Commit Graph

922 Commits

Author SHA1 Message Date
Johannes Löthberg
4b5fa39622 Add signature from demize for anthraxx
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-11-29 20:58:32 +01:00
Christian Hesse
1c296bf292
restart wkd sync on failure...
... but with a reasonable delay of five minutes, and limited to three
invocations per hour. After that the service goes into failed state.

This should mitigate service failure caused by intermittent network
issues or server reboot on our side.
2022-11-28 11:42:57 +01:00
David Runge
594009f981
Add main key signature of dvzrv for pierre
keyring/packager/pierre/3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C/uid/Pierre_Schmitz__pierre@archlinux.org_e7e0700e/certification/2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E.asc:
Add main key signature of dvzrv
(2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E) for pierre
(3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C).
2022-11-23 20:01:06 +01:00
Christian Hesse
a2e0301536
add @demize in issue templates
Added in !178
2022-11-23 09:08:23 +01:00
Christian Hesse
9beb0b5f9b
remove @grazzolini from issue templates
Revoked in !183
2022-11-23 09:08:00 +01:00
Christian Hesse
271b03dc92
use @archlinux/teams/main-key-holders for assignment in issue templates 2022-11-22 23:27:55 +01:00
Jelle van der Waa
42afef9fdb Revoke grazzolini's master key 2022-11-22 20:37:46 +01:00
Daniel M. Capella
2281a7a869
Update expiry of polyzen's key 2022-11-10 14:11:29 -05:00
Remi Gacogne
03649fa4fc Update expiry of rgacogne's key 2022-11-10 15:05:43 +00:00
Christian Hesse
30b8fa1653
try all keys, fail at the end for wkd sync
This makes sure all keys are tried at least, instead of failing with the
first error.

Fixes #202
2022-11-10 15:56:09 +01:00
Johannes Löthberg
14e5f42c38 Add new main key of demize
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-11-10 14:49:53 +00:00
Christian Hesse
4d019d5bc1
Merge remote-tracking branch 'merge-requests/177' 2022-11-04 12:08:21 +01:00
Frederik Schwan
3496a50d0a
update expiry of freswa's key 2022-11-03 22:28:13 +01:00
Pierre Schmitz
69a00fd116
Add new key for pierre 2022-10-31 11:33:47 +01:00
Levente Polyak
c4ea00b0d3
Add signature from anthraxx for blakkheim 2022-09-26 23:59:01 +02:00
Christian Hesse
e347a820c6
increase random delay for wkd sync
Most systems run this in the same 12 hours... Stop DDOS'ing ourselves
and spread over the whole week.

Fixes #198
2022-09-21 14:50:49 +02:00
Florian Pritz
a8784b9ac4
Add signature from Bluewind for blakkheim
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-09-18 11:24:06 +02:00
Christian Hesse
7fa672586a
Merge branch 'merge-requests/173' 2022-09-12 09:58:20 +02:00
Michel Alexandre Salim
335a31dcf6
Hardcode using bash as make's shell
On Debian/Ubuntu the default shell is dash, and builds are done with
SHELL overridden to dash. Since archlinux-keyring now has Bash-isms in
the install and uninstall targets (for {} expansion), and rewriting it
to drop this is inconvenient (because we'll have to repeat the path
prefixes), hardcode the use of Bash instead.

Use /bin/bash to be compatible with distros that have not finished the
/bin -> /usr/bin migration yet.

Signed-off-by: Michel Alexandre Salim <michel@michel-slm.name>
2022-09-12 09:34:26 +02:00
David Runge
eb12f06550
Add signature of dvzrv for blakkheim
keyring/packager/blakkheim/54C1FD273361EA514A237793F296BDE50368C6CE/uid/T.J._Townsend__blakkheim@archlinux.org_476bd08f/certification/2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E.asc:
Add main key signature of dvzrv
(2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E) for blakkheim
(54C1FD273361EA514A237793F296BDE50368C6CE).
2022-09-11 21:18:47 +02:00
David Runge
3eb5037a48
Merge remote-tracking branch 'blakkheim/master'
* blakkheim/master:
  Add packager key for new Trusted User blakkheim
2022-09-11 13:48:39 +02:00
T.J. Townsend
375d4bff87 Add packager key for new Trusted User blakkheim
Application: https://lists.archlinux.org/pipermail/aur-general/2022-August/036930.html
Voting result: https://lists.archlinux.org/pipermail/aur-general/2022-September/036964.html
2022-09-10 10:35:21 -04:00
Florian Pritz
33e8374d12
Add signature from Bluewind for serebit
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-09-04 10:01:52 +02:00
David Runge
7b331e8a7d
Rename wkd_build to pages
.gitlab-ci.yml:
Rename wkd_build to pages, as that is apparently what gitlab needs.
2022-09-02 19:04:02 +02:00
David Runge
05f17ee267
Copy WKD dir to public directly
.gitlab-ci.yml:
Copy the WKD dir to a public dir (used by gitlab pages) directly instead
of creating the public dir and copying into it, as that is brittle.
2022-09-02 18:31:38 +02:00
David Runge
75b7394377
Force symlinking of systemd unit for activation
Makefile:
Force symlinking of systemd unit for activation. If the service is
already installed and activated (symlinked) on the target system, a
non-forced symlink would fail otherwise.
2022-09-02 13:26:29 +02:00
David Runge
a6f2a84baa
Add gitlab-ci integration to build WKD dir on tag
.gitlab-ci.yml:
Add gitlab-ci integration to build WKD dir on tag using the `make wkd`
target per FQDN used by Arch Linux. Builds only happen on a secure
runner, the job is running in its own stage after the tests and only
runs in pipelines for tags.
2022-08-31 11:41:45 +02:00
David Runge
85dc87d167
Adapt Makefile to build wkd dir and inspect it
Makefile:
Change the Makefile to build WKD dirs based on a given WKD_FQDN and add
them to WKD_BUILD_DIR.
2022-08-31 11:19:57 +02:00
Christian Hesse
0a6ff56c80
Merge branch 'merge-requests/165' 2022-08-31 09:35:24 +02:00
Levente Polyak
d0bea7ad8a
Add signature from anthraxx for yan12125 2022-08-31 01:34:29 +02:00
Florian Pritz
0f217bd222
Add signature from Bluewind for yan12125
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2022-08-31 01:06:53 +02:00
Christian Hesse
fae9b09614
Merge branch 'merge-requests/162' 2022-08-29 22:51:43 +02:00
Levente Polyak
1e57a3038e
Add signature from anthraxx for serebit 2022-08-28 22:50:59 +02:00
David Runge
8f787824c1
Add main key signature by dvzrv for serebit
keyring/packager/serebit/CAAE0C97533C35D3A0C6C34066E60E5F785A6824/uid/Campbell_Jones__for_package_signing_only___serebit@archlinux.org_55f6fd2b/certification/2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E.asc:
Add main key signature by dvzrv
(2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E) for serebit
(CAAE0C97533C35D3A0C6C34066E60E5F785A6824).
2022-08-28 20:01:07 +02:00
David Runge
25d07327d6
Add main key signature by dvzrv for yan12125
keyring/packager/yan12125/E62545315B012B69C8C94A1D56EC201BFC794362/uid/Chih-Hsuan_Yen__yan12125@archlinux.org_fea86268/certification/2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E.asc:
Add main key signature by dvzrv
(2AC0A42EFB0B5CBC7A0402ED4DC95B6D7BE9892E) for yan12125
(E62545315B012B69C8C94A1D56EC201BFC794362).
2022-08-28 19:59:45 +02:00
kpcyrd
f0200aba0d
Update expiry of kpcyrd key 2022-08-19 15:01:36 +02:00
Jonas Witschel
f235233372
Add signature from diabonas for yan12125 2022-08-19 10:53:25 +02:00
Christian Hesse
7854fefc9f
Merge branch 'merge-requests/156' 2022-08-19 10:00:18 +02:00
Christian Hesse
48a4282873
Merge branch 'merge-requests/158' 2022-08-19 09:55:56 +02:00
Christian Hesse
da16cd7c6b
Merge branch 'merge-requests/145' 2022-08-19 09:50:46 +02:00
Christian Hesse
79c81cbe6a
Merge branch 'merge-requests/157' 2022-08-19 09:45:52 +02:00
Jonas Witschel
b01b1f77dc
Revoke signature from diabonas for tensor5
Trusted User resignation:
https://lists.archlinux.org/archives/list/arch-dev-public@lists.archlinux.org/thread/TZWGYQY3AGNVVTIV4QB5CIJP4PI5JM4T/
2022-08-18 16:15:50 +02:00
Jonas Witschel
4c6fbc3779
Add signature from diabonas for serebit 2022-08-18 14:20:06 +02:00
Jonas Witschel
378e0ed4f3
Add packager key for new Trusted User serebit
Application: https://lists.archlinux.org/pipermail/aur-general/2022-January/036781.html
Voting results: https://lists.archlinux.org/pipermail/aur-general/2022-March/036842.html
2022-08-17 21:02:39 +02:00
Nicola Squartini
1352aa782b
Revoke @tensor5’s key 2022-08-14 22:11:08 +09:00
Chih-Hsuan Yen
498a19d0c6
Add yan12125's new key
There are some other changes with my current key:

* Actually revoke an unused uid

As per RFC 4880 [1], a revocation signature (sigclass 0x30) "should
have a later creation date than that certificate." However, somehow in
my keyring I have certificates newer than the previous revocation
signature. As a result, that uid is not marked as revoked by gpg. I
created a new revocation signature to fix that.

* Make @archlinux.org the primary UID

[1] https://datatracker.ietf.org/doc/html/rfc4880
2022-08-13 23:49:22 +08:00
Jonas Witschel
8b336741d1
Add signature from diabonas for sangy 2022-08-09 08:48:38 +02:00
Jonas Witschel
7217c34c04
Add signature from diabonas for foxxx0 2022-08-09 08:48:32 +02:00
David Runge
8036719a2e
Allow overriding the script location in WKD sync service
wkd_sync/archlinux-keyring-wkd-sync.service.in:
Replace use of explicit script location (i.e. /usr/bin) with
SCRIPT_TARGET_DIR placeholder.

Makefile:
Create WKD sync service file from input file, replacing the
SCRIPT_TARGET_DIR placeholder with $SCRIPT_TARGET_DIR.
2022-08-04 12:59:24 +02:00
David Runge
b3279eafcf
Rename WKD sync service file to an input file
wkd_sync/archlinux-keyring-wkd-sync.service -> wkd_sync/archlinux-keyring-wkd-sync.service.in:
This allows using the file as input file, where overriding keywords can
be done using sed.
2022-08-04 12:57:46 +02:00