| |
@@ -43,6 +43,10 @@
|
| |
'tags': {}}
|
| |
if 'mbs_user' in instance_info:
|
| |
instance_obj['mbs_user'] = instance_info['mbs_user']
|
| |
+ if 'build_import_users' in instance_info:
|
| |
+ instance_obj['build_import_users'] = instance_info['build_import_users']
|
| |
+ else:
|
| |
+ instance_obj['build_import_users'] = []
|
| |
for tag in instance_info['tags']:
|
| |
if tag['from'] in instance_obj['tags']:
|
| |
raise Exception('From detected twice: %s' % tag['from'])
|
| |
@@ -258,9 +262,10 @@
|
| |
log.info('Content tag: %s', content_koji_tag)
|
| |
log.info('Signing all module content')
|
| |
for build in instance['client'].listTagged(content_koji_tag):
|
| |
- if build['owner_name'] != instance['mbs_user']:
|
| |
+ if build['owner_name'] != instance['mbs_user'] and \
|
| |
+ build['owner_name'] not in instance['build_import_users']:
|
| |
log.error(
|
| |
- 'Build {build_id} has owner {owner_name}, which is NOT mbs_user!'.format(
|
| |
+ 'Build {build_id} has owner {owner_name}, which is NOT mbs_user and is not in build_import_users!'.format(
|
| |
**build
|
| |
)
|
| |
)
|
| |
This allows us to expand an ownership check when signing modular content
tags to allow signing imported RPMs. This configuration option is
additive, any robosignatory sites out there without the config option it
defaults to the empty list.
Fixes: #59
Signed-off-by: Brian Stinson bstinson@redhat.com