def gen_gpgkey(ctx, rpmmacros="~/.rpmmacros", homedir=None, compat=True, passphrase=None):
"""
Generate and configure GPG key to sign RPMs built.
:param ctx: Context object to instantiate the template
:param rpmmacros: .rpmmacros file path
:param homedir: GPG's home dir (~/.gnupg by default); see also gpg(1)
:param compat: Keep compatibility of GPG key for older RHEL if True
:param passphrase: Passphrase for this GPG key
:return: List of command strings to deploy built RPMs.
"""
_check_vars_for_template(ctx, ["workdir"])
workdir = ctx["workdir"]
if passphrase is None:
passphrase = getpass.getpass("Passphrase for this GPG key: ")
homedir_opt = "" if homedir is None else "--homedir " + homedir
gpgconf = os.path.join(workdir, ".gpg.conf")
comment = "RPM sign key"
c = _GPGKEY_CONF % dict(signer_name=ctx["fullname"], comment=comment, passphrase=passphrase)
logging.info("Generate GPG conf to generate GPG key...")
open(gpgconf, "w").write(c)
os.chmod(gpgconf, 0600)
sproc = gen_entoropy()
logging.info("Generate GPG key...")
MS.run("gpg -v --batch --gen-key %s %s" % (homedir_opt, gpgconf))
MS.stop_async_run(sproc)
os.remove(gpgconf)
keyid = find_keyid(ctx["fullname"], comment)
logging.info("Export GPG pub key files...")
for c in mk_export_gpgkey_files_cmds(keyid, workdir, ctx["repos"], homedir_opt):
MS.run(c)
rpmmacros = os.path.expanduser("~/.rpmmacros")
if os.path.exists(rpmmacros):
m = "~/.rpmmacros already exists! Edit it manually as needed."
logging.warn(m)
else:
fmt = _RPMMACROS_ADD_1 if compat else _RPMMACROS_ADD_0
open(rpmmacros, "w").write(fmt % dict(keyid=keyid))
logging.info("Added GPG key configurations to " + rpmmacros)
