build: test signing on fedora 34 and 36

acceptance_test.go

@@ -259,9 +259,9 @@ func TestDebSpecific(t *testing.T) {
 	}
 }
 
-func TestRPMCentosSign(t *testing.T) {
 	t.Parallel()
-	for _, os := range []string{"centos9", "centos8"} {
+func TestRPMSign(t *testing.T) {
+	for _, os := range []string{"centos9", "centos8", "fedora34", "fedora36"} {
 		os := os
 		t.Run(fmt.Sprintf("rpm/amd64/sign/%s", os), func(t *testing.T) {
 			t.Parallel()

testdata/acceptance/rpm_fedora34.dockerfile

@@ -0,0 +1,22 @@
+FROM fedora:34 AS test_base
+ARG package
+RUN echo "${package}"
+COPY ${package} /tmp/foo.rpm
+
+# ---- signed test ----
+FROM test_base AS signed
+COPY keys/pubkey.asc /tmp/pubkey.asc
+RUN rpm --import /tmp/pubkey.asc
+RUN rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
+RUN rpm -K /tmp/foo.rpm
+RUN rpm -K /tmp/foo.rpm | grep -E "(?:pgp|digests signatures) OK"
+RUN rpm -vK /tmp/foo.rpm
+RUN rpm -vK /tmp/foo.rpm | grep "RSA/SHA256 Signature, key ID 15bd80b3: OK"
+
+# Test with a repo
+RUN yum install -y createrepo yum-utils
+RUN rm -rf /etc/yum.repos.d/*.repo
+COPY keys/test.rpm.repo /etc/yum.repos.d/test.rpm.repo
+RUN createrepo /tmp
+RUN yum install -y foo
+

testdata/acceptance/rpm_fedora36.dockerfile

@@ -0,0 +1,22 @@
+FROM fedora:36 AS test_base
+ARG package
+RUN echo "${package}"
+COPY ${package} /tmp/foo.rpm
+
+# ---- signed test ----
+FROM test_base AS signed
+COPY keys/pubkey.asc /tmp/pubkey.asc
+RUN rpm --import /tmp/pubkey.asc
+RUN rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
+RUN rpm -K /tmp/foo.rpm
+RUN rpm -K /tmp/foo.rpm | grep -E "(?:pgp|digests signatures) OK"
+RUN rpm -vK /tmp/foo.rpm
+RUN rpm -vK /tmp/foo.rpm | grep "RSA/SHA256 Signature, key ID 15bd80b3: OK"
+
+# Test with a repo
+RUN yum install -y createrepo yum-utils
+RUN rm -rf /etc/yum.repos.d/*.repo
+COPY keys/test.rpm.repo /etc/yum.repos.d/test.rpm.repo
+RUN createrepo /tmp
+RUN yum install -y foo
+