From 4e3da347c3127c411b2e34995ad95e2d8318df22 Mon Sep 17 00:00:00 2001
From: Pino Toscano <ptoscano@redhat.com>
Date: Thu, 7 Dec 2023 15:18:51 +0100
Subject: [PATCH] fix: workaround newer gnupg & insights-core/insights-client

It looks like gnupg as available in Fedora 39 and newer does not
validate anymore signatures in case their key is not part of the current
keyring (which is what insights-client does).

Since the way both insights-core and insights-client validate GPG
signatures is being reworked/improved [1][2], add a crude workaround on
Fedora 39+.

[1] https://github.com/RedHatInsights/insights-core/pull/3930
[2] https://github.com/RedHatInsights/insights-client/pull/154

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
---
 systemtest/tests/integration/test.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/systemtest/tests/integration/test.sh b/systemtest/tests/integration/test.sh
index 2f6e4170..eedba697 100755
--- a/systemtest/tests/integration/test.sh
+++ b/systemtest/tests/integration/test.sh
@@ -2,6 +2,17 @@
 set -eu
 set -x
 
+. /etc/os-release
+if test "${ID}" = fedora -a ${VERSION_ID} -ge 39; then
+  # HACK
+  # on newer gnupg import the key to the local keyring; this will be solved
+  # once both insights-core and insights-client are fixed to not rely on
+  # root's .gnupg directory:
+  # - https://github.com/RedHatInsights/insights-core/pull/3930
+  # - https://github.com/RedHatInsights/insights-client/pull/154
+  gpg --import /etc/insights-client/redhattools.pub.gpg
+fi
+
 # get to project root
 cd ../../../