Skip to content

fix: add missing script for make target konflux-rpm-lock #1111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
raptorsun wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: add missing script for make target konflux-rpm-lock #1111

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions scripts/generate-rpm-lock.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
#!/bin/bash

# Default values for command-line arguments
BASE_IMAGE="registry.redhat.io/rhai/base-image-cpu-rhel9:3.2"
INPUT_FILE="rpms.in.yaml"
OUTPUT_FILE="rpms.lock.yaml"

usage() {
echo "Usage: $0 [-i BASE_IMAGE] [-f INPUT_FILE] [-o OUTPUT_FILE]"
echo ""
echo "Options:"
echo " -i BASE_IMAGE Base container image (default: $BASE_IMAGE)"
echo " -f INPUT_FILE Input RPM specification file (default: $INPUT_FILE)"
echo " -o OUTPUT_FILE Output lock file (default: $OUTPUT_FILE)"
echo " -h Show this help message"
exit 1
}


while getopts "i:f:o:h" opt; do
case $opt in
i) BASE_IMAGE="$OPTARG" ;;
f) INPUT_FILE="$OPTARG" ;;
o) OUTPUT_FILE="$OPTARG" ;;
h) usage ;;
*) usage ;;
esac
done

echo "Using BASE_IMAGE: $BASE_IMAGE"
echo "Using INPUT_FILE: $INPUT_FILE"
echo "Using OUTPUT_FILE: $OUTPUT_FILE"

# check subscription status
if ! sudo subscription-manager status; then
echo "Failed to check subscription status, please register the system to Red Hat by using the following command:"
echo "subscription-manager register --org=ORG ID --activationkey="AK1,AK2,AK3""
echo "and then run the script again"
exit 1
fi
Comment on lines +34 to +40
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Fix exit-code check pattern and broken quoting in guidance message (pipeline: SC2181, SC2140).

Two issues flagged by the ShellCheck pipeline:

  1. Line 36 (SC2181): Check exit code directly instead of capturing $?.
  2. Line 38 (SC2140): The nested double quotes around AK1,AK2,AK3 are not escaped — the shell interprets "...activationkey="AK1,AK2,AK3"" as three tokens, producing incorrect output and leaving part of the string subject to globbing.
Proposed fix 
 # check subscription status
-sudo subscription-manager status
-if [ $? -ne 0 ]; then
+if ! sudo subscription-manager status; then
     echo "Failed to check subscription status, please register the system to Red Hat by using the following command:"
-    echo "subscription-manager register --org=ORG ID  --activationkey="AK1,AK2,AK3""
+    echo 'subscription-manager register --org=<ORG_ID> --activationkey=<AK1,AK2,AK3>'
     echo "and then run the script again"
     exit 1
 fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# check subscription status
sudo subscription-manager status
if [ $? -ne 0 ]; then
echo "Failed to check subscription status, please register the system to Red Hat by using the following command:"
echo "subscription-manager register --org=ORG ID --activationkey="AK1,AK2,AK3""
echo "and then run the script again"
exit 1
fi
# check subscription status
if ! sudo subscription-manager status; then
echo "Failed to check subscription status, please register the system to Red Hat by using the following command:"
echo 'subscription-manager register --org=<ORG_ID> --activationkey=<AK1,AK2,AK3>'
echo "and then run the script again"
exit 1
fi
🧰 Tools
🪛 GitHub Actions: Shell check

[warning] 36-36: SC2181: Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?.

[warning] 38-38: SC2140: Word is of the form "A"B"C". Consider using ABC or escaping quotes.

🤖 Prompt for AI Agents 
In `@scripts/generate-rpm-lock.sh` around lines 34 - 41, Replace the current
exit-code check and broken quoting by testing the command directly (use if !
subscription-manager status; then ...) instead of checking $?, and fix the
guidance echo to avoid unescaped nested double quotes (for example use single
quotes around the whole message or escape inner quotes) so the line reads like:
echo 'subscription-manager register --org=ORG_ID --activationkey="AK1,AK2,AK3"';
keep references to subscription-manager status and the guidance echo lines to
locate the change.

echo "Subscription status is OK"

# find the entitlement certificate and key
DNF_VAR_SSL_CLIENT_KEY=$(find /etc/pki/entitlement -type f -name "*key.pem" | head -1)
export DNF_VAR_SSL_CLIENT_KEY
DNF_VAR_SSL_CLIENT_CERT="${DNF_VAR_SSL_CLIENT_KEY//-key/}"
export DNF_VAR_SSL_CLIENT_CERT

rpm-lockfile-prototype --image "$BASE_IMAGE" --outfile "$OUTPUT_FILE" "$INPUT_FILE"
Loading