CondorCORE/condorcore-keyring
CondorCORE/condorcore-keyring
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Collect failed keys and print them at the end

Browse Source 
Since !180, all keys are tried. This can indeed be useful but buries
the offending key in a long output log.

This stores a message containing the key and UID during processing and
prints them all at the end.
This commit is contained in:
Samir Benmendil 2023-02-16 13:52:02 +00:00 committed by David Runge
parent a7877fc189
commit 29d9caa9dc
No known key found for this signature in database
GPG Key ID: 139B09DA5BF0D338
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wkd_sync/archlinux-keyring-wkd-sync
View File

@ -42,7 +42,6 @@ gpg_locate_external=(
fingerprint_mboxes="$(
gpg --homedir "$homedir" --no-permission-warning --list-keys --list-options show-only-fpr-mbox
)"
error=0
# a list of <fingerprints> of all revoked keys and keys that have no valid main
# key signatures
@ -56,16 +55,20 @@ if (( EUID != 0 )); then
exit 1
fi
errors=()
# first update the main signing keys, then the packager keys
for domain_match in "$main_key_domain_match" "$packager_domain_match"; do
while read -ra fpr_email; do
if [[ ${fpr_email[1]} =~ $domain_match && ! "$old_fingerprints" =~ ${fpr_email[0]} && ! "${invalid_fingerprints[*]}" =~ ${fpr_email[0]} ]]; then
printf "Refreshing key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}"
"${gpg_locate_external[@]}" "${fpr_email[1]}" || let ++error
if ! "${gpg_locate_external[@]}" "${fpr_email[1]}"; then
errors+=("Error refreshing key ${fpr_email[0]} with UID ${fpr_email[1]}.")
fi
else
printf "Skipping key %s with UID %s...\n" "${fpr_email[0]}" "${fpr_email[1]}"
fi
done <<< "$fingerprint_mboxes"
done
exit ${error}
>&2 printf "%s\n" "${errors[@]}"
exit ${#errors[@]}