_domain", "fingerprint")},
},
bases=("core.content",),
),
migrations.CreateModel(
name="OpenPGPUserID",
fields=[
(
"content_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.content",
),
),
("raw_data", models.BinaryField()),
("user_id", models.CharField()),
(
"public_key",
models.ForeignKey(
on_delete=django.db.models.deletion.PROTECT,
related_name="user_ids",
to="core.openpgppublickey",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"unique_together": {("public_key", "user_id")},
},
bases=("core.content",),
),
migrations.CreateModel(
name="OpenPGPUserAttribute",
fields=[
(
"content_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.content",
),
),
("raw_data", models.BinaryField()),
("sha256", models.CharField(max_length=128)),
(
"public_key",
models.ForeignKey(
on_delete=django.db.models.deletion.PROTECT,
related_name="user_attributes",
to="core.openpgppublickey",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"unique_together": {("public_key", "sha256")},
},
bases=("core.content",),
),
migrations.CreateModel(
name="OpenPGPSignature",
fields=[
(
"content_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.content",
),
),
("raw_data", models.BinaryField()),
("sha256", models.CharField(max_length=128)),
("signature_type", models.PositiveSmallIntegerField()),
("created", models.DateTimeField()),
("expiration_time", models.DurationField(null=True)),
("key_expiration_time", models.DurationField(null=True)),
("issuer", models.CharField(max_length=16, null=True)),
("signers_user_id", models.CharField(null=True)),
(
"signed_content",
models.ForeignKey(
on_delete=django.db.models.deletion.PROTECT,
related_name="openpgp_signatures",
to="core.content",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"unique_together": {("signed_content", "sha256")},
},
bases=("core.content",),
),
migrations.CreateModel(
name="OpenPGPPublicSubkey",
fields=[
(
"content_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.content",
),
),
("raw_data", models.BinaryField()),
("fingerprint", models.CharField(max_length=64)),
("created", models.DateTimeField()),
(
"public_key",
models.ForeignKey(
on_delete=django.db.models.deletion.PROTECT,
related_name="public_subkeys",
to="core.openpgppublickey",
),
),
],
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"unique_together": {("public_key", "fingerprint")},
},
bases=("core.content",),
),
]
23 changes: 23 additions & 0 deletions pulpcore/app/migrations/0125_alter_openpgpkeyring_options.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Generated by Django 4.2.4 on 2023-10-07 14:18

from django.db import migrations


class Migration(migrations.Migration):
dependencies = [
("core", "0124_openpgpkeyring_openpgppublickey_openpgpuserid_and_more"),
]

operations = [
migrations.AlterModelOptions(
name="openpgpkeyring",
options={
"default_related_name": "%(app_label)s_%(model_name)s",
"permissions": [
("modify_openpgpkeyring", "Can modify content of the keyring"),
("manage_roles_openpgpkeyring", "Can manage roles on keyrings"),
("repair_openpgpkeyring", "Can repair repository versions"),
],
},
),
]
26 changes: 26 additions & 0 deletions pulpcore/app/migrations/0126_openpgpdistribution.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Generated by Django 4.2.6 on 2023-10-13 13:01

from django.db import migrations, models
import django.db.models.deletion
import pulpcore.app.models.access_policy


class Migration(migrations.Migration):

dependencies = [
('core', '0125_alter_openpgpkeyring_options'),
]

operations = [
migrations.CreateModel(
name='OpenPGPDistribution',
fields=[
('distribution_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='core.distribution')),
],
options={
'permissions': [('manage_roles_openpgpdistribution', 'Can manage roles on gem distributions')],
'default_related_name': '%(app_label)s_%(model_name)s',
},
bases=('core.distribution', pulpcore.app.models.access_policy.AutoAddObjPermsMixin),
),
]
10 changes: 10 additions & 0 deletions pulpcore/app/models/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -92,3 +92,13 @@

# Moved here to avoid a circular import with GroupProgressReport
from .replica import UpstreamPulp

from .openpgp import (
OpenPGPDistribution,
OpenPGPKeyring,
OpenPGPPublicKey,
OpenPGPPublicSubkey,
OpenPGPSignature,
OpenPGPUserAttribute,
OpenPGPUserID,
)
Loading

0 comments on commit 0f39a6c

Please sign in to comment.