#
# spec file for package uyuni-build-keys
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%global gpgdirroot %{_datarootdir}/susemanager/gpg

%global susemanager_build_keys_version 15.4.9

%if 0%{?rhel}
%global apache_name httpd
%else
%global apache_name apache2
%endif

Name:           uyuni-build-keys
BuildRequires:  gpg
Requires:       gpg
Requires:       (awk or gawk)
Provides:       susemanager-build-keys = %{susemanager_build_keys_version}
AutoReqProv:    off
Summary:        The public gpg keys for rpm package signature verification
License:        GPL-2.0-or-later
Group:          System/Packages
URL:            https://www.uyuni-project.org/
Version:        2024.01.1
Release:        230900.2.1.uyuni3

# pub  2048R/39DB7C82 2013-01-31 SuSE Package Signing Key <build@suse.de>
# SLE12: The main package signing key.
Source2:        gpg-pubkey-39db7c82-5f68629b.asc
# pub  2048R/50A3DD1C 2013-01-14 SuSE Package Signing Key (reserve key) <build@suse.de>
# SLE12 Fallback key if main key gets lost.
Source3:        gpg-pubkey-50a3dd1c-50f35137.asc

# pub  1024R/307E3D54 2006-03-21 SuSE Package Signing Key <build@suse.de>
# SLE11 build@suse.de key, 1024 bit
Source4:        gpg-pubkey-307e3d54-5aaa90a5.asc

# pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
# SLE10 build@suse.de key, 1024 bit
Source5:        gpg-pubkey-9c800aca-5aaa90c5.asc

# pub   1024D/0182B964 2008-11-05 Extended Support Package Signing Key (Extended Support Package Signing Key) <extended-build@novell.com>
# EPAM RES build key
Source6:        gpg-pubkey-0182b964-4911a584.asc

# pub   2048R/3DBDC284 2008-11-07 openSUSE Project Signing Key <opensuse@opensuse.org>
Source7:        gpg-pubkey-3dbdc284-53674dd4.asc

# pub   2048R/0D20833E 2018-06-18 systemsmanagement:Uyuni:Master OBS Project <systemsmanagement:Uyuni:Master@build.opensuse.org>
Source8:        gpg-pubkey-0d20833e.asc

# pub rsa4096/C105B9DE 2011-07-03 CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
# CentOS-6 Key
Source9:        RPM-GPG-KEY-CentOS-6

# pub rsa4096/F4A80EB5 2014-06-23 CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>
# CentOS-7 Key
Source10:       RPM-GPG-KEY-CentOS-7

# pub   rsa4096/3B4FE6ACC0B21F32 2012-05-11 Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
# Ubuntu archive key 2012
Source11:       ubuntu-archive-2012-3B4FE6ACC0B21F32.asc

# pub   rsa4096/871920D1991BC93C 2018-09-17 Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>
# Ubuntu archive key 2018
Source12:       ubuntu-archive-2018-871920D1991BC93C.asc

# pub   rsa2048/72F97B74EC551F03 2010-07-01 Oracle OSS group (Open Source Software group) <build@oss.oracle.com>
# OL6 and OL7
Source13:       RPM-GPG-KEY-oracle-ol-6-7

# pub   rsa4096/82562EA9AD986DA3 2019-04-09 Oracle OSS group (Open Source Software group) <build@oss.oracle.com>
# OL8
Source14:       RPM-GPG-KEY-oracle-ol8

# pub   rsa4096/044ADAEE04881839 2019-01-04 Micro Focus Build Service (Contact security@novell.com) <OESBuild@novell.com>
# Micro Focus
Source15:       oes-gpg-pubkey-044ADAEE04881839.asc

# pub   rsa2048/57DA9A6804A29DB0 2015-07-08 Novell Bangalore BuildService (Contact security@novell.com) <novell-bangalore-build@novell.com>
# old Novell Key
Source16:       oes-gpg-pubkey-57DA9A6804A29DB0.asc

# pub   rsa4096/05B555B38483C65D 2019-05-03 CentOS (CentOS Official Signing Key) <security@centos.org>
# CentOS8
Source17:       RPM-GPG-KEY-CentOS-Official

# pub   rsa2048/65176565 2015-05-29 openSUSE:Backports OBS Project <openSUSE:Backports@build.opensuse.org>
# PackageHub
Source18:       packagehub-gpg-pubkey-65176565.asc

# pub   rsa2048/0x8EFE1BC4D4ADE9C3 2017-12-11 [SC] [expires: 2027-12-09]
# Key fingerprint = 0EE9 CA43 0050 9E29 17A0  54ED 8EFE 1BC4 D4AD E9C3
# uid                             SUSE Linux Container Signing Key <build-container@suse.de>
# The SUSE Container GPG Key.
Source19:       build-container-d4ade9c3-5a2e9669.asc

# pub   rsa4096/E0B11894F66AEC98 2017-05-22 [SC] [expires: 2025-05-20]
# Key fingerprint = E1CF 20DD FFE4 B89E 8026  58F1 E0B1 1894 F66A EC98
# uid                 [ unknown] Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
# sub   rsa4096/04EE7237B7D453EC 2017-05-22 [S] [expires: 2025-05-20]
Source20:       debian-archive-key-9-04EE7237B7D453EC.asc

