Implement flag/config falue for GPG provider

cmd/cmd.go

@@ -119,6 +119,7 @@ package environment to new version.`,
 	cmd.Flag.Bool("dep-verbose-resolve", false, "when processing dependencies, print detailed logs")
 	cmd.Flag.String("architectures", "", "list of architectures to consider during (comma-separated), default to all available")
 	cmd.Flag.String("config", "", "location of configuration file (default locations are /etc/aptly.conf, ~/.aptly.conf)")
+	cmd.Flag.String("gpg-provider", "", "PGP implementation (\"gpg\" for external gpg or \"internal\" for Go internal implementation)")
 
 	if aptly.EnableDebug {
 		cmd.Flag.String("cpuprofile", "", "write cpu profile to file")

man/aptly.1

@@ -46,6 +46,7 @@ Configuration file is stored in JSON format (default values shown below):
   "dependencyVerboseResolve": false,
   "gpgDisableSign": false,
   "gpgDisableVerify": false,
+  "gpgProvider": "gpg",
   "downloadSourcePackages": false,
   "skipLegacyPool": true,
   "ppaDistributorID": "ubuntu",
@@ -148,6 +149,10 @@ don\(cqt sign published repositories with gpg(1), also can be disabled on per\-r
 don\(cqt verify remote mirrors with gpg(1), also can be disabled on per\-mirror basis using \fB\-ignore\-signatures\fR flag when creating and updating mirrors
 .
 .TP
+\fBgpgProvider\fR
+implementation of PGP signing/validation \- \fBgpg\fR for external \fBgpg\fR utility or \fBinternal\fR to use Go internal implementation
+.
+.TP
 \fBdownloadSourcePackages\fR
 if enabled, all mirrors created would have flag set to download source packages; this setting could be controlled on per\-mirror basis with \fB\-with\-sources\fR flag
 .
@@ -427,6 +432,10 @@ when processing dependencies, follow Suggests
 \-\fBdep\-verbose\-resolve\fR=false
 when processing dependencies, print detailed logs
 .
+.TP
+\-\fBgpg\-provider\fR=
+PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
+.
 .SH "CREATE NEW MIRROR"
 \fBaptly\fR \fBmirror\fR \fBcreate\fR \fIname\fR \fIarchive url\fR \fIdistribution\fR [\fIcomponent1\fR \|\.\|\.\|\.]
 .
@@ -1984,4 +1993,3 @@ Clemens Rabe (https://github\.com/seeraven)
 TJ Merritt (https://github\.com/tjmerritt)
 .
 .IP "" 0
-

man/aptly.1.ronn.tmpl

@@ -38,6 +38,7 @@ Configuration file is stored in JSON format (default values shown below):
       "dependencyVerboseResolve": false,
       "gpgDisableSign": false,
       "gpgDisableVerify": false,
+      "gpgProvider": "gpg",
       "downloadSourcePackages": false,
       "skipLegacyPool": true,
       "ppaDistributorID": "ubuntu",
@@ -127,6 +128,10 @@ Options:
     don't verify remote mirrors with gpg(1), also can be disabled on
     per-mirror basis using `-ignore-signatures` flag when creating and updating mirrors
 
+  * `gpgProvider`:
+    implementation of PGP signing/validation - `gpg` for external `gpg` utility or
+    `internal` to use Go internal implementation
+
   * `downloadSourcePackages`:
     if enabled, all mirrors created would have flag set to download source packages;
     this setting could be controlled on per-mirror basis with `-with-sources` flag

system/t02_config/ConfigShowTest_gold

@@ -10,6 +10,7 @@
     "dependencyVerboseResolve": false,
     "gpgDisableSign": false,
     "gpgDisableVerify": false,
+    "gpgProvider": "gpg",
     "downloadSourcePackages": false,
     "skipLegacyPool": false,
     "ppaDistributorID": "ubuntu",

system/t02_config/CreateConfigTest_gold

@@ -10,6 +10,7 @@
   "dependencyVerboseResolve": false,
   "gpgDisableSign": false,
   "gpgDisableVerify": false,
+  "gpgProvider": "gpg",
   "downloadSourcePackages": false,
   "skipLegacyPool": true,
   "ppaDistributorID": "ubuntu",

system/t03_help/MainHelpTest_gold

@@ -19,4 +19,5 @@ Options:
   -dep-follow-source=false: when processing dependencies, follow from binary to Source packages
   -dep-follow-suggests=false: when processing dependencies, follow Suggests
   -dep-verbose-resolve=false: when processing dependencies, print detailed logs
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
 

