From 1a9e15ef012f8e46b9d425283412576f659fc212 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=E1=B4=8F=C9=B4=C9=A2=20Jie?= <gongjie@linux.vnet.ibm.com>
Date: Thu, 9 Aug 2018 17:27:46 +0800
Subject: [PATCH] Use xCAT Automatic Signing Key, 5619700D to do the signing.
 (#5485)

RHEL5 is archaic. Use the default hash algorithm to do the checksum. Which is SHA-256 on RHEL6.
---
 buildcore.sh | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/buildcore.sh b/buildcore.sh
index 3295db7ca..853c65036 100755
--- a/buildcore.sh
+++ b/buildcore.sh
@@ -462,17 +462,20 @@ if [ "$OSNAME" != "AIX" ]; then
             echo '%_signature gpg' >> $MACROS
         fi
         if ! $GREP '%_gpg_name' $MACROS 2>/dev/null; then
-            echo '%_gpg_name xCAT Security Key' >> $MACROS
+            echo '%_gpg_name xCAT Automatic Signing Key' >> $MACROS
         fi
         echo "Signing RPMs..."
         build-utils/rpmsign.exp `find $DESTDIR -type f -name '*.rpm'` | grep -v -E '(already contains identical signature|was already signed|rpm --quiet --resign|WARNING: standard input reopened)'
         build-utils/rpmsign.exp $SRCDIR/*rpm | grep -v -E '(already contains identical signature|was already signed|rpm --quiet --resign|WARNING: standard input reopened)'
-        createrepo --checksum sha $DESTDIR            # specifying checksum so the repo will work on rhel5
-        createrepo --checksum sha $SRCDIR
+        # RHEL5 is archaic. Use the default hash algorithm to do the checksum.
+        # Which is SHA-256 on RHEL6.
+        createrepo $DESTDIR
+        createrepo $SRCDIR
         rm -f $SRCDIR/repodata/repomd.xml.asc
         rm -f $DESTDIR/repodata/repomd.xml.asc
-        gpg -a --detach-sign $DESTDIR/repodata/repomd.xml
-        gpg -a --detach-sign $SRCDIR/repodata/repomd.xml
+        # Use the xCAT Automatic Signing Key to do the signing
+        gpg -a --detach-sign --default-key 5619700D $DESTDIR/repodata/repomd.xml
+        gpg -a --detach-sign --default-key 5619700D $SRCDIR/repodata/repomd.xml
         if [ ! -f $DESTDIR/repodata/repomd.xml.key ]; then
             ${WGET_CMD} -q -P $DESTDIR/repodata $GSA/keys/repomd.xml.key
         fi
@@ -480,8 +483,8 @@ if [ "$OSNAME" != "AIX" ]; then
             ${WGET_CMD} -P $SRCDIR/repodata $GSA/keys/repomd.xml.key
         fi
     else
-        createrepo --checksum sha $DESTDIR
-        createrepo --checksum sha $SRCDIR
+        createrepo $DESTDIR
+        createrepo $SRCDIR
     fi
 fi