chore: 可以正常生成补丁包及回滚包及签名生效

2025-11-17 09:55:05 +08:00
parent 27f10afd78
commit a5a9bc091a
3 changed files with 16 additions and 9 deletions
--- a/scripts/patch_tools/install_patch_system.sh
+++ b/scripts/patch_tools/install_patch_system.sh
@@ -73,9 +73,11 @@ install_dependencies() {
    local dependencies=(
        "tar"
        "gzip"
+        "bzip2"
        "jq"
        "gpg"
        "bc"
+        "gnupg"
    )

    for dep in "${dependencies[@]}"; do
@@ -93,17 +95,21 @@ install_dependencies() {
    fi

    # 关键依赖
-    local keys_deps = " coreutils findutils util-linux "
+    local keys_deps=(
+        "coreutils"
+        "findutils"
+        "util-linux"
+    )
    
    if command -v apt-get >/dev/null 2>&1; then
        # Debian/Ubuntu
        $sudo_prefix apt-get update
-        $sudo_prefix apt-get install -y $keys_deps $(printf "%s " "${dependencies[@]}")
+        $sudo_prefix apt-get install -y $(printf "%s " "${keys_deps[@]}") $(printf "%s " "${dependencies[@]}")
    elif command -v yum >/dev/null 2>&1; then
        # CentOS/RHEL
-        $sudo_prefix yum install -y $keys_deps $(printf "%s " "${dependencies[@]}")
+        $sudo_prefix yum install -y $(printf "%s " "${keys_deps[@]}") $(printf "%s " "${dependencies[@]}")
    else
-        warn "无法自动安装依赖，请手动安装: $keys_deps $(printf "%s " "${dependencies[@]}")"
+        warn "无法自动安装依赖，请手动安装: $(printf "%s " "${keys_deps[@]}") $(printf "%s " "${dependencies[@]}")"
    fi
    
    # 安装GPG（用于签名验证）
--- a/scripts/patch_tools/patch_config.sh
+++ b/scripts/patch_tools/patch_config.sh
@@ -6,10 +6,10 @@
 # ==============================================================================

 # 基础配置
-PATCH_NAME="security-hotfix-2025"
+PATCH_NAME="upgrade-hotfix"
 PATCH_VERSION="1.0.0"
-PATCH_DESCRIPTION="紧急安全漏洞修复"
-PATCH_AUTHOR="企业DevOps团队"
+PATCH_DESCRIPTION="紧急升级修复"
+PATCH_AUTHOR="devops"
 PATCH_EMAIL="devops@aigc-quickapp.com"

 # ==============================================================================
@@ -103,7 +103,7 @@ PER_FILE_OPTIMIZATION=true  # 是否对每个文件单独压缩
 # ==============================================================================

 # 安全配置
-SIGNING_ENABLED=true  # 是否启用签名
+SIGNING_ENABLED=false  # 是否启用签名
 SIGNING_ALGORITHM="rsa"  # 签名算法，rsa, ecdsa
 PRIVATE_KEY="/etc/patch/keys/private.pem"  # 私钥文件路径
 PUBLIC_KEY="/etc/patch/keys/public.pem"  # 公钥文件路径
--- a/scripts/patch_tools/patch_generator.sh
+++ b/scripts/patch_tools/patch_generator.sh
@@ -687,7 +687,8 @@ sign_package() {
    info "开始签名补丁包"
    
    if command -v gpg >/dev/null 2>&1; then
-        if gpg --batch --yes --detach-sign \
+        if gpg --homedir "/etc/patch/keys" \
+            --batch --yes --detach-sign \
            --local-user "$PATCH_AUTHOR" \
            --output "${package_path}.sig" \
            "$package_path"; then