From 237670e9b1adf00c1a3d21ce7e5ca1d3d1f9ffc3 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Thu, 2 Sep 2021 08:39:45 -0400
Subject: [PATCH] Rework gpg key import for suse build

Only pull in host keys when not using a source.
When using source(s), pull in all normal gpg keys from local filesystem sources.
---
 imgutil/imgutil | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/imgutil/imgutil b/imgutil/imgutil
index 4025c18f..40f04f51 100644
--- a/imgutil/imgutil
+++ b/imgutil/imgutil
@@ -439,11 +439,10 @@ class SuseHandler(OsHandler):
             self.sources.append('file://' + os.path.join(sourcepath, 'Product-HPC'))
 
     def prep_root(self, args):
+        gpgkeys = []
         mkdirp(self.targpath)
-        if self.sources:
-            addkeycmd = ['rpm', '--root', self.targpath, '--import'] + glob.glob('/usr/lib/rpm/gnupg/keys/*.asc')
-            subprocess.check_call(addkeycmd)
-        else:
+        if not self.sources:
+            gpgkeys = glob.glob('/usr/lib/rpm/gnupg/keys/*.asc')
             targzypp = os.path.join(self.targpath, 'etc/zypp')
             mkdirp(targzypp)
             shutil.copytree(
@@ -452,8 +451,14 @@ class SuseHandler(OsHandler):
         for source in self.sources:
             if not source:
                 continue
+            if source.startswith('file://'):
+                gpgpath = source.replace('file://', '')
+                gpgkeys.extend(glob.glob(os.path.join(gpgpath, '*/gpg-pubkey*.asc')))
             subprocess.check_call(['zypper', '-R', self.targpath, 'ar', source, 'source-{}'.format(idx)])
             idx += 1
+        if gpgkeys:
+                addkeycmd = ['rpm', '--root', self.targpath, '--import'] + gpgkeys
+                subprocess.check_call(addkeycmd)
         for source in self.addrepos.split(','):
             if not source:
                 continue