diff options
author | Andreas K. Hüttel <dilfridge@gentoo.org> | 2023-08-06 02:03:25 +0200 |
---|---|---|
committer | Andreas K. Hüttel <dilfridge@gentoo.org> | 2023-08-06 02:03:25 +0200 |
commit | ef94c6ac3da5e313cf5bce124325398df1abddbc (patch) | |
tree | a80b256227076a11016ce503aff54d98e0e1bba8 | |
parent | first complete version (diff) | |
download | mastermirror-scripts-ef94c6ac3da5e313cf5bce124325398df1abddbc.tar.gz mastermirror-scripts-ef94c6ac3da5e313cf5bce124325398df1abddbc.tar.bz2 mastermirror-scripts-ef94c6ac3da5e313cf5bce124325398df1abddbc.zip |
Make signing work
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
-rwxr-xr-x | sign-binpackages.sh | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/sign-binpackages.sh b/sign-binpackages.sh index e11ba71..6cee806 100755 --- a/sign-binpackages.sh +++ b/sign-binpackages.sh @@ -14,10 +14,11 @@ ARCHES=${ARCHES:-${_ARCHES}} INTREE=/release/weekly/binpackages SIGTREE=/release/binpackages -VERBOSE='' +export BINPKG_GPG_SIGNING_GPG_HOME=/home/gmirror/.gnupg-releng +export BINPKG_GPG_SIGNING_KEY=13EBBDBEDE7A12775DFDB1BABB572E0E2D182910 +export BINPKG_GPG_VERIFY_GPG_HOME=${BINPKG_GPG_SIGNING_GPG_HOME} -BINPKG_GPG_SIGNING_GPG_HOME=/home/gmirror/.gnupg-releng -BINPKG_GPG_SIGNING_KEY=DCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D +[[ $(whoami) == "gmirror" ]] || exit 111 gpgconf --kill all @@ -26,7 +27,7 @@ gpgconf --kill all # the signature changed them)... for a in $ARCHES ; do - rsync ${VERBOSE} --archive --delete --delete-after --update --mkpath ${INTREE}/${a}/* ${SIGTREE}/${a}/ + rsync --archive --delete --delete-after --update --mkpath ${INTREE}/${a}/* ${SIGTREE}/${a}/ done # step 2: iterate over all binary package trees, sign @@ -38,6 +39,7 @@ done # .../binpackages/x86/17.0/x86_musl_hardened for t in ${SIGTREE}/*/*/* ; do - find "${t}" -name '*.gpkg' -exec gpkg-sign --skip-signed \{\} \; - PKGDIR=${t} emaint binhost fix + find "${t}" -name '*.gpkg.tar' -exec gpkg-sign --skip-signed \{\} \; > /dev/null + PKGDIR=${t} emaint -f binhost > /dev/null done +# unfortunately these commands make much noise... let's hope we notice errors |