]> err.no Git - dak/commitdiff
only run when there is something to do. also only update the keyrings for dsa if...
authorJoerg Jaspert <joerg@debian.org>
Sat, 26 Mar 2011 09:58:35 +0000 (10:58 +0100)
committerJoerg Jaspert <joerg@debian.org>
Sat, 26 Mar 2011 09:58:35 +0000 (10:58 +0100)
Signed-off-by: Joerg Jaspert <joerg@debian.org>
scripts/debian/buildd-add-keys
scripts/debian/buildd-prepare-dir
scripts/debian/buildd-remove-keys

index 2ba4bac176283804b6a8aae23d75d8434b200c0d..d96fa758308672e10916d392306b9f79ac8ab53f 100755 (executable)
@@ -51,12 +51,12 @@ function cleanup() {
     done
     exit $ERRVAL
 }
-trap cleanup ERR EXIT TERM HUP INT QUIT
 
 base="${base}/scripts/builddkeyrings"
 INCOMING="${base}/incoming"
 ERRORS="${base}/errors"
 ADMINS="${base}/adminkeys.gpg"
+STAMPFILE="${base}/updatedkeyring"
 
 # Default options for our gpg calls
 DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting"
@@ -66,11 +66,19 @@ if ! [ -d "${INCOMING}" ]; then
     exit 1
 fi
 
+cd "${INCOMING}"
+KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.key | sed -e "s,./,," | xargs)
+if [ -z "${KEYS}" ]; then
+    exit 0
+fi
+
+trap cleanup ERR EXIT TERM HUP INT QUIT
+
 # Whenever something goes wrong, its put in there.
 mkdir -p "${ERRORS}"
 
 # We process all new files in our incoming directory
-for file in $(ls -1 ${INCOMING}/*.key); do
+for file in ${KEYS}; do
     file=${file##*/}
     # First we want to see if we recognize the filename. The buildd people have
     # to follow a certain schema:
index d8ae9227dbecfc4229583780846d61e16d59d5d0..df4b098e2ba120aa87722436d5b49acb33eafa95 100755 (executable)
@@ -42,20 +42,24 @@ GNUPGHOME="${base}/s3kr1t/dot-gnupg"
 base="${base}/scripts/builddkeyrings"
 TARGET="${base}/keyrings"
 REMOVED="${base}/removed-buildd-keys.gpg"
+STAMPFILE="${base}/updatedkeyring"
 
-mkdir -p "${TARGET}/keyrings"
+mkdir -p "${TARGET}/buildd-keyrings"
 
-for arch in $archs; do
-    if [ -f ${base}/${arch}/keyring.gpg ]; then
-        cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
-        chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
-    fi
-done
+if [ -f "${STAMPFILE}" ]; then
+    rm -f "${STAMPFILE}"
+    for arch in $archs; do
+        if [ -f ${base}/${arch}/keyring.gpg ]; then
+            cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
+            chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
+        fi
+    done
 
-cd ${TARGET}
-sha512sum buildd-keyrings/* > sha512sums
+    cd ${TARGET}
+    sha512sum buildd-keyrings/* > sha512sums
 
-rm -f ${TARGET}/sha512sums.txt
-SIGNINGKEY=B1326A8D
-GNUPGHOME=${GNUPGHOME} gpg --no-options  --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums"
-rm -f ${TARGET}/sha512sums
+    rm -f ${TARGET}/sha512sums.txt
+    SIGNINGKEY=B1326A8D
+    GNUPGHOME=${GNUPGHOME} gpg --no-options  --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums"
+    rm -f ${TARGET}/sha512sums
+fi
index 0ea4c23dc33afebf6031e7b9d15811a84470e0e7..3591785d6c028769b169a9b22f1f81b3b1f5e2a9 100755 (executable)
@@ -51,13 +51,13 @@ function cleanup() {
     done
     exit $ERRVAL
 }
-trap cleanup ERR EXIT TERM HUP INT QUIT
 
 base="${base}/scripts/builddkeyrings"
 INCOMING="${base}/incoming"
 ERRORS="${base}/errors"
 ADMINS="${base}/adminkeys.gpg"
 REMOVED="${base}/removed-buildd-keys.gpg"
+STAMPFILE="${base}/updatedkeyring"
 
 # Default options for our gpg calls
 DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting"
@@ -67,11 +67,22 @@ if ! [ -d "${INCOMING}" ]; then
     exit 1
 fi
 
+cd "${INCOMING}"
+KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.del | sed -e "s,./,," | xargs)
+if [