Examples with AptSigningFacet org.sonatype.nexus.repository.apt.internal.gpg.AptSigningFacet used on opensource projects

Example 1 with AptSigningFacet

use of org.sonatype.nexus.repository.apt.internal.gpg.AptSigningFacet in project nexus-public by sonatype.

the class OrientAptHostedFacet method rebuildIndexes.

@TransactionalStoreMetadata
public void rebuildIndexes(final List<AssetChange> changes) throws IOException {
    StorageTx tx = UnitOfWork.currentTx();
    OrientAptFacet aptFacet = getRepository().facet(OrientAptFacet.class);
    AptSigningFacet signingFacet = getRepository().facet(AptSigningFacet.class);
    Bucket bucket = tx.findBucket(getRepository());
    StringBuilder sha256Builder = new StringBuilder();
    StringBuilder md5Builder = new StringBuilder();
    String releaseFile;
    try (CompressingTempFileStore store = buildPackageIndexes(tx, bucket, changes)) {
        for (Map.Entry<String, CompressingTempFileStore.FileMetadata> entry : store.getFiles().entrySet()) {
            Content plainContent = aptFacet.put(packageIndexName(entry.getKey(), ""), new StreamPayload(entry.getValue().plainSupplier(), entry.getValue().plainSize(), AptMimeTypes.TEXT));
            addSignatureItem(md5Builder, MD5, plainContent, packageRelativeIndexName(entry.getKey(), ""));
            addSignatureItem(sha256Builder, SHA256, plainContent, packageRelativeIndexName(entry.getKey(), ""));
            Content gzContent = aptFacet.put(packageIndexName(entry.getKey(), ".gz"), new StreamPayload(entry.getValue().gzSupplier(), entry.getValue().bzSize(), AptMimeTypes.GZIP));
            addSignatureItem(md5Builder, MD5, gzContent, packageRelativeIndexName(entry.getKey(), ".gz"));
            addSignatureItem(sha256Builder, SHA256, gzContent, packageRelativeIndexName(entry.getKey(), ".gz"));
            Content bzContent = aptFacet.put(packageIndexName(entry.getKey(), ".bz2"), new StreamPayload(entry.getValue().bzSupplier(), entry.getValue().bzSize(), AptMimeTypes.BZIP));
            addSignatureItem(md5Builder, MD5, bzContent, packageRelativeIndexName(entry.getKey(), ".bz2"));
            addSignatureItem(sha256Builder, SHA256, bzContent, packageRelativeIndexName(entry.getKey(), ".bz2"));
        }
        releaseFile = buildReleaseFile(aptFacet.getDistribution(), store.getFiles().keySet(), md5Builder.toString(), sha256Builder.toString());
    }
    aptFacet.put(releaseIndexName(RELEASE), new BytesPayload(releaseFile.getBytes(Charsets.UTF_8), AptMimeTypes.TEXT));
    byte[] inRelease = signingFacet.signInline(releaseFile);
    aptFacet.put(releaseIndexName(INRELEASE), new BytesPayload(inRelease, AptMimeTypes.TEXT));
    byte[] releaseGpg = signingFacet.signExternal(releaseFile);
    aptFacet.put(releaseIndexName(RELEASE_GPG), new BytesPayload(releaseGpg, AptMimeTypes.SIGNATURE));
}

Example 2 with AptSigningFacet

use of org.sonatype.nexus.repository.apt.internal.gpg.AptSigningFacet in project nexus-public by sonatype.

the class AptHostedFacet method rebuildMetadata.

/**
 * Method for triggering Apt metadata recalculation with possibility to specify what actually asset was changed
 */
public void rebuildMetadata(List<AssetChange> changeList) throws IOException {
    AptContentFacet aptFacet = getRepository().facet(AptContentFacet.class);
    AptSigningFacet signingFacet = getRepository().facet(AptSigningFacet.class);
    StringBuilder sha256Builder = new StringBuilder();
    StringBuilder md5Builder = new StringBuilder();
    String releaseFile;
    try (CompressingTempFileStore store = buildPackageIndexes(changeList)) {
        for (Map.Entry<String, CompressingTempFileStore.FileMetadata> entry : store.getFiles().entrySet()) {
            FluentAsset metadataAsset = aptFacet.put(packageIndexName(entry.getKey(), StringUtils.EMPTY), new StreamPayload(entry.getValue().plainSupplier(), entry.getValue().plainSize(), AptMimeTypes.TEXT));
            addSignatureItem(md5Builder, MD5, metadataAsset, packageRelativeIndexName(entry.getKey(), StringUtils.EMPTY));
            addSignatureItem(sha256Builder, SHA256, metadataAsset, packageRelativeIndexName(entry.getKey(), StringUtils.EMPTY));
            FluentAsset gzMetadataAsset = aptFacet.put(packageIndexName(entry.getKey(), GZ), new StreamPayload(entry.getValue().gzSupplier(), entry.getValue().bzSize(), AptMimeTypes.GZIP));
            addSignatureItem(md5Builder, MD5, gzMetadataAsset, packageRelativeIndexName(entry.getKey(), GZ));
            addSignatureItem(sha256Builder, SHA256, gzMetadataAsset, packageRelativeIndexName(entry.getKey(), GZ));
            FluentAsset bzMetadataAsset = aptFacet.put(packageIndexName(entry.getKey(), BZ2), new StreamPayload(entry.getValue().bzSupplier(), entry.getValue().bzSize(), AptMimeTypes.BZIP));
            addSignatureItem(md5Builder, MD5, bzMetadataAsset, packageRelativeIndexName(entry.getKey(), BZ2));
            addSignatureItem(sha256Builder, SHA256, bzMetadataAsset, packageRelativeIndexName(entry.getKey(), BZ2));
        }
        releaseFile = buildReleaseFile(aptFacet.getDistribution(), store.getFiles().keySet(), md5Builder.toString(), sha256Builder.toString());
    }
    aptFacet.put(releaseIndexName(RELEASE), new BytesPayload(releaseFile.getBytes(Charsets.UTF_8), AptMimeTypes.TEXT));
    byte[] inRelease = signingFacet.signInline(releaseFile);
    aptFacet.put(releaseIndexName(INRELEASE), new BytesPayload(inRelease, AptMimeTypes.TEXT));
    byte[] releaseGpg = signingFacet.signExternal(releaseFile);
    aptFacet.put(releaseIndexName(RELEASE_GPG), new BytesPayload(releaseGpg, AptMimeTypes.SIGNATURE));
}