system/t03_help/MainTest_gold

@@ -27,4 +27,5 @@ Options:
   -dep-follow-source=false: when processing dependencies, follow from binary to Source packages
   -dep-follow-suggests=false: when processing dependencies, follow Suggests
   -dep-verbose-resolve=false: when processing dependencies, print detailed logs
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
 ERROR: unable to parse command

system/t03_help/MirrorCreateHelpTest_gold

@@ -25,6 +25,7 @@ Options:
   -filter-with-deps=false: when filtering, include dependencies of matching packages as well
   -force-architectures=false: (only with architecture list) skip check that requested architectures are listed in Release file
   -force-components=false: (only with component list) skip check that requested components are listed in Release file
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
   -ignore-signatures=false: disable verification of Release file signatures
   -keyring=: gpg keyring to use when verifying Release file (could be specified multiple times)
   -with-sources=false: download source packages in addition to binary packages

system/t03_help/MirrorCreateTest_gold

@@ -16,6 +16,7 @@ Options:
   -filter-with-deps=false: when filtering, include dependencies of matching packages as well
   -force-architectures=false: (only with architecture list) skip check that requested architectures are listed in Release file
   -force-components=false: (only with component list) skip check that requested components are listed in Release file
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
   -ignore-signatures=false: disable verification of Release file signatures
   -keyring=: gpg keyring to use when verifying Release file (could be specified multiple times)
   -with-sources=false: download source packages in addition to binary packages

system/t03_help/MirrorHelpTest_gold

@@ -23,3 +23,4 @@ Options:
   -dep-follow-source=false: when processing dependencies, follow from binary to Source packages
   -dep-follow-suggests=false: when processing dependencies, follow Suggests
   -dep-verbose-resolve=false: when processing dependencies, print detailed logs
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)

system/t03_help/MirrorTest_gold

@@ -23,4 +23,5 @@ Options:
   -dep-follow-source=false: when processing dependencies, follow from binary to Source packages
   -dep-follow-suggests=false: when processing dependencies, follow Suggests
   -dep-verbose-resolve=false: when processing dependencies, print detailed logs
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
 ERROR: unable to parse command

system/t03_help/WrongFlagTest_gold

@@ -17,6 +17,7 @@ Options:
   -filter-with-deps=false: when filtering, include dependencies of matching packages as well
   -force-architectures=false: (only with architecture list) skip check that requested architectures are listed in Release file
   -force-components=false: (only with component list) skip check that requested components are listed in Release file
+  -gpg-provider="": PGP implementation ("gpg" for external gpg or "internal" for Go internal implementation)
   -ignore-signatures=false: disable verification of Release file signatures
   -keyring=: gpg keyring to use when verifying Release file (could be specified multiple times)
   -with-sources=false: download source packages in addition to binary packages

utils/config.go

@@ -19,6 +19,7 @@ type ConfigStructure struct { // nolint: aligncheck
 	DepVerboseResolve      bool                             `json:"dependencyVerboseResolve"`
 	GpgDisableSign         bool                             `json:"gpgDisableSign"`
 	GpgDisableVerify       bool                             `json:"gpgDisableVerify"`
+	GpgProvider            string                           `json:"gpgProvider"`
 	DownloadSourcePackages bool                             `json:"downloadSourcePackages"`
 	SkipLegacyPool         bool                             `json:"skipLegacyPool"`
 	PpaDistributorID       string                           `json:"ppaDistributorID"`
@@ -79,6 +80,7 @@ var Config = ConfigStructure{
 	DepFollowRecommends:    false,
 	DepFollowAllVariants:   false,
 	DepFollowSource:        false,
+	GpgProvider:            "gpg",
 	GpgDisableSign:         false,
 	GpgDisableVerify:       false,
 	DownloadSourcePackages: false,

utils/config_test.go

@@ -30,6 +30,7 @@ func (s *ConfigSuite) TestSaveConfig(c *C) {
 
 	s.config.RootDir = "/tmp/aptly"
 	s.config.DownloadConcurrency = 5
+	s.config.GpgProvider = "gpg"
 
 	s.config.FileSystemPublishRoots = map[string]FileSystemPublishRoot{"test": {
 		RootDir: "/opt/aptly-publish"}}
@@ -64,6 +65,7 @@ func (s *ConfigSuite) TestSaveConfig(c *C) {
 		"  \"dependencyVerboseResolve\": false,\n"+
 		"  \"gpgDisableSign\": false,\n"+
 		"  \"gpgDisableVerify\": false,\n"+
+		"  \"gpgProvider\": \"gpg\",\n"+
 		"  \"downloadSourcePackages\": false,\n"+
 		"  \"skipLegacyPool\": false,\n"+
 		"  \"ppaDistributorID\": \"\",\n"+