bin/summary: Use ostree_repo_regenerate_metadata

Call `ostree_repo_regenerate_metadata` with the provided GPG and sign
keys to generate and sign the summary in one call. This changes the
handling when GPGME support is disabled but GPG keys are supplied.
Instead of silently ignoring the option, it will now error. IMO that's
better as callers would otherwise not know that the summary is not GPG
signed.

diff --git a/src/ostree/ot-builtin-summary.c b/src/ostree/ot-builtin-summary.c
index 2d6306a4a8f27cd44e2e7a6d35b20f63cf20b54b..219af604ada16ed62bacf39605dcbf0d734a4f0a 100644 (file)
--- a/src/ostree/ot-builtin-summary.c
+++ b/src/ostree/ot-builtin-summary.c
@@ -223,50 +223,39 @@ ostree_builtin_summary (int argc, char **argv, OstreeCommandInvocation *invocati
             return FALSE;
         }
 
-      /* Regenerate and sign the conventional summary file. */
-      if (!ostree_repo_regenerate_summary (repo, additional_metadata, cancellable, error))
-        return FALSE;
-
-#ifndef OSTREE_DISABLE_GPGME
-      if (opt_gpg_key_ids)
-        {
-          if (!ostree_repo_add_gpg_signature_summary (repo,
-                                                      (const gchar **) opt_gpg_key_ids,
-                                                      opt_gpg_homedir,
-                                                      cancellable,
-                                                      error))
-            return FALSE;
-        }
-#endif
-      if (opt_key_ids)
+      /* Regenerate and sign the repo metadata. */
+      g_auto(GVariantBuilder) metadata_opts_builder = G_VARIANT_BUILDER_INIT (G_VARIANT_TYPE_VARDICT);
+      g_autoptr(GVariant) metadata_opts = NULL;
+      if (opt_gpg_key_ids != NULL)
+        g_variant_builder_add (&metadata_opts_builder, "{sv}", "gpg-key-ids",
+                               g_variant_new_strv ((const char * const *) opt_gpg_key_ids, -1));
+      if (opt_gpg_homedir != NULL)
+        g_variant_builder_add (&metadata_opts_builder, "{sv}", "gpg-homedir",
+                               g_variant_new_string (opt_gpg_homedir));
+      if (opt_key_ids != NULL)
         {
-          g_autoptr (GVariant) secret_keys = NULL;
-          g_autoptr (GVariantBuilder) sk_builder = NULL;
-
-          sk_builder = g_variant_builder_new (G_VARIANT_TYPE_ARRAY);
+          g_auto(GVariantBuilder) sk_builder = G_VARIANT_BUILDER_INIT (G_VARIANT_TYPE_ARRAY);
 
-          char **iter;
-          for (iter = opt_key_ids; iter && *iter; iter++)
+          /* Currently only strings are used as keys for supported
+           * signature types. */
+          for (const char * const *iter = (const char * const *) opt_key_ids;
+               iter != NULL && *iter != NULL; iter++)
             {
-              const char *keyid = *iter;
-              GVariant *secret_key = NULL;
-
-              /* Currently only strings are used as keys
-               * for supported signature types */
-              secret_key = g_variant_new_string (keyid);
-
-              g_variant_builder_add (sk_builder, "v", secret_key);
+              const char *key_id = *iter;
+              g_variant_builder_add (&sk_builder, "v", g_variant_new_string (key_id));
             }
 
-          secret_keys = g_variant_builder_end (sk_builder);
-
-          if (! ostree_sign_summary (sign,
-                                     repo,
-                                     secret_keys,
-                                     cancellable,
-                                     error))
-            return FALSE;
+          g_variant_builder_add (&metadata_opts_builder, "{sv}", "sign-keys",
+                                 g_variant_builder_end (&sk_builder));
         }
+      if (opt_sign_name != NULL)
+        g_variant_builder_add (&metadata_opts_builder, "{sv}", "sign-type",
+                               g_variant_new_string (opt_sign_name));
+
+      metadata_opts = g_variant_ref_sink (g_variant_builder_end (&metadata_opts_builder));
+      if (!ostree_repo_regenerate_metadata (repo, additional_metadata, metadata_opts,
+                                            cancellable, error))
+        return FALSE;
     }
   else if (opt_view || opt_raw)
     {