CondorCORE/condorcore-keyring
CondorCORE/condorcore-keyring
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Collect failed keys and print them at the end

Browse Source 
Since !180, all keys are tried. This can indeed be useful but buries
the offending key in a long output log.

This stores a message containing the key and UID during processing and
prints them all at the end.
This commit is contained in:
Samir Benmendil 2023-02-16 13:52:02 +00:00 committed by David Runge
parent a7877fc189
commit 29d9caa9dc
No known key found for this signature in database
GPG Key ID: 139B09DA5BF0D338
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wkd_sync/archlinux-keyring-wkd-sync
View File

@ -42,7 +42,6 @@ gpg_locate_external=(
fingerprint_mboxes="$( fingerprint_mboxes="$(
gpg --homedir "$homedir" --no-permission-warning --list-keys --list-options show-only-fpr-mbox gpg --homedir "$homedir" --no-permission-warning --list-keys --list-options show-only-fpr-mbox
)" )"
error=0
# a list of <fingerprints> of all revoked keys and keys that have no valid main # a list of <fingerprints> of all revoked keys and keys that have no valid main
# key signatures # key signatures
@ -56,16 +55,20 @@ if (( EUID != 0 )); then
exit 1 exit 1
fi fi
errors=()
# first update the main signing keys, then the packager keys # first update the main signing keys, then the packager keys
for domain_match in "$main_key_domain_match" "$packager_domain_match"; do for domain_match in "$main_key_domain_match" "$packager_domain_match"; do
while read -ra fpr_email; do while read -ra fpr_email; do
if [[ ${fpr_email[1]} =~ $domain_match && ! "$old_fingerprints" =~ ${fpr_email[0]} && ! "${invalid_fingerprints[*]}" =~ ${fpr_email[0]} ]]; then if [[ ${fpr_email[1]} =~ $domain_match && ! "$old_fingerprints" =~ ${fpr_email[0]} && ! "${invalid_fingerprints[*]}" =~ ${fpr_email[0]} ]]; then
printf "Refreshing key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}" printf "Refreshing key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}"
"${gpg_locate_external[@]}" "${fpr_email[1]}" || let ++error if ! "${gpg_locate_external[@]}" "${fpr_email[1]}"; then
errors+=("Error refreshing key ${fpr_email[0]} with UID ${fpr_email[1]}.")
fi
else else
printf "Skipping key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}" printf "Skipping key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}"
fi fi
done <<< "$fingerprint_mboxes" done <<< "$fingerprint_mboxes"
done done
exit ${error} >&2 printf "%s\n" "${errors[@]}"
exit ${#errors[@]}