Manually adding/verifying gpg keys

lenovo-16arh7h/Containerfile

@@ -1,6 +1,14 @@
 FROM quay.io/fedora/fedora-silverblue:43
 
-RUN dnf5 install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \
+COPY gpg-keys/* /keys/
+
+RUN rpm --import \
+      /keys/public_key_proton.asc \
+      /keys/RPM-GPG-KEY-rpmfusion-free-fedora-2020 \
+      /keys/RPM-GPG-KEY-rpmfusion-nonfree-fedora-2020 \
+      /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-43-x86_64 && \
+    rm -rf /keys && \
+    dnf5 install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \
       https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm \
       https://repo.protonvpn.com/fedora-$(cat /etc/fedora-release | cut -d' ' -f 3)-stable/protonvpn-stable-release/protonvpn-stable-release-1.0.3-1.noarch.rpm && \
     dnf5 install -y \
@@ -39,9 +47,10 @@ RUN git clone https://github.com/johnfanv2/LenovoLegionLinux.git && \
     dkms build -m LenovoLegionLinux -v 1.0.0 -k $(rpm -qa kernel --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}') && \
     rm -rf LenovoLegionLinux
 
-# Cleanup image for linting
-RUN rm -rf /var && mkdir /var && \
-    rm -rf /boot && mkdir /boot
-
-# Verify image is good
-RUN bootc container lint --fatal-warnings --skip baseimage-composefs
+# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones manually imported above).
+# Any more than that means that dnf automatically added a new one, which is shady!
+# Then: cleanup image for linting
+# Finally: verify image is good
+RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \
+    rm -rf /var /boot && mkdir /var /boot && \
+    bootc container lint --fatal-warnings --skip baseimage-composefs

lenovo-16arh7h/gpg-keys/RPM-GPG-KEY-rpmfusion-free-fedora-2020

@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF2tu8EBEADnI6bmlE7ebLuYSBKJavk7gwX8L2S0lDwtmAFmNcxQ/tAhh5Gx
+2RKEneou12pSxav8MvbKOr4IpJLLmuoQMLYkbQRHovgVfDYdtvK9T8tZH51ACtnC
+KKr9SucnKhWpDk3/n/djV0I2qSesE6QcJVrh66bT/8nbyIFbbiYLOgE88YAX5Wdj
+TkgmYXJ54l1MP/3N64pFlmk6myYCrLh7cibFYLZOW2Xwfq6Go6HOpGn9Cazb+T6m
+LALkVPERu2QkcUhMqy/slD5tFFb7DW1gkwnYiu5PKwThW7laZgmw2yAgDV+JccdK
+D9ZHALmy9GyQ1ZjDptpa5BObE5vazbuAbSndoIqwaMxCrlqhIYdmqz4m/HJ9BaC0
+mRSkT6N9SqytZXFhu5/Ld6+/Ol3b+q28bnV64qQrDH6hgnrRdqCQpm8g7tZFuk5X
+JsB/A+EfI2kE6YXqWaGdEx0XcqOv97n6sRZNweOHX3vSM0eLwmM2dpgc7RvMfcqr
+73ylZ9CnWVUD6cl+wE8SnGnVVqYau2spZFzKVAcfi/Zwvh6wM7/83XC2mkIHmoFR
+OY5aDWFhoFZFgiHHnmDv6kACNmSHb/oYRkvwQ+JhAQu4I9CYw1sxaUDjwtt7a+4I
+mBZM8WuvAVLkqnF+MJetiL15/W834HjCNITV03t9593T6Z1Dxpfv4hy7YwARAQAB
+tFVSUE0gRnVzaW9uIGZyZWUgcmVwb3NpdG9yeSBmb3IgRmVkb3JhICgyMDIwKSA8
+cnBtZnVzaW9uLWJ1aWxkc3lzQGxpc3RzLnJwbWZ1c2lvbi5vcmc+iQJFBBMBCAAv
+FiEE6aSRo94keBTn4Gfq4G+OzdZR/y4FAl2tu8ECGwMECwkIBwMVCAoCHgECF4AA
+CgkQ4G+OzdZR/y4ZQhAAmF5A4XC9ymd94BFwsbbpCnx2YlfmsZwT1QzBu9njjkH7
+MC4THknYe2B/muE5dPu3NseZMzue1Ou4KbMz4wq82731prLRu+iHAxAxJ1qd8whA
+QGuRJAg8+YEXKhpwpD/8P/xJo9IRmPxPM+6mQVTlASv34CEIGff1vJr40tNiU53P
+PZq9SWD3/uG84PQRmGXetfF2K3NkXqzkvQSM68JZiYR2+wMkoO9f72B7LTBrfkwy
+RcFPA7kj65pysB+l2wez03Dh/MyA3LTusd9M6FGiSOUVpQZ+NUFipIisS3vh/Bgp
+zMsj1NSsMLjUDcX8stR8GfVgTxSgWwHTNl75XwTZpJOKMoj97kh9zzLwBhZ1W+xo
+8s2W7YqVnOUl8rPm7ZbOefGkamNg8bhqcyNIEbHqR5QZVzDBT2AxVcB6jsxSHf5b
+sb+KEJff4g6E4fWPA/IYdtJ7DItbVXnkAjqD7ADUh7Xq7pOgfC/4Cledf27x73m+
+sdBvKsEBrroAsX/v4z46mQApszkfjTUAXwj2lUT+ujoktJHXqR71jbY0+8JX6Fyw
+6ZW0emxR++bt9ksLcsNmjOQP9TmQpi2CW4Z+Ol2tlwtlnKAo6ecx4aacHKg+FYuQ
+HTJRq6E6GpCPn1avf1v797RM+3zzw9TYkadfVLIQQ4HYbYzienOgGGporclrtrQ=
+=oOVZ
+-----END PGP PUBLIC KEY BLOCK-----

lenovo-16arh7h/gpg-keys/RPM-GPG-KEY-rpmfusion-nonfree-fedora-2020

@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF2tvGQBEAC5Q2ePLZZafOkFhYHpGZdRRBCcCd+aiLATofFV8+FjPuPLL/3R
+7fx9RRukL+XKs6K9houj/oYVHmBY7II1mgeRzZHo6KygnM9ph3RKqQDse4TR9+VX
+rctsBRikNc7GViSoiPHLRAJeTrlwYRjPHYfF64nFtcPYfPIlGZkEG8mrHbTjkh36
+NAlqb3XC0cOSsKQV5f4Wn8fAUepYUkTxA74sVHLSDcBRj3fGfizkiHohy4OjNPij
+1VVvfUQXIGYwEDnrd3JF5c2o6B4MfH7h1aN+xG7GJTRswgjQtYUayUOySD5mdZ9u
+lUNfPrIAvwyTnc1IvoJUGlf8wSqz8NmjTHykUU+f6Dldb4JKNavnYaVlmDH4HfK+
+FVdAD/1pG/6HL94clf/g8LR3sQ0KU/UZJKbDA81n1X04OREfqdjr81U84iyKyb8S
++5nwYuJvxoe+wHg+iHAK0CXYel6V1GR51yka8+sETXyEjGvXksPMQDVPGIDzDfPr
+QVijtL3/1Pgkuz1ZvvXmuxD94uV2rBvjKl1NFSWNXId2J+vI5omllGHR3qskOHFa
+My9IQkbV4sMoycW/fP5xbwGhVi5q5Gjo7h6J7TIzyMf4gl6PJTp0AFhOZAMA/dXY
+nLDnw+qz+iq0B3I14JSLvgCH/uSUEMl5970+COK7wmPTU7I3Hq6PMbzvqQARAQAB
+tFhSUE0gRnVzaW9uIG5vbmZyZWUgcmVwb3NpdG9yeSBmb3IgRmVkb3JhICgyMDIw
+KSA8cnBtZnVzaW9uLWJ1aWxkc3lzQGxpc3RzLnJwbWZ1c2lvbi5vcmc+iQJFBBMB
+CAAvFiEEeb24j5u/c5EP1Albair5YZSEPGUFAl2tvGQCGwMECwkIBwMVCAoCHgEC
+F4AACgkQair5YZSEPGW0Ig/+NJf5+KzbRNuFvvGURQI7SYmYtFXkrW4n6rLPWeIV
+UHvd/ko74aMVds7hTWeC0cLpjRMSPuwp9xjqb6NvQaqcUK4IwHzlXocait2HzSl+
+h2jI3/wSQXqNkvNrgD3rkYZZZ/x7EBBTSTRUpFPq3yHA/BBXbZNEvFsXOmFAy5y+
+E5iYnfyjYKHWd0ZwIliWWtK+V5TU54WqHqKF5J2iIDgANkLXiyqx6+LJ6Ng0YfCQ
+fO7IMfwtgUt34AfrHWnq0S9BW0hmtPvcYjTtveQKCeGfdMcpRRJsOrvaDDKo1Wmr
+IcvGO2VwiF9i19ppghXOSy7q51wTlEqtj3PWYhmJYcRq8Jr1SqjGx73QhUPtsF67
+g3vjNEm8PE7pj7vg52BJlzkx6yU+hH5ZNBRM5ll4ZjiX+X7EzKa9so83uszuwoQA
+mScTwyyQDNeflnUwiSgZc7PEv1i0BYIHVK7VjmamhOWZRHaaYFCc//gcmu10TJLn
+ZCGF2ZDkAdUT6EoWBsT/QCgYSFggrjH9lgKqC5ON8+F5DO1RQe84irgz9jjE9+62
+kgQgWZ6F2RZm5/R28DHdAetji50XbnmXgAk/u9u2Hw2bVVJfJ0WpEVcPvA1L86SE
+8i8p1fmzljwRazZAksk5Zh2QfaM0jlMYHWbKpbXQcX19Uerm7D9IkciZvDAmgBYV
+S6Y=
+=rOqq
+-----END PGP PUBLIC KEY BLOCK-----

