From: "Robin H. Johnson" <robbat2@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/qa-scripts:master commit in: /
Date: Sat, 4 May 2019 03:22:26 +0000 (UTC) [thread overview]
Message-ID: <1556940135.daec48a7895d7a4b04d55ddf35397fb07b48f68b.robbat2@gentoo> (raw)
commit: daec48a7895d7a4b04d55ddf35397fb07b48f68b
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Sat May 4 03:22:15 2019 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Sat May 4 03:22:15 2019 +0000
URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=daec48a7
keyrings: prepare to flip to new scripts
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
create-dev-keyrings.bash | 5 +++++
keyrings-export-keys.gentoo.org.bash | 18 ++++++++++++++++++
keyrings-import-keys.gentoo.org.bash | 23 +++++++++++++++++++++++
keyrings-import-sks.bash | 23 +++++++++++++++++++++++
keyrings.inc.bash | 29 +++++++++++++++++++----------
5 files changed, 88 insertions(+), 10 deletions(-)
diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash
index 3f65550..f2772d8 100755
--- a/create-dev-keyrings.bash
+++ b/create-dev-keyrings.bash
@@ -11,6 +11,9 @@ source "${BASEDIR}"/keyrings.inc.bash
set -e
export_ldap_data_to_env
+export KEYSERVERS=( "${KS_SKS}" "${KS_GENTOO}" )
+export KEYSERVER_TIMEOUT=20m
+
grab_keys "${SYSTEM_KEYS[@]}"
export_keys "${OUTPUT_DIR}"/service-keys.gpg \
"${SYSTEM_KEYS[@]}"
@@ -39,6 +42,8 @@ export_keys "${OUTPUT_DIR}"/all-devs.gpg \
"${RETIRED_DEVS[@]}"
# Populate keys.gentoo.org with the keys we have, since they might have come from SKS
+export KEYSERVERS=( "${KS_GENTOO}" )
+export KEYSERVER_TIMEOUT=20m
push_keys "${SYSTEM_KEYS[@]}"
push_keys "${COMMITTING_DEVS[@]}"
push_keys "${NONCOMMITTING_DEVS[@]}"
diff --git a/keyrings-export-keys.gentoo.org.bash b/keyrings-export-keys.gentoo.org.bash
new file mode 100755
index 0000000..38a3478
--- /dev/null
+++ b/keyrings-export-keys.gentoo.org.bash
@@ -0,0 +1,18 @@
+#!/bin/bash
+# Export key updates to Keyservers: keys.gentoo.org
+
+OUTPUT_DIR=${1:-.}
+BASEDIR="$(dirname "$0")"
+source "${BASEDIR}"/keyrings.inc.bash
+
+set -e
+export_ldap_data_to_env
+
+export KEYSERVERS=( "${KS_GENTOO}" )
+export KEYSERVER_TIMEOUT=5m
+
+# Populate keys.gentoo.org with the keys we have, since they might have come from SKS
+push_keys "${SYSTEM_KEYS[@]}"
+push_keys "${COMMITTING_DEVS[@]}"
+push_keys "${NONCOMMITTING_DEVS[@]}"
+push_keys "${RETIRED_DEVS[@]}"
diff --git a/keyrings-import-keys.gentoo.org.bash b/keyrings-import-keys.gentoo.org.bash
new file mode 100755
index 0000000..3328e2c
--- /dev/null
+++ b/keyrings-import-keys.gentoo.org.bash
@@ -0,0 +1,23 @@
