Skip to content

Commit

Permalink
ci: Verify WIBU systems signed all available deb files
Browse files Browse the repository at this point in the history
  • Loading branch information
@AiyionPrime
AiyionPrime committed Sep 6, 2024
1 parent b8a84cc commit 54bcd6f
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 0 deletions.
25 changes: 25 additions & 0 deletions .github/workflows/ci_ubuntu_verify_repo.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,31 @@ name: CI ubuntu verify repo
'on':
workflow_call: null
jobs:
wibu-signed-deb-files:
runs-on: ubuntu-latest
steps:
- name: Checkout (GitHub)
uses: actions/checkout@v4
- name: Install debsig-verify
run: |
sudo apt update
sudo apt install -y debsig-verify
- name: Create debsig directory structures
run: |
sudo mkdir -p /etc/debsig/policies/5FCB7AB40CC62A25
sudo mkdir -p /usr/share/debsig/keyrings/5FCB7AB40CC62A25
- name: Install the debsig policy file
run: sudo cp policy.pol /etc/debsig/policies/5FCB7AB40CC62A25/
working-directory: ubuntu/
- name: Dearmor WIBU pubkey
run: gpg -o wibu_pub_dearmored.gpg --dearmor wibu_pub.gpg
working-directory: ubuntu/
- name: Install dearmored key
run: sudo cp wibu_pub_dearmored.gpg /usr/share/debsig/keyrings/5FCB7AB40CC62A25/debsig.gpg
working-directory: ubuntu/
- name: Verify WIBU systems signed all deb files
run: for i in ./*.deb; do debsig-verify "$i"; done
working-directory: ./ubuntu/
regeneration_is_clean:
runs-on: ubuntu-latest
steps:
Expand Down
14 changes: 14 additions & 0 deletions ubuntu/policy.pol
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
<?xml version="1.0"?>
<!DOCTYPE Policy SYSTEM "http://www.debian.org/debsig/1.0/policy.dtd">
<Policy xmlns="https://www.debian.org/debsig/1.0/">

<Origin Name="codemeter" id="5FCB7Ab40CC62A25" Description="CodeMeter"/>

<Selection>
<Required Type="origin" File="debsig.gpg" id="5FCB7AB40CC62A25"/>
</Selection>

<Verification MinOptional="0">
<Required Type="origin" File="debsig.gpg" id="5FCB7AB40CC62A25"/>
</Verification>
</Policy>
29 changes: 29 additions & 0 deletions ubuntu/wibu_pub.gpg
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBF4hyqMBEADSaQitekoKDzU8vd4WOFrtlfSsF8iJm/AIUCZHQ6wJ8sciSTJx
7rUoxW6GixpxPz/caWrFztuljF4twoHLsfAwgUFcWd+TC32l5sZeC26VEdoDEgf2
XonnUqNgT8fuoju2YkdZmqjhBjGRspGr3rgXtXegwWN+uFxiE5dhgy2wYtA6lZsW
bcjU0qvqF2GpAe04rdPpSullpLcD+lgSvSZT2mVbbG56M6ouU72mFeEJlQKQHvPa
stF7tLyyopdmDK/+SXh2I43MsS9G66i82hnEizg1ChHEVNcw+0PGwJ/4BRTdz/1e
Lr2tIZQQhK3MceeV09V8IPTHRNRlEgzXVQkV8Ig3+NQrxGsxEhJZaRtC7pg9Mh3j
ZvGesqZ92SG8QtPY/TZlQrQELbdavssGgRqd23X1GVxN8EmkmfKa58mIq8pGar2V
QzEH/be6dGZ2PpJA0v2+Pa2iEuff7gSdG+5XFj9quWMWC7IyxpSJhFsg41cobeFt
1gblxX81ppsDtkqkEM4gGhw7fsMd1MMRPmioXwhlfJOA2tZcENm0fmTc+pOvCsXB
hIL6cXan1zXp0lgpBNvnfih9PeE4AFjjDOrAFv/iwkzU9uGAJZ0pzpOeDAb5Irte
mh9HsUzcvFiVPERX5XSfZOnqpQAcbVGmcmRR2S5a3wJr8zowzFBmISnXmQARAQAB
tChXSUJVLVNZU1RFTVMgQUcgPGFkbWluaXN0cmF0b3JAd2lidS5jb20+iQJNBBMB
CAA3FiEES0UCM9cstCfQ53k5X8t6tAzGKiUFAl4hyqMCGwMFCwkIBwMEFQoJCAUW
AgMBAAIeAQIXgAAKCRBfy3q0DMYqJVfKD/9qAdXBdl/8jVVAaGGENpPPrJ8VqJ3D
Jtn9MIbkWyej01WqKikBmzsdlAqvdj0Q2OCxMULq+1KNYTI8zDn/xZpBheUjj6oT
jP5ATW68eAkj83ZqyfZBLmOjj46UVHiqSttCCJjUqW6FsOaVd8fi/cs6Y6rY4/p0
0TxlQnkNJfrhUwoNCTta829k9oxdWr1vsw1xv/swpCxv0Gs1x3aHQzOZ7ygo+6dK
6jO5r+2A3ov7CDWAPDjNIL7DToRGxDSuFRJTcE7L4wIQzKU61LMlFq2u4tOqYqKL
lVFtkc3Ikj5O6bF2VYzfGHidwrmH2D3Ah8t93DKtjDFyLhspSXEriQUBFFz3uz/0
8u89mbmuz6VmAHPaZ/lFj57VwXMcz+7S7v1xeT/wyxA8G3fvyAzdxizFXK8CNN9P
m9gJSZ2Vn7SoZQekdHBIqJofTUa23IWB+WRC6R+dZ/j6tYsBFj8u3lxGi5sz4HbM
xFihRN4te2uPh6nuTfryInJRKOUk2gx7P0ybWwQLKAjGUnidcRAZOrYB03AuNG3e
w9UDDeujLDKMhluxESdxwohJ3YFrqoqt8RRCm6dNew7vmmlymJBSSMC25AGYqvQ2
hjcnKHfer0emqqqWPkiZAL3lJMJjHuYxMuCX5v99g2aJzg4mCr6gTZKFsCSOwa4g
kEDwf3LdYcROfw==
=+SuL
-----END PGP PUBLIC KEY BLOCK-----

0 comments on commit 54bcd6f

Please sign in to comment.