enable signing

2025-12-07 20:27:56 +06:00
parent 314fe4354d
commit 1235389da1
4 changed files with 40 additions and 1 deletions
--- a/binhost.sh
+++ b/binhost.sh
@@ -10,6 +10,7 @@ IMAGE="docker.io/gentoo/stage3:amd64-desktop-openrc"
 CONTAINER_NAME="gentoo_builder"
 PROFILE="default/linux/amd64/23.0/desktop"
 LOG_FILE="/var/log/gentoo_build.log" # inside container
+HOST_KEY_PATH="$(pwd)/secrets/signing.key"

 if [[ ! -d "$REPO/.git" ]]; then
    git clone "$REPO_URL" "$REPO"
@@ -66,12 +67,16 @@ init_container() {
        -v portage_db:/var/db/repos/gentoo \
        -v distfiles:/var/cache/distfiles \
        -v binpkgs:/var/cache/binpkgs \
+        -v "$HOST_KEY_PATH":/tmp/signing.key:ro \
        --tmpfs /var/tmp/portage:rw,size=48G,mode=1777 \
        "$IMAGE" \
        bin/bash -c "sleep infinity"

    echo "Running setup..."
    podman exec "$CONTAINER_NAME" bash -c "
+        mkdir -p /root/.gnupg
+        chmod 700 /root/.gnupg
+        gpg --batch --import /tmp/signing.key
        emerge-webrsync -q
        emerge -1vn --usepkg --buildpkg dev-vcs/git app-eselect/eselect-repository
        eselect profile set '$PROFILE'