# pub   rsa4096/EDA0D2388AE22BA9 2017-05-22 [SC] [expires: 2025-05-20]
# Key fingerprint = 6ED6 F5CB 5FA6 FB2F 460A  E88E EDA0 D238 8AE2 2BA9
# uid                 [ unknown] Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
# sub   rsa4096/AA8E81B4331F7F50 2017-05-22 [S] [expires: 2025-05-20]
Source21:       debian-archive-key-9-security-AA8E81B4331F7F50.asc

# pub   rsa4096/EF0F382A1A7B6500 2017-05-20 [SC] [expires: 2025-05-18]
# Key fingerprint = 067E 3C45 6BAE 240A CEE8  8F6F EF0F 382A 1A7B 6500
# uid                 [ unknown] Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>
Source22:       debian-release-9-EF0F382A1A7B6500.asc

# pub   rsa4096/DC30D7C23CBBABEE 2019-04-14 [SC] [expires: 2027-04-12]
# Key fingerprint = 80D1 5823 B7FD 1561 F9F7  BCDD DC30 D7C2 3CBB ABEE
# uid                 [ unknown] Debian Archive Automatic Signing Key (10/buster) <ftpmaster@debian.org>
# sub   rsa4096/648ACFD622F3D138 2019-04-14 [S] [expires: 2027-04-12]
Source23:       debian-archive-key-10-648ACFD622F3D138.asc

# pub   rsa4096/4DFAB270CAA96DFA 2019-04-14 [SC] [expires: 2027-04-12]
# Key fingerprint = 5E61 B217 265D A980 7A23  C5FF 4DFA B270 CAA9 6DFA
# uid                 [ unknown] Debian Security Archive Automatic Signing Key (10/buster) <ftpmaster@debian.org>
# sub   rsa4096/112695A0E562B32A 2019-04-14 [S] [expires: 2027-04-12]
Source24:       debian-archive-key-10-security-112695A0E562B32A.asc

# pub   rsa4096/DCC9EFBF77E11517 2019-02-05 [SC] [expires: 2027-02-03]
# Key fingerprint = 6D33 866E DD8F FA41 C014  3AED DCC9 EFBF 77E1 1517
# uid                 [ unknown] Debian Stable Release Key (10/buster) <debian-release@lists.debian.org>
Source25:       debian-release-10-DCC9EFBF77E11517.asc

# pub   rsa4096/7638D0442B90D010 2014-11-21 [SC] [expires: 2022-11-19]
# Key fingerprint = 126C 0D24 BD8A 2942 CC7D  F8AC 7638 D044 2B90 D010
# uid                 [ unknown] Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
Source26:       debian-archive-key-8-7638D0442B90D010.asc

# pub   rsa4096/EFD752E7E232ED8712E7635CEB801C41873141A8 2016-12-13 alicloud7release <alicloud-linux-os@service.aliyun.com>
# Alibaba Cloud Linux 2 (Aliyun Linux)
Source27:       RPM-GPG-KEY-ALIYUN

# pub   rsa4096/11CF1F95C87F5B1A 2017-06-07 [SC]
#      99E617FE5DB527C0D8BD5F8E11CF1F95C87F5B1A
# uid                 [ unknown] Amazon Linux <amazon-linux@amazon.com>
Source28:       RPM-GPG-KEY-amazon-linux-2

# pub   rsa4096/0x3ABB34F8 2021-01-12 [C] [expires: 2024-01-12]
#       5E9B8F5617B5066CE92057C3488FCF7C3ABB34F8
# uid                     AlmaLinux <packager@almalinux.org>
# sub   rsa3072/0xC21AD6EA 2021-01-12 [S] [expires: 2024-01-12]
Source29:       RPM-GPG-KEY-AlmaLinux

# pub   rsa2048 2020-12-02 [SC] [expires: 2023-02-10]
#       44CA8C74F08D9C47618782DF3C90731ED78C6B69
# uid           SUSE:SLE-15-SP3:Update OBS Project <SUSE:SLE-15-SP3:Update@build.opensuse.org>
Source30:       gpg-pubkey-d78c6b69-5fc7b9e7.asc

# pub   rsa4096 2021-02-14 [SCE]
#       7051C470A929F454CEBE37B715AF5DAC6D745A60
# uid           Release Engineering <infrastructure@rockylinux.org>
Source31:       RPM-GPG-KEY-rockyofficial

# pub   rsa4096 2021-01-17 [SC] [expires: 2029-01-15]
#      AC530D520F2F3269F5E98313A48449044AAD5C5D
# uid           [ unknown] Debian Security Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>
Source32:       debian-archive-key-11-security-A48449044AAD5C5D.asc

# pub   rsa4096 2021-01-17 [SC] [expires: 2029-01-15]
#       1F89983E0081FDE018F3CC9673A4F27B8DD47936
# uid           [ unknown] Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>
Source33:       debian-archive-key-11-73A4F27B8DD47936.asc

# pub   rsa4096 2021-02-13 [SC] [expires: 2029-02-11]
#       A4285295FC7B1A81600062A9605C66F00D6C9793
# uid           [ unknown] Debian Stable Release Key (11/bullseye) <debian-release@lists.debian.org>
Source34:       debian-release-11-605C66F00D6C9793.asc

# pub   rsa2048 2019-10-21 [SCEA]
#       12EA74AC9DF48D46C69CA0BED557065EB25E7F66
# uid           private OBS (key without passphrase) <defaultkey@localobs>
Source35:       RPM-GPG-KEY-openEuler

# pub   rsa4096 2022-01-18 [SC]
#       BF18AC2876178908D6E71267D36CB86CB86B3716
# uid           AlmaLinux OS 9 <packager@almalinux.org>
Source36:       RPM-GPG-KEY-AlmaLinux-9

# pub   rsa4096 2022-01-19 [SC] [expires: 2042-01-14]
#       3E6D826D3FBAB389C2F38E34BC4D06A08D8B756F
# uid           Oracle Linux (release key 1) <secalert_us@oracle.com>
Source37:       RPM-GPG-KEY-oracle

# pub   rsa4096 2022-01-19 [SC] [expires: 2042-01-14]
#       982231759C7467065D0CE9B2A7DD07088B4EFBE6
# uid           Oracle Linux (backup key 1) <secalert_us@oracle.com>
Source38:       RPM-GPG-KEY-oracle-backup

# pub   rsa4096 2009-10-22 [SC]
#       567E347AD0044ADE55BA8A5F199E2F91FD431D51
# uid           [ unknown] Red Hat, Inc. (release key 2) <security@redhat.com>
Source39:       RPM-GPG-KEY-redhat-release

# pub   rsa4096 2022-03-09 [SC]
#       7E4624258C406535D56D6F135054E4A45A6340B3
# uid           [ unknown] Red Hat, Inc. (auxiliary key 3) <security@redhat.com>
Source40:       RPM-GPG-KEY-redhat-auxiliary

# pub   rsa4096 2022-05-09 [SC]
#       21CB256AE16FC54C6E652949702D426D350D275D
# uid           Rocky Enterprise Software Foundation - Release key 2022 <releng@rockylinux.org>
Source41:       RPM-GPG-KEY-Rocky-9

# pub   rsa4096 2022-09-21 [SC] [expires: 2026-09-20]
#       CCB57F6E2FA5D41B256E02B897A636DB0BAD8ECC
# uid           SUSE product addon <build-addon@suse.de>
Source42:       build-addon-0bad8ecc-632aff67.asc

# pub   rsa4096 2022-05-30 [SC] [expires: 2032-05-27]
#       F8CD9BBD5C9614F95CA85788177086FAB0F9C64F
# uid           SUSE Liberty Package Signing Key (v2) <suse-liberty-build-v2@suse.de>
Source43:       RPM-GPG-KEY-SUSE-Liberty-v2

#pub   rsa4096/0xA1BFC02BD588DC46 2023-01-19 [SC] [expires: 2033-01-16]
#      Key fingerprint = B56E 5601 41D8 F654 2DFF  3BF9 A1BF C02B D588 DC46
#uid                             SUSE Package Signing Key (reserve key) <build@suse.de>
Source44:       gpg-pubkey-d588dc46-63c939db.asc

#pub   rsa4096/0xF74F09BC3FA1D6CE 2023-01-19 [SC] [expires: 2027-01-18]
#      Key fingerprint = 7F00 9157 B127 B994 D5CF  BE76 F74F 09BC 3FA1 D6CE
#uid                             SUSE Package Signing Key <build@suse.de>
#
Source45:       gpg-pubkey-3fa1d6ce-63c9481c.asc

#pub   rsa4096/0x35A2F86E29B700A4 2022-06-20 [SC] [expires: 2026-06-19]
#      Key fingerprint = AD48 5664 E901 B867 051A  B15F 35A2 F86E 29B7 00A4
#uid                    openSUSE Project Signing Key <opensuse@opensuse.org>
Source46:       gpg-pubkey-29b700a4.asc

#pub   rsa4096/254CF3B5AEC0A8F0 2023-01-21 [SC] [verfällt: 2031-01-19]
#      05AB90340C0C5E797F44A8C8254CF3B5AEC0A8F0
#uid              Debian Security Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>
Source47:       debian-archive-key-12-security-254CF3B5AEC0A8F0.asc

#pub   rsa4096/B7C5D7D6350947F8 2023-01-21 [SC] [verfällt: 2031-01-19]
#      B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8
#uid              Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>
Source48:       debian-archive-key-12-B7C5D7D6350947F8.asc

#pub   ed25519/F8D2585B8783D481 2023-01-23 [SC] [verfällt: 2031-01-21]
#      4D64FEC119C2029067D6E791F8D2585B8783D481
#uid              Debian Stable Release Key (12/bookworm) <debian-release@lists.debian.org>
Source49:       debian-release-12-F8D2585B8783D481.asc

#pub   rsa4096/8A49EB0325DB7AE0 2023-05-10 [SC] [verfällt: 2027-05-09]
#      F044C2C507A1262B538AAADD8A49EB0325DB7AE0
#uid              openSUSE:Backports OBS Project <openSUSE:Backports@build.opensuse.org>
Source50:       packagehub-gpg-pubkey-8A49EB0325DB7AE0.asc

#pub   rsa4096 2022-12-08 [SC]
#      B21C50FA44A99720EAA72F7FE951904AD832C631
#uid           Amazon Linux <amazon-linux@amazon.com>
Source51:       RPM-GPG-KEY-amazon-linux-2023

#pub   rsa2048 2017-04-10 [SC] [caduca: 2031-04-07]
#      54C3 DD61 0D9D 1B4A F82A  3775 8738 CD6B 956F 460C
#uid                      Raspberry Pi Downloads Signing Key
#sub   rsa2048 2017-04-10 [E] [caduca: 2031-04-07]
Source52:       raspberrypi_downloads.gpg.key

#pub   rsa2048 2012-04-01 [SC]
#      A0DA 38D0 D76E 8B5D 6388  7281 9165 938D 90FD DD2E
#uid                      Mike Thompson (Raspberry Pi Debian armhf ARMv6+VFP) <mpthompson@gmail.com>
#sub   rsa2048 2012-04-01 [E]
Source53:       raspbian.public.key

#pub   rsa4096/0x2AE81E8ACED7258B 2023-10-10 [SC]
#      BC5E DDCA DF50 2C07 7F15  8288 2AE8 1E8A CED7 258B
#uid                      AlmaLinux OS 8 <packager@almalinux.org>
Source54:   RPM-GPG-KEY-AlmaLinux-8

# pub  1024D/B37B98A9 2005-05-11 SUSE PTF Signing Key <support@suse.com>
# SUSE supplied PTF (program temporary fixes) are signed by this key.
# supplied to be not imported by default
Source98:       suse_ptf_key_old-B37B98A9.asc

#pub   rsa2048 2022-02-25 [SC] [verfällt: 2026-02-24]
#      1604494D38DA2FA7AA2697AE46DFA05C6F5DA62B
#uid           SUSE PTF Signing Key <support@suse.com>
Source99:       suse_ptf_key-6F5DA62B.asc

#pub   rsa4096/0x09461C70AF5425F7 2023-01-19 [SC] [expires: 2027-01-18]
#      Key fingerprint = 6D6C 8072 BF35 2152 3062  D823 0946 1C70 AF54 25F7
#uid                             SUSE PTF Signing Key <support@suse.com>
Source100:      suse_ptf_key_2023.asc

Source101:      uyuni-build-keys.conf

BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch

%define pubring  var/lib/spacewalk/gpgdir/pubring.gpg
%define susering %{_prefix}/lib/uyuni/uyuni-build-keys.gpg

%if 0%{?rhel}
PreReq:         gpg
PreReq:         (coreutils or coreutils-single)
%else
PreReq:         fileutils
PreReq:         gpg
PreReq:         mktemp
PreReq:         sh-utils
%endif

%description
This package contains the gpg keys that are used to sign the
SUSE and opeSUSE rpm packages. The keys installed here are not
actually used by anything. rpm/zypper use the keys in the rpm
db instead.

%package web
Summary:        The public gpg keys for bootstrap use
Group:          System/Packages
Requires:       %{name} = %{version}-%{release}
Requires:       %{apache_name}
Provides:       susemanager-build-keys-web = %{susemanager_build_keys_version}

%description web
This package contains the gpg keys that are used to sign the
SUSE and openSUSE rpm packages. These keys are installed in
the web enviroment to be used in a bootstrap script.

%prep
%setup -qcT

%build
gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true
# no kidding... gpg won't initialize correctly without being called twice.
gpg < /dev/null > /dev/null 2>&1 || true
gpg < /dev/null > /dev/null 2>&1 || true
# Since gpg2 version 2.4.1 keyboxd is used by default in fresh installs.
# This is controlled by having the option use-keyboxd in common.conf file.
# To force the use of the keyring, we need to remove that option
if [ -f /home/abuild/.gnupg/common.conf ];then
  sed -e "s/use-keyboxd//g" -i /home/abuild/.gnupg/common.conf
fi

touch uyuni-build-keys.gpg
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE2}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE3}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE4}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE5}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE6}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE7}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE8}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE9}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE10}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE11}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE12}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE13}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE14}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE15}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE16}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE17}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE18}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE19}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE20}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE21}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE22}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE23}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE24}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE25}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE26}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE27}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE28}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE29}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE30}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE31}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE32}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE33}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE34}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE35}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE36}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE37}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE38}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE39}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE40}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE41}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE42}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE43}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE44}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE45}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE46}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE47}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE48}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE49}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE50}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE51}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE52}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE53}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE54}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE98}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE99}
gpg --no-default-keyring --keyring ./uyuni-build-keys.gpg --import %{SOURCE100}

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/%{_prefix}/lib/uyuni/
mkdir -p $RPM_BUILD_ROOT/var/lib/spacewalk/gpgdir
install uyuni-build-keys.gpg $RPM_BUILD_ROOT/%{susering}
touch $RPM_BUILD_ROOT/%{pubring}
touch $RPM_BUILD_ROOT/%{pubring}~

mkdir -p $RPM_BUILD_ROOT%{gpgdirroot}/
install %{SOURCE2}  $RPM_BUILD_ROOT%{gpgdirroot}/sle12-gpg-pubkey-39db7c82.key
install %{SOURCE3}  $RPM_BUILD_ROOT%{gpgdirroot}/sle12-reserve-gpg-pubkey-50a3dd1c.key
install %{SOURCE4}  $RPM_BUILD_ROOT%{gpgdirroot}/sle11-gpg-pubkey-307e3d54.key
install %{SOURCE5}  $RPM_BUILD_ROOT%{gpgdirroot}/sle10-gpg-pubkey-9c800aca.key
install %{SOURCE6}  $RPM_BUILD_ROOT%{gpgdirroot}/res-gpg-pubkey-0182b964.key
install %{SOURCE7}  $RPM_BUILD_ROOT%{gpgdirroot}/opensuse-gpg-pubkey-3dbdc284.key
install %{SOURCE8}  $RPM_BUILD_ROOT%{gpgdirroot}/uyuni-gpg-pubkey-0d20833e.key
install %{SOURCE9}  $RPM_BUILD_ROOT%{gpgdirroot}/centos6-gpg-pubkey-c105b9de.key
install %{SOURCE10} $RPM_BUILD_ROOT%{gpgdirroot}/centos7-gpg-pubkey-f4a80eb5.key
install %{SOURCE11} $RPM_BUILD_ROOT%{gpgdirroot}/ubuntu-gpg-pubkey-3B4FE6ACC0B21F32.key
install %{SOURCE12} $RPM_BUILD_ROOT%{gpgdirroot}/ubuntu-gpg-pubkey-871920D1991BC93C.key
install %{SOURCE13} $RPM_BUILD_ROOT%{gpgdirroot}/ol67-gpg-pubkey-72F97B74EC551F03.key
install %{SOURCE14} $RPM_BUILD_ROOT%{gpgdirroot}/ol8-gpg-pubkey-82562EA9AD986DA3.key
install %{SOURCE15} $RPM_BUILD_ROOT%{gpgdirroot}/oes-gpg-pubkey-044ADAEE04881839.key
install %{SOURCE16} $RPM_BUILD_ROOT%{gpgdirroot}/oes-gpg-pubkey-57DA9A6804A29DB0.key
install %{SOURCE17} $RPM_BUILD_ROOT%{gpgdirroot}/centos8-gpg-pubkey-05B555B38483C65D.key
install %{SOURCE18} $RPM_BUILD_ROOT%{gpgdirroot}/packagehub-gpg-pubkey-65176565.key
install %{SOURCE19} $RPM_BUILD_ROOT%{gpgdirroot}/sle-container-gpg-pubkey-d4ade9c3.key
install %{SOURCE20} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-AA8E81B4331F7F50.key
install %{SOURCE21} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-AA8E81B4331F7F50.key
install %{SOURCE22} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-EF0F382A1A7B6500.key
install %{SOURCE23} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-648ACFD622F3D138.key
install %{SOURCE24} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-112695A0E562B32A.key
install %{SOURCE25} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-DCC9EFBF77E11517.key
install %{SOURCE26} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-7638D0442B90D010.key
install %{SOURCE27} $RPM_BUILD_ROOT%{gpgdirroot}/aliyunlinux2-gpg-pubkey-EFD752E7E232ED87.key
install %{SOURCE28} $RPM_BUILD_ROOT%{gpgdirroot}/amazonlinux2-gpg-pubkey-8312182E7F8CF5ED.key
install %{SOURCE29} $RPM_BUILD_ROOT%{gpgdirroot}/almalinux8-gpg-pubkey-488FCF7C3ABB34F8.key
install %{SOURCE30} $RPM_BUILD_ROOT%{gpgdirroot}/gpg-pubkey-d78c6b69-5fc7b9e7.key
install %{SOURCE31} $RPM_BUILD_ROOT%{gpgdirroot}/rockylinux8-gpg-pubkey-15AF5DAC6D745A60.key
install %{SOURCE32} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-A48449044AAD5C5D.key
install %{SOURCE33} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-73A4F27B8DD47936.key
install %{SOURCE34} $RPM_BUILD_ROOT%{gpgdirroot}/debian-gpg-pubkey-605C66F00D6C9793.key
install %{SOURCE35} $RPM_BUILD_ROOT%{gpgdirroot}/openeuler-gpg-pubkey-D557065EB25E7F66.key
install %{SOURCE36} $RPM_BUILD_ROOT%{gpgdirroot}/almalinux9-gpg-pubkey-D36CB86CB86B3716.key
install %{SOURCE37} $RPM_BUILD_ROOT%{gpgdirroot}/oracle-gpg-pubkey-BC4D06A08D8B756F.key
install %{SOURCE38} $RPM_BUILD_ROOT%{gpgdirroot}/oracle-gpg-pubkey-A7DD07088B4EFBE6.key
install %{SOURCE39} $RPM_BUILD_ROOT%{gpgdirroot}/redhat-release-gpg-pubkey-199E2F91FD431D51.key
install %{SOURCE40} $RPM_BUILD_ROOT%{gpgdirroot}/redhat-auxiliary-gpg-pubkey-5054E4A45A6340B3.key
install %{SOURCE41} $RPM_BUILD_ROOT%{gpgdirroot}/rockylinux9-gpg-pubkey-702D426D350D275D.key
install %{SOURCE42} $RPM_BUILD_ROOT%{gpgdirroot}/build-addon-97A636DB0BAD8ECC.key
install %{SOURCE43} $RPM_BUILD_ROOT%{gpgdirroot}/suse-liberty-v2-gpg-pubkey-177086FAB0F9C64F.key
install %{SOURCE44} $RPM_BUILD_ROOT%{gpgdirroot}/sle15-reserve-gpg-pubkey-d588dc46.key
install %{SOURCE45} $RPM_BUILD_ROOT%{gpgdirroot}/sle15-gpg-pubkey-3fa1d6ce.key
install %{SOURCE46} $RPM_BUILD_ROOT%{gpgdirroot}/opensuse-gpg-pubkey-29b700a4.key
install %{SOURCE47} $RPM_BUILD_ROOT%{gpgdirroot}/debian-archive-key-12-security-254CF3B5AEC0A8F0.key
install %{SOURCE48} $RPM_BUILD_ROOT%{gpgdirroot}/debian-archive-key-12-B7C5D7D6350947F8.key
install %{SOURCE49} $RPM_BUILD_ROOT%{gpgdirroot}/debian-release-12-F8D2585B8783D481.key
install %{SOURCE50} $RPM_BUILD_ROOT%{gpgdirroot}/packagehub-gpg-pubkey-8A49EB0325DB7AE0.key
install %{SOURCE51} $RPM_BUILD_ROOT%{gpgdirroot}/amazonlinux2023-gpg-pubkey-E951904AD832C631.key
install %{SOURCE52} $RPM_BUILD_ROOT%{gpgdirroot}/raspberrypi_downloads.gpg.key
install %{SOURCE53} $RPM_BUILD_ROOT%{gpgdirroot}/raspbian.public.key
install %{SOURCE54} $RPM_BUILD_ROOT%{gpgdirroot}/almalinux8-gpg-pubkey-2AE81E8ACED7258B.key

install %{SOURCE98} $RPM_BUILD_ROOT%{gpgdirroot}/ptf-gpg-pubkey-b37b98a9.key # old ptf key
install %{SOURCE99} $RPM_BUILD_ROOT%{gpgdirroot}/ptf-gpg-pubkey-6f5da62b.key # new ptf key
install %{SOURCE100} $RPM_BUILD_ROOT%{gpgdirroot}/ptf-gpg-pubkey-af5425f7.key # 2023 rsa 4k ptf key

mkdir -p $RPM_BUILD_ROOT/etc/%{apache_name}/conf.d/
install %{SOURCE101} $RPM_BUILD_ROOT/etc/%{apache_name}/conf.d/uyuni-build-keys.conf

# install some keys in the salt FS structure to be able to deploy them to clients
mkdir -p $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/

install $RPM_BUILD_ROOT%{gpgdirroot}/res-gpg-pubkey-0182b964.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/res-gpg-pubkey-0182b964.key
install $RPM_BUILD_ROOT%{gpgdirroot}/sle12-gpg-pubkey-39db7c82.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/el-tools-gpg-pubkey-39db7c82.key
install $RPM_BUILD_ROOT%{gpgdirroot}/sle11-gpg-pubkey-307e3d54.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/el6-tools-gpg-pubkey-307e3d54.key
install $RPM_BUILD_ROOT%{gpgdirroot}/uyuni-gpg-pubkey-0d20833e.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/uyuni-tools-gpg-pubkey-0d20833e.key
install $RPM_BUILD_ROOT%{gpgdirroot}/build-addon-97A636DB0BAD8ECC.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/build-addon-97A636DB0BAD8ECC.key
install $RPM_BUILD_ROOT%{gpgdirroot}/suse-liberty-v2-gpg-pubkey-177086FAB0F9C64F.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/suse-liberty-v2-gpg-pubkey-177086FAB0F9C64F.key

# new ptf key not used yet via salt, but maybe needed when we release PTFs for 3rd party OSes
install $RPM_BUILD_ROOT%{gpgdirroot}/ptf-gpg-pubkey-6f5da62b.key $RPM_BUILD_ROOT/usr/share/susemanager/salt/gpg/ptf-gpg-pubkey-6f5da62b.key

for i in $RPM_BUILD_ROOT%{gpgdirroot}/*key; do KEYFILE=$(basename $i); echo "RewriteRule ^/pub/$KEYFILE /gpg/$KEYFILE  [L,PT]" >> $RPM_BUILD_ROOT/etc/%{apache_name}/conf.d/uyuni-build-keys.conf; done;

%files
%defattr(644,root,root)
%attr(755,root,root) %dir %{_prefix}/lib/uyuni
%attr(755,root,root) %dir /var/lib/spacewalk/
%attr(755,root,root) %dir /var/lib/spacewalk/gpgdir
/%{susering}
%ghost /%{pubring}
%ghost /%{pubring}~

%post
if [ ! -f %{pubring} ]; then
    touch %{pubring}
fi
echo -n "importing Uyuni build key to rpm keyring... "
TF=`mktemp /tmp/gpg.XXXXXX`
if [ -z "$TF" ]; then
  echo "uyuni-build-keys::post: cannot make temporary file. Fatal error."
  exit 20
fi
if [ -z "$HOME" ]; then
  HOME=/root
  export HOME
fi
if [ ! -d "$HOME" ]; then
  mkdir "$HOME"
fi
gpg -q --batch --no-options < /dev/null > /dev/null 2>&1 || true
# no kidding... gpg won't initialize correctly without being called twice.
gpg < /dev/null > /dev/null 2>&1 || true
gpg < /dev/null > /dev/null 2>&1 || true
gpg -q --batch --no-options --no-default-keyring --no-permission-warning \
         --keyring %{susering}    --export -a > $TF
a="$?"
gpg -q --batch --no-options --no-default-keyring --no-permission-warning \
         --keyring %{pubring}   --import < $TF
b="$?"
rm -f "$TF"
if [ "$a" = 0 -a "$b" = 0 ]; then
    echo "done."
else
    echo "importing the key from the file %{susering}"
    echo "returned an error. This should not happen. It may not be possible"
    echo "to properly verify the authenticity of rpm packages from SUSE sources."
    echo "The keyring containing the SUSE rpm package signing key can be found"
    echo "in the root directory of the first CD (DVD) of your SUSE product."
    exit -1
fi

# we need to trust them, otherwise the verify will fail
echo -n "Trusting Uyuni build keys... "
TF=`mktemp /tmp/gpg.XXXXXX`
if [ -z "$TF" ]; then
  echo "uyuni-build-keys::post: cannot make temporary file. Fatal error."
  exit 20
fi
gpg -q --batch --no-options --no-default-keyring --no-permission-warning \
    --keyring %{susering} --list-keys --with-fingerprint \
    --with-colons | grep fpr | awk -F: '{printf("%s:6:\n", $10);}' > $TF
c="$?"
gpg -q --batch --no-default-keyring --no-permission-warning \
    --homedir /var/lib/spacewalk/gpgdir/ --import-ownertrust < $TF
d="$?"
rm -f "$TF"
if [ "$c" = 0 -a "$d" = 0 ]; then
    echo "done."
else
    echo "trusting the key from the file %{susering}"
    echo "returned an error. This should not happen. It may not be possible"
    echo "to properly sync repositories using spacewalk-repo-sync."
    exit -1
fi

%files web
%defattr(644,root,root)
%dir  %{gpgdirroot}
%dir /usr/share/susemanager/
%dir /usr/share/susemanager/salt/
%dir /etc/%{apache_name}
%dir /etc/%{apache_name}/conf.d
/usr/share/susemanager/salt/gpg
%{gpgdirroot}/*.key
/etc/%{apache_name}/conf.d/uyuni-build-keys.conf

%changelog
* Tue Jan 30 2024 Cédric Bosdonnat <cbosdonnat@suse.com>
- Only uyuni-build-keys-web requires apache2
* Thu Jan 18 2024 Thomas Florio <thomas.florio@suse.com>
- Version 2024.01.1
  * Add new Almalinux 8 GPG Key (bsc#1218849)
- Added:
  * RPM-GPG-KEY-AlmaLinux-8
* Thu Jan 18 2024 Jordi Massaguer <jmassaguerpla@suse.com>
- Version 2024.01
  * Fix build to not use keyboxd by default or the susemanager keyring
    won't contain the gpg keys. Since gpg2 version 2.4.1 keyboxd is
    used by default in fresh installs. So, no keyrings are used at all
    there and all keys are maintained by the keyboxd process in its
    own database.
* Mon Dec 18 2023 Jordi Massaguer <jmassaguerpla@suse.com>
- Refresh extended Uyuni GPG public key
  * Modified: gpg-pubkey-0d20833e.asc
* Fri Dec  1 2023 Raúl Osuna <rosuna@suse.com>
- Version 2023.12
  * Add Raspberry Pi OS 12 GPG keys
* Mon Nov  6 2023 Julio González Gil <jgonzalez@suse.com>
- Version 2023.11
  * Add Amazon Linux 2023 GPG keys
* Wed Aug 23 2023 Stefan Bluhm <suse.com@bluhm-de.com>
- Parameterised Apache webserver name.
* Fri Aug  4 2023 Michele Bussolotto <michele.bussolotto@suse.com>
- Improve package to be more reliable in uyuni container
  * move files owned by the package from /srv/www/htdocs/pub to
    /usr/share/susemanager/gpg, in order to be stored in a no-persistent
    folder and prevent upgrade issues
  * create Rewrite rule for backward compatibility and prevent dangling links
    + Added: uyuni-build-keys.conf
* Thu Jun 15 2023 Michael Calmer <mc@suse.com>
- Version 2023.04.1
  * add Debian 12 (bookworm) GPG keys (bsc#1212363
    + Added:
    debian-archive-key-12-security-254CF3B5AEC0A8F0.asc
    debian-archive-key-12-B7C5D7D6350947F8.asc
    debian-release-12-F8D2585B8783D481.asc
  * add new 4096 bit RSA package hub key
    + Added: packagehub-gpg-pubkey-8A49EB0325DB7AE0.asc
* Tue Apr 18 2023 Michael Calmer <mc@suse.com>
- Version 2023.04
  * add new 4096 bit RSA openSUSE build key gpg-pubkey-29b700a4.asc
* Tue Feb 28 2023 Marcus Meissner <meissner@suse.com>
- Version 2023.03 (jsc#PED-2777):
  * add new 4096 bit RSA build key gpg-pubkey-3fa1d6ce-63c9481c.asc
  * add new 4096 bit RSA reserve build key gpg-pubkey-d588dc46-63c939db.asc
  * add new 4096 bit RSA PTF key suse_ptf_key_2023.asc
* Wed Jan  4 2023 Michael Calmer <mc@suse.com>
- Version 2023.01:
  * add SUSE Liberty v2 key
    + Added: RPM-GPG-KEY-SUSE-Liberty-v2
* Thu Nov  3 2022 Michael Calmer <mc@suse.com>
- rename and update old SUSE PTF key
  * Removed: gpg-pubkey-b37b98a9-5aaa951b.asc
  * Added:   suse_ptf_key_old-B37B98A9.asc
- add new SUSE PTF Key
  * Added: suse_ptf_key-6F5DA62B.asc
* Mon Oct 17 2022 Julio González Gil <jgonzalez@suse.com>
- Version 2022.11:
  * Add rpmlintrc configuration, so "W: backup-file-in-package" for
    the keyring is ignored. We do not ship backup files, but we own them
    because they are created each time gpg is called, and we want them
    removed if the package is removed
- Added:
  - uyuni-build-keys.rpmlintrc
* Fri Oct  7 2022 Julio González Gil <jgonzalez@suse.com>
- Version 2022.10:
  * Add key for SUSE product addons (required for SUSE Manager EL9 client tools)
- Added:
  * build-addon-0bad8ecc-632aff67.asc
* Wed Aug 31 2022 Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Add release and auxiliary GPG keys for RedHat
- Add keys for Rocky Linux 9
- Added:
  * RPM-GPG-KEY-redhat-release
  * RPM-GPG-KEY-redhat-auxiliary
  * RPM-GPG-KEY-Rocky-9
* Thu Jun 30 2022 Raúl Osuna <rosuna@suse.com>
- Version 2022.07
  * Add openEuler 22.03 key
  * Add AlmaLinux 9 key
  * Add Oracle Linux 9 keys
  * Install keys for Client Tools Channels in salt filesystem to
    be able to deploy them to clients
  * add compatible version to susemanager-build-keys provides
- Added:
  * RPM-GPG-KEY-openEuler
  * RPM-GPG-KEY-AlmaLinux-9
  * RPM-GPG-KEY-oracle
  * RPM-GPG-KEY-oracle-backup
* Sun Mar  6 2022 Stefan Bluhm <stefan.bluhm@clacee.eu>
- Prepare for Enterprise Linux 9 build.
* Fri Aug 27 2021 Alexander Graul <alexander.graul@suse.com>
- 2021.09
- Add Debian 11 keys
- Added:
  * debian-archive-key-11-security-A48449044AAD5C5D.asc
  * debian-archive-key-11-73A4F27B8DD47936.asc
  * debian-release-11-605C66F00D6C9793.asc
* Mon Jul 12 2021 Stefan Bluhm <stefan.bluhm@clacee.eu>
- Parameterised Apache document root.
- Added gawk requirement (as awk alternative)
* Mon Jul 12 2021 Julio González Gil <jgonzalez@suse.com>
- 2021.07
- Add Rocky Linux 8
- Added:
  * RPM-GPG-KEY-rockyofficial
* Fri Jun  4 2021 Julio González Gil <jgonzalez@suse.com>
- 2021.06
- Add SLE15SP3 Updates for openSUSE Leap 15.3 key (bsc#1186852)
- Added:
  * gpg-pubkey-d78c6b69-5fc7b9e7.asc
* Tue Mar 30 2021 Julio González Gil <jgonzalez@suse.com>
- 2021.04
- Add Alibaba Cloud Linux 2 key
- Add Amazon Linux 2 key
- Add AlmaLinux 8 key
- Added:
  * RPM-GPG-KEY-ALIYUN
  * RPM-GPG-KEY-amazon-linux-2
  * RPM-GPG-KEY-AlmaLinux
* Thu Jan 21 2021 Michael Calmer <mc@suse.com>
- 2021.01
- Add Debian 8 Archive Key - required to verify Debian 9 successfully
  (bsc#1181233)
  Added:
  * debian-archive-key-8-7638D0442B90D010.asc
* Wed Jan 20 2021 Michael Calmer <mc@suse.com>
- Add Debian 9 and Debian 10 keys
  Added:
  * debian-archive-key-10-648ACFD622F3D138.asc
  * debian-archive-key-10-security-112695A0E562B32A.asc
  * debian-release-10-DCC9EFBF77E11517.asc
  * debian-archive-key-9-04EE7237B7D453EC.asc
  * debian-archive-key-9-security-AA8E81B4331F7F50.asc
  * debian-release-9-EF0F382A1A7B6500.asc
* Thu Nov 26 2020 Julio González Gil <jgonzalez@suse.com>
- Version 2020.11
- suse build key extended (bsc#1176759)
  gpg-pubkey-39db7c82-5847eb1f.asc -> gpg-pubkey-39db7c82-5f68629b.asc
- Add the SUSE Container GPG key as "". (PM-1845 bsc#1170347)
  build-container-d4ade9c3-5a2e9669.asc
- Replace "SuSE" user-facing references with "SUSE"
- Trust PackageHub key (bsc#1175103)
  Added:
  * packagehub-gpg-pubkey-65176565.asc
* Thu Jun  4 2020 Michael Calmer <mc@suse.com>
- version 2020.06
- Trust new keys from supported products (bsc#1172269)
  Added:
  * RPM-GPG-KEY-oracle-ol-6-7
  * RPM-GPG-KEY-oracle-ol8
  * oes-gpg-pubkey-044ADAEE04881839.asc
  * oes-gpg-pubkey-57DA9A6804A29DB0.asc
  * ubuntu-archive-2018-871920D1991BC93C.asc
  * ubuntu-archive-2012-3B4FE6ACC0B21F32.asc
  * RPM-GPG-KEY-CentOS-6
  * RPM-GPG-KEY-CentOS-7
  * RPM-GPG-KEY-CentOS-Official
* Fri Dec 14 2018 jgonzalez@suse.com
- Update Uyuni GPG public key
- Remove:
  * gpg-pubkey-af990fe4.asc
- Add:
  * gpg-pubkey-0d20833e.asc
* Thu May 31 2018 jgonzalez@suse.com
- Add openSUSE and Uyuni keys
* Thu Apr  5 2018 fkobzik@suse.de
- Add awk to 'Requires' as it is needed by a post install script
  (bsc#1082370)
* Fri Mar 23 2018 mc@suse.com
- version 12.0.1
- remove "encoded import date" part from gpg key filenames provided
  in the pub directory
* Fri Mar 16 2018 meissner@suse.com
- refreshed the build@suse.de key for sle10 and sle11 (bsc#1085512)
- also refreshed the ptf key (bsc#1085512)
* Thu Dec  8 2016 meissner@suse.com
- refreshed the SUSE build key, which expires 2017-01-31,
  gpg-pubkey-39db7c82-5847eb1f.asc (bsc#1014151)
* Thu Feb 12 2015 mc@suse.de
- automatically trust all imported SUSE keys
* Wed Feb  4 2015 mc@suse.de
- initial version