+#!/bin/bash
+# Import key updates from Keyservers: keys.gentoo.org
+#
+# TODO:
+# - Turn off export in this script
+
+OUTPUT_DIR=${1:-.}
+BASEDIR="$(dirname "$0")"
+source "${BASEDIR}"/keyrings.inc.bash
+
+set -e
+export_ldap_data_to_env
+
+export KEYSERVERS=( "${KS_GENTOO}" )
+export KEYSERVER_TIMEOUT=5m
+
+grab_keys "${SYSTEM_KEYS[@]}"
+grab_keys "${COMMITTING_DEVS[@]}"
+grab_keys "${NONCOMMITTING_DEVS[@]}"
+# -- not all are on keyservers
+# -- and are unlikely to turn up now
+# -- this needs to fetch from some archive instead
+grab_keys "${RETIRED_DEVS[@]}"
diff --git a/keyrings-import-sks.bash b/keyrings-import-sks.bash
new file mode 100755
index 0000000..3d04ebc
--- /dev/null
+++ b/keyrings-import-sks.bash
@@ -0,0 +1,23 @@
+#!/bin/bash
+# Import key updates from Keyservers
+#
+# TODO:
+# - Turn off export in this script
+
+OUTPUT_DIR=${1:-.}
+BASEDIR="$(dirname "$0")"
+source "${BASEDIR}"/keyrings.inc.bash
+
+set -e
+export_ldap_data_to_env
+
+export KEYSERVER=( ${KS_SKS} )
+export KEYSERVER_TIMEOUT=20m
+
+grab_keys "${SYSTEM_KEYS[@]}"
+grab_keys "${COMMITTING_DEVS[@]}"
+grab_keys "${NONCOMMITTING_DEVS[@]}"
+# -- not all are on keyservers
+# -- and are unlikely to turn up now
+# -- this needs to fetch from some archive instead
+#grab_keys "${RETIRED_DEVS[@]}"
diff --git a/keyrings.inc.bash b/keyrings.inc.bash
index 052550d..427a6f2 100644
--- a/keyrings.inc.bash
+++ b/keyrings.inc.bash
@@ -9,12 +9,7 @@ RETIRED_RULE='(!(gentooStatus=active))'
KS_GENTOO=hkps://keys.gentoo.org/
KS_SKS=hkps://hkps.pool.sks-keyservers.net/
-
-GPG_TMPDIR=$(mktemp -d)
-clean_tmp() {
- rm -rf "$GPG_TMPDIR"
-}
-trap clean_tmp EXIT
+KEYSERVERS=( ) # empty by default
# grab_ldap_fingerprints <ldap-rule>
grab_ldap_fingerprints() {
@@ -30,9 +25,11 @@ grab_keys() {
local missing=()
local remaining=( "${@}" )
+ KEYSERVER_TIMEOUT=${KEYSERVER_TIMEOUT:=1m}
while :; do
- timeout 5m gpg --keyserver $KS_GENTOO -q --recv-keys "${remaining[@]}" || :
- timeout 20m gpg --keyserver $KS_SKS -q --recv-keys "${remaining[@]}" || :
+ for ks in "${KEYSERVERS[@]}" ; do
+ timeout ${KEYSERVER_TIMEOUT} gpg --keyserver "$ks" -q --recv-keys "${remaining[@]}" || :
+ done
missing=()
for key in "${remaining[@]}"; do
gpg --list-public "${key}" &>/dev/null || missing+=( "${key}" )
@@ -58,12 +55,24 @@ grab_keys() {
push_keys() {
# Only send keys that we have
local remaining=( $(gpg --with-colon --list-public "${@}" | sed -n '/^pub/{n; /fpr/p }' |cut -d: -f10) )
- timeout 5m gpg --keyserver $KS_GENTOO -q --send-keys "${remaining[@]}" || :
- #timeout 5m gpg --keyserver $KS_SKS -q --send-keys "${remaining[@]}" || :
+ KEYSERVER_TIMEOUT=${KEYSERVER_TIMEOUT:=1m}
+ for ks in "${KEYSERVERS[@]}" ; do
+ timeout 5m ${KEYSERVER_TIMEOUT} g --keyserver "$ks" -q --send-keys "${remaining[@]}" || :
+ done
+}
+
+
+clean_tmp() {
+ [ -n "$GPG_TMPDIR" ] && [ -d "$GPG_TMPDIR" ] && rm -rf "$GPG_TMPDIR"
+}
+setup_tmp() {
+ export GPG_TMPDIR=$(mktemp -d)
+ trap clean_tmp EXIT
}
export_keys() {
DST="$1"
+ setup_tmp
TMP="${GPG_TMPDIR}"/$(basename "${DST}")
# Must not exist, otherwise GPG will give error
[[ -f "${TMP}" ]] && rm -f "${TMP}"
next reply other threads:[~2019-05-04 3:22 UTC|newest]
Thread overview: 315+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-04 3:22 Robin H. Johnson [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-07-06 10:17 [gentoo-commits] proj/qa-scripts:master commit in: / Michał Górny
2024-07-06 10:17 Michał Górny
2024-06-08 10:52 Michał Górny
2024-05-20 18:47 Robin H. Johnson
2024-05-19 17:28 Robin H. Johnson
2024-05-19 17:28 Robin H. Johnson
2024-05-19 17:28 Robin H. Johnson
2024-04-06 12:25 Michał Górny
2024-02-06 9:28 Ulrich Müller
2024-01-12 15:39 Michał Górny
2023-06-30 5:33 Robin H. Johnson
2023-06-30 5:19 Robin H. Johnson
2023-06-30 5:19 Robin H. Johnson
2023-05-31 20:17 Sam James
2023-05-31 20:13 Sam James
2023-05-26 13:34 Sam James
2023-05-25 2:24 Sam James
2023-05-24 17:20 Sam James
2023-05-24 12:00 Sam James
2023-05-24 9:35 Sam James
2023-05-24 7:07 Sam James
2023-04-13 17:36 Robin H. Johnson
2023-04-13 17:36 Robin H. Johnson
2023-03-24 5:24 Michał Górny
2023-01-22 6:10 Sam James
2023-01-21 6:11 Sam James
2023-01-18 18:29 Sam James
2023-01-18 18:17 Sam James
2022-11-01 22:45 Sam James
2022-10-31 19:30 John Helmert III
2022-10-15 1:08 Sam James
2022-10-15 0:59 Sam James
2022-10-10 23:56 John Helmert III
2022-10-10 19:53 John Helmert III
2022-10-08 18:59 Sam James
2022-10-08 18:30 Sam James
2022-10-08 17:18 Sam James
2022-10-08 12:24 Sam James
2022-10-04 3:46 Sam James
2022-09-03 2:50 Sam James
2022-09-03 1:24 Sam James
2022-07-31 1:57 Sam James
2022-07-31 1:34 Sam James
2022-07-24 22:52 Ulrich Müller
2022-07-24 1:19 Sam James
2022-07-23 2:59 Sam James
2022-07-16 18:29 Sam James
2022-07-16 18:29 Sam James
2022-07-16 18:25 John Helmert III
2022-07-16 17:08 John Helmert III
2022-07-16 16:32 John Helmert III
2022-07-16 4:23 John Helmert III
2022-07-16 3:40 John Helmert III
2022-07-11 1:42 Sam James
2022-07-11 1:26 Sam James
2022-07-11 1:08 Sam James
2022-07-11 1:00 Sam James
2022-07-11 0:58 Sam James
2022-07-11 0:53 Sam James
2022-06-06 4:33 Michał Górny
2022-06-01 10:08 Michał Górny
2022-05-16 16:29 Michał Górny
2022-05-16 12:46 Michał Górny
2022-05-11 20:35 Sam James
2022-05-10 22:01 Sam James
2022-05-10 21:57 Sam James
2022-05-10 16:30 Sam James
2022-05-10 16:30 Sam James
2022-04-22 20:56 Michał Górny
2022-04-10 15:46 Robin H. Johnson
2022-04-10 15:46 Robin H. Johnson
2022-03-19 20:34 Sam James
2022-03-19 20:29 Sam James
2022-03-19 20:29 Sam James
2022-03-19 20:22 Sam James
2022-03-19 20:02 Sam James
2022-03-19 20:01 Sam James
2022-03-19 20:01 Sam James
2022-03-19 20:01 Sam James
2022-03-19 19:43 Sam James
2022-03-19 19:41 Sam James
2022-03-19 19:34 Sam James
2022-03-19 18:52 Sam James
2022-03-19 17:52 Sam James
2022-03-19 17:52 Sam James
2022-03-13 20:53 Sam James
2022-03-13 18:14 Sam James
2022-03-06 17:30 Robin H. Johnson
2022-03-06 17:30 Robin H. Johnson
2022-03-06 17:30 Robin H. Johnson
2022-03-03 5:58 Robin H. Johnson
2022-02-27 19:27 Robin H. Johnson
2022-02-27 17:58 Robin H. Johnson
2022-02-08 6:26 Robin H. Johnson
2021-11-08 11:21 Michał Górny
2021-09-27 15:49 Michał Górny
2021-08-27 18:38 Michał Górny
2021-08-18 20:12 Michał Górny
2021-08-08 20:42 Michał Górny
2021-06-10 16:33 Michał Górny
2021-05-25 12:15 Michał Górny
2021-05-25 4:51 Michał Górny
2021-05-25 4:12 Michał Górny
2021-05-24 18:49 Michał Górny
2021-05-18 7:22 Michał Górny
2021-05-12 11:44 Michał Górny
2021-05-01 12:56 Michał Górny
2021-04-18 7:15 Michał Górny
2021-04-14 13:35 Michał Górny
2021-03-28 20:06 Michał Górny
2020-12-06 9:00 Michał Górny
2020-11-15 18:40 Michał Górny
2020-09-14 19:34 Michał Górny
2020-09-14 2:55 Michał Górny
2020-09-13 11:25 Michał Górny
2020-09-02 7:20 Michał Górny
2020-08-02 8:12 Michał Górny
2020-06-28 11:23 Michał Górny
2020-06-02 5:40 Michał Górny
2020-05-31 6:39 Robin H. Johnson
2020-05-28 9:21 Michał Górny
2020-05-26 5:59 Robin H. Johnson
2020-05-04 5:01 Michał Górny
2020-04-19 12:06 Ulrich Müller
2020-03-08 12:42 Michał Górny
2020-02-24 6:59 Michał Górny
2020-02-24 6:51 Michał Górny
2020-02-16 6:24 Michał Górny
2020-02-16 6:09 Michał Górny
2020-02-14 9:17 Ulrich Müller
2020-02-14 9:06 Mikle Kolyada
2020-02-12 14:31 Ulrich Müller
2020-02-12 13:44 Ulrich Müller
2020-02-10 5:50 Michał Górny
2020-02-09 19:45 Michał Górny
2020-02-08 13:40 Michał Górny
2020-01-28 5:36 Michał Górny
2019-12-30 18:59 Michał Górny
2019-12-30 16:20 Michał Górny
2019-12-09 21:06 Michał Górny
2019-12-09 19:56 Michał Górny
2019-12-07 22:37 Ulrich Müller
2019-12-02 22:32 Michał Górny
2019-11-12 14:12 Michał Górny
2019-11-12 13:29 Michał Górny
2019-11-05 18:23 Michał Górny
2019-11-04 15:23 Michał Górny
2019-11-02 10:22 Michał Górny
2019-10-07 9:17 Michał Górny
2019-10-05 16:50 Michał Górny
2019-09-25 10:36 Michał Górny
2019-09-25 6:27 Michał Górny
2019-09-20 7:07 Michał Górny
2019-09-17 11:43 Michał Górny
2019-09-17 6:30 Michał Górny
2019-09-17 6:00 Michał Górny
2019-09-14 17:34 Michał Górny
2019-09-01 7:58 Michał Górny
2019-08-29 5:28 Michał Górny
2019-08-27 2:55 Michał Górny
2019-08-18 8:04 Michał Górny
2019-08-18 6:59 Michał Górny
2019-08-15 8:15 Michał Górny
2019-08-13 6:38 Michał Górny
2019-08-11 14:55 Michał Górny
2019-08-11 7:03 Michał Górny
2019-08-10 22:04 Michał Górny
2019-08-08 3:35 Michał Górny
2019-08-06 12:05 Michał Górny
2019-08-06 3:51 Michał Górny
2019-08-02 2:29 Michał Górny
2019-07-30 7:22 Michał Górny
2019-07-29 8:45 Michał Górny
2019-07-29 4:25 Michał Górny
2019-07-21 8:49 Michał Górny
2019-07-20 18:33 Michał Górny
2019-07-18 14:49 Michał Górny
2019-07-18 9:55 Ulrich Müller
2019-07-17 13:46 Michał Górny
2019-07-15 15:29 Michał Górny
2019-07-15 13:35 Michał Górny
2019-07-15 11:59 Michał Górny
2019-07-15 11:58 Michał Górny
2019-07-15 8:34 Ulrich Müller
2019-07-11 3:21 Michał Górny
2019-07-08 8:49 Michał Górny
2019-07-08 8:03 Michał Górny
2019-07-03 12:51 Michał Górny
2019-07-03 12:51 Michał Górny
2019-06-29 3:57 Robin H. Johnson
2019-06-29 3:57 Robin H. Johnson
2019-06-29 3:51 Robin H. Johnson
2019-06-29 3:51 Robin H. Johnson
2019-05-05 5:20 Robin H. Johnson
2019-05-05 5:20 Robin H. Johnson
2019-05-04 19:24 Robin H. Johnson
2019-05-04 19:24 Robin H. Johnson
2019-05-04 19:24 Robin H. Johnson
2019-05-04 18:58 Robin H. Johnson
2019-05-04 3:40 Robin H. Johnson
2019-05-04 3:39 Robin H. Johnson
2019-05-04 3:37 Robin H. Johnson
2019-05-04 3:34 Robin H. Johnson
2019-05-03 18:27 Robin H. Johnson
2019-04-14 6:29 Robin H. Johnson
2019-04-09 19:17 Robin H. Johnson
2019-04-09 5:24 Robin H. Johnson
2019-04-09 5:22 Robin H. Johnson
2019-04-01 20:36 Robin H. Johnson
2018-11-12 22:31 Robin H. Johnson
2018-11-12 22:15 Robin H. Johnson
2018-11-12 22:11 Robin H. Johnson
2018-11-12 21:28 Robin H. Johnson
2018-08-23 7:57 Michał Górny
2018-08-12 10:40 Michał Górny
2018-08-12 10:37 Michał Górny
2018-08-12 10:35 Michał Górny
2018-08-12 9:59 Michał Górny
2018-07-29 11:50 Michał Górny
2018-07-21 21:57 Michał Górny
2018-07-21 20:38 Michał Górny
2018-07-21 18:56 Michał Górny
2018-07-18 13:59 Michał Górny
2018-07-18 13:59 Michał Górny
2018-07-18 13:59 Michał Górny
2018-07-18 11:06 Michał Górny
2018-07-18 10:36 Michał Górny
2018-07-18 6:09 Michał Górny
2018-07-18 6:09 Michał Górny
2018-07-17 22:13 Michał Górny
2018-07-17 15:56 Michał Górny
2018-07-17 15:52 Michał Górny
2018-07-17 15:45 Michał Górny
2018-07-10 13:32 Michał Górny
2018-07-10 10:16 Michał Górny
2018-07-07 8:48 Michał Górny
2018-05-08 15:15 Michał Górny
2018-05-08 15:13 Michał Górny
2018-03-19 23:06 Ulrich Müller
2018-03-19 22:29 Ulrich Müller
2018-03-19 22:23 Ulrich Müller
2018-01-06 11:16 Ulrich Müller
2017-12-14 17:38 Michał Górny
2017-06-04 17:13 Ulrich Müller
2017-02-22 17:08 Michał Górny
2017-02-17 11:15 Michał Górny
2016-12-22 11:10 Göktürk Yüksek
2016-08-15 15:10 Michał Górny
2016-05-14 21:41 Jorge Manuel B. S. Vicetto
2016-02-12 7:56 Michał Górny
2016-01-27 22:16 Michał Górny
2015-10-10 22:23 Ulrich Müller
2015-10-10 22:19 Ulrich Müller
2015-09-07 16:01 Michał Górny
2015-09-05 15:06 Michał Górny
2015-08-23 9:01 Michał Górny
2015-05-10 12:07 Alexey Lapitsky
2015-04-25 12:29 Markos Chandras
2015-04-25 12:29 Markos Chandras
2015-04-24 16:46 Ulrich Müller
2015-04-24 16:38 Ulrich Müller
2014-11-24 17:10 Pavlos Ratis
2014-10-28 17:11 Richard Farina
2014-09-24 17:30 Michael Palimaka
2014-09-24 16:43 Michael Palimaka
2014-09-23 17:37 Richard Farina
2014-09-08 21:09 Richard Farina
2014-09-05 19:02 Richard Farina
2014-08-28 18:12 Richard Farina
2014-08-28 13:54 Richard Farina
2014-08-28 3:48 Michael Palimaka
2014-08-28 3:48 Michael Palimaka
2014-08-24 12:09 Ulrich Müller
2014-08-24 10:58 Ulrich Müller
2014-08-24 10:48 Ulrich Müller
2014-08-23 22:05 Ulrich Müller
2014-06-28 22:49 Jorge Manuel B. S. Vicetto
2014-06-16 12:17 Michael Palimaka
2014-06-08 16:23 Michael Palimaka
2014-02-24 16:17 Ulrich Müller
2014-02-08 21:34 Ulrich Müller
2014-02-08 21:34 Ulrich Müller
2014-02-08 21:30 Ulrich Müller
2014-02-08 16:30 Ulrich Müller
2013-11-02 14:06 Ulrich Müller
2013-11-02 13:03 Ulrich Müller
2013-01-12 15:57 Tomas Chvatal
2012-12-11 22:55 Jeremy Olexa
2012-11-29 15:31 Tomas Chvatal
2012-11-28 13:33 Jeremy Olexa
2012-11-28 12:15 Jeremy Olexa
2012-10-17 13:03 Dane Smith
2012-08-01 19:25 Christoph Mende
2012-04-10 7:56 Michał Górny
2012-02-03 22:51 Ulrich Mueller
2011-06-22 19:31 Michał Górny
2011-06-22 16:16 Michał Górny
2011-06-21 17:33 Michał Górny
2011-06-14 20:31 Matt Turner
2011-05-06 18:22 Christoph Mende
2011-04-21 3:51 Jeremy Olexa
2011-04-21 3:51 Jeremy Olexa
2011-04-15 20:28 Jeremy Olexa
2011-04-15 20:28 Jeremy Olexa
2011-03-30 16:52 Jeremy Olexa
2011-03-29 19:29 Tomas Chvatal
2011-03-29 19:26 Jeremy Olexa
2011-03-29 19:12 Jeremy Olexa
2011-03-29 17:32 Tomas Chvatal
2011-03-29 17:26 Tomas Chvatal
2011-03-25 15:38 Jeremy Olexa
2011-03-22 15:43 Jeremy Olexa
2011-03-19 13:10 Tomas Chvatal
2011-03-18 18:55 Jeremy Olexa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1556940135.daec48a7895d7a4b04d55ddf35397fb07b48f68b.robbat2@gentoo \
--to=robbat2@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox