#1051793 simple-cdd: GNUPGHOME is not always passed correctly to gpg

Package:
simple-cdd
Source:
simple-cdd
Submitter:
Jonathan Hettwer (bauen1)
Date:
2023-09-12 16:21:03 UTC
Severity:
normal
#1051793#5
Date:
2023-09-12 16:17:34 UTC
From:
To:
Dear simple-cdd Authors and/or Maintainers,

When `GNUPGHOME` is not set, simple-cdd defaults it to `$PWD/tmp/gpg-keyring`, this is
done in <https://salsa.debian.org/debian/simple-cdd/-/blob/e94dd3303ef9c3ae6815bb3df76355613296cd40/build-simple-cdd#L165-167>.

However if `GNUPGHOME` is set internally like this, then it is not always passed along to all calls to `gpg` in <https://salsa.debian.org/debian/simple-cdd/-/blob/e94dd3303ef9c3ae6815bb3df76355613296cd40/simple_cdd/gnupg.py>.

For example running `simple-cdd` in a rootless podman container where only parts of my home directory are mounted in, leaving ~ as
a read-only empty directory.

Because `GNUPGHOME` is not passed a long in at least <https://salsa.debian.org/debian/simple-cdd/-/blob/e94dd3303ef9c3ae6815bb3df76355613296cd40/simple_cdd/gnupg.py#L82-88>, this results in the following error:

I suspect the same is also true for <https://salsa.debian.org/debian/simple-cdd/-/blob/e94dd3303ef9c3ae6815bb3df76355613296cd40/simple_cdd/gnupg.py#L40>.

Thanks a lot, Jonathan Hettwer (bauen1)