The RPM packages quality control tool
Project description
rpmqc
The RPM packages quality control tool.
Ideologically, rpmqc is similar to rpmlint, but they solve slightly different tasks: rpmlint is an awesome tool for checking an RPM package for common errors (a packager's tool), while rpmqc is designed to quickly check an entire repository/compose for typical release manager's errors like missing signatures or wrong branding.
Install
All requirements are available from Fedora or EL 8/9 + EPEL repositories:
# EL 9 derivatives
$ sudo dnf install -y --enablerepo=epel python3-createrepo_c \
python3-cryptography python3-rpm python3-schema python3-pyyaml \
python3-virtualenv
Currently, there is no RPM package available, so the recommended way is to install rpmqc from PyPI using a virtual environment:
$ mkdir rpmqc
$ cd rpmqc
$ virtualenv --system-site-packages .venv
$ . .venv/bin/activate
$ pip install rpmqc
$ rpmqc --version
rpmqc 0.0.4
optionally, you can create an rpmqc alias in your ~/.bashrc:
# don't forget to adjust the path accordingly to your configuration
alias rpmqc="rpmqc/.venv/bin/rpmqc"
Configuration
The program expects a configuration file in YAML format:
---
package:
signatures:
# expected RPM package signature PGP key id
pgp_key_id: 8BDA73A4
# IMA signature public certificate path
ima_cert_path: ~/.vault/ima-sign.x509
tags:
# expected RPM tag values, regular expressions are also supported
buildhost: !regex ^builder-(x86|arm64)-\d+\.msvsphere-os\.ru$
packager: MSVSphere
vendor: MSVSphere
...
all inspections are optional and will be performed if a corresponding configuration file option is set.
Usage
Currently, rpmqc supports only two modes: single (or multiple) RPM packages
checking (inspect-rpm) and an entire repository checking (inspect-repo).
For usage instructions see rpmqc inspect-rpm --help and
rpmqc inspect-repo --help, respectively.
License
rpmqc is available under the terms of the GNU General Public License v2.0, or (at your option) any later version of the license.
References
- The Test Anything Protocol v14 specification
- The RPM Package Manager
- IMA Wiki
- rpmlint - a tool for checking common errors in RPM packages.
- rpminspect - an RPM build deviation analysis tool.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file rpmqc-0.0.4.tar.gz.
File metadata
- Download URL: rpmqc-0.0.4.tar.gz
- Upload date:
- Size: 18.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c9435d2ee342b35ac397a215a4634f2eae890a0cd1e4ae322cddfec4c3a507a3 |
|
| MD5 | 2ce54c2a69b52207fb0eb5f377060972 |
|
| BLAKE2b-256 | 125c1c49ffc16a462339e71bbd642c6f9608b16220b5c5223f30279770b59c51 |
File details
Details for the file rpmqc-0.0.4-py3-none-any.whl.
File metadata
- Download URL: rpmqc-0.0.4-py3-none-any.whl
- Upload date:
- Size: 20.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a247d02b322dccf16b55de71cd2c28ade27f90d26025f04473a3859a0cc0503c |
|
| MD5 | cae945de99909d20eb6022266c00c1c5 |
|
| BLAKE2b-256 | 96cd224347840be37577ee76d6f5ed44123d51b289897a440699321c74811066 |