lenovo-16arh7h/gpg-keys/public_key_proton.asc

@@ -0,0 +1,41 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQGNBGi+rxgBDAC+6xUCguGVm1nOjkisdONBlVnFy2+8ArDNtuSBShJUaHutDobu
+75qLqVAdsrQeAbdLlLyoilz2Aj79tR6Xb5vnSVk4NZxoAqhsNFzqtrWvjbh7KjlV
+LVuwDS823mM4M7XIY6ywN6b6KRQHdAfIV4ClwUge8Fem3V5G+bJJ31D7EQUT6ZlM
+F/Vw3iYJoFEesgv3wyuBojKkf5Kd74otFrQcs2rY50dpb2MAJvZorAYFwTvknOaP
+Arx5Yfil7SDKtpvCclHLXSRh91K9XanBmd/macaA4hKMEDni3RUAQZqigMBTrm4/
++masSXnn9DxeMbElJ48CYXBXal2ZxrwoNMU7D4BP9Bv4eUT2qyYGq96LzowLXc9T
+4Kzsgpz2Em+0T48RA+WAhyv7c9crh/UlEL7aO/Nq+l89xJLae2PUsUaTl0Udp/cL
+OWZomRg7h2eqGHBTsKA0Gsj8IO4VfmnUCOM5gvortuVPCUsTWjla54xrUEAd/ZeR
+0gDEAgcJMjZOnqsAEQEAAbQtUHJvdG9uIFRlY2hub2xvZ2llcyBBRyA8b3BlbnNv
+dXJjZUBwcm90b24ubWU+iQHUBBMBCgA+FiEEe7KAiZbEfcnuzaR19+tksIwDSQ0F
+Ami+rxgCGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ9+tksIwD
+SQ0Wkwv+PoJv6ULhL1CF1NzNL7dgoP7lnYo4bNSL4xsLIt/lXCDECJ/O2bmpT8Ge
+7WTHHyZOzSwk/YZ7GJHpwIYkFp+xH1quFgDZekfqTXRWodmVqt2DGqKZ1hZ1K/53
+p7C3RMfbBVWcTt3uUKtCY1f0Hz0UhuaUQJMBy9KVPO9uFmzuY1JxWcZvNXubic70
+9HEs917mCqji1sPWuYfNHWYbwIPPPGdQFeqVW4LNxM5gbXBhxLju7JSvGnxwrY89
+ihzUHn9UaILxWQdAGFYDag9FY7LMCRE52qyfuTUvAYzBE/7ADQ1YlKk0nGrBzwJN
+wtXrLTUg/UVShS1fWmyzWpp4NDo+Rhq1B4210fnM/qYWOcPT7zhlZ532bmS4PE1w
+cB8Be8fsmwTeLJ6NQLgLvkWyLYnyyjhx951JLYlkBYm72uV5UOM1ATgl5iVT2TQc
+5RbL/wZeF2h3z16pKERrrko8qFaPxgcpHNyg0hBxGjInxCQhO+oFYbi18Jgow2j0
+gYhr3GDwuQGNBGi+rzsBDADEOpG2o1Tyeijc5aBwP8gjwAdV35usG7gC9dELbj5/
+PhBfh79P6DeruMYkWa/ugLjhaGNPMXh2TeXrUZiXWhx9WravbsYEPUKrSusTMsfx
+jIkMk2mEaS079LoR69YOUYxzx1Jamnn4LVdvUbP7r9uebXOgHzm1A6TJ7Ct3ccQs
+IdU+ATsFG3IWvp6AUd3iS5YGlaFgQNLYeNgnHlTNBr3+qvBv/iJH3oqtbfIasXTO
+bMaDsYKmcKZTxDZbD/jrIBRiALxRtFsl3aj0RBq6NKOLdoToq0iwwbFF3mz5fh7P
+78FJETGhlSE9JQkmSfLgu51nEQDpQQ7IvdzjOrmWBelNYO0lqfF07NwOd81bw5nJ
+zpp91On8V0ed2v/HmRs0Lyl/WFG7bVu3GN3lgIFGp75TCLJTA2NhanmF2DWPL0fw
+PAOJhdq77yOvtyHHzgCqDzDyw/Qzq+Dr6vdTggl76T9b3SIj+R4lSB0JydAJmcNd
+vB0PuapHBO+6sVmqodoA+3EAEQEAAYkBvAQYAQoAJhYhBHuygImWxH3J7s2kdffr
+ZLCMA0kNBQJovq87AhsMBQkDwmcAAAoJEPfrZLCMA0kNLMQL+gJXoTPZ3ARmIF66
+VplDWbr4yf4fB8d+nD+GkS+vS9kXTC+BF14UbeAUqNMMtTlrIZcXcWZK2p/OBnT5
+jF34jX0UZ6jVJDA8bOYYqP0qi2+6wxIQsk+IQ2F9GRvtrMeOwATb6wVmBh7p7+Vw
+No54dXTalDyk1zyRFQ+QtKHhJ0xgMH+XgJD6ZK4b5A4EAUXmsSi9jHc/CYRxOeOV
+CYOvlOR+yny59PtFb6Uv3tGAvxIxokhj2qnDa/U3HzYYcbyLWfsODDYut+rDJKsR
+Oj7AqKhaThPfXB9B4j/LJ1+qzyjEB4Y9/AXkwgTellH0Hj5gBvPxZH/y0vbtgQh2
+1HZaISFLTlrOfwgAv8Pid1ogSEgKusWsVivyDBOADuAoJgH5mx2HFFnfMy1nELTj
+O2LJfc86dONWq+aMs29fesvy9davt+Xrf8E3/0/oh24Nm8Ph9yn4AapDXWsrPsxv
+lDnYEizYx3ovWwrlDamoBLGLK70L43GKUd2udGC28TKmnvv5Jw==
+=07kr
+-----END PGP PUBLIC KEY BLOCK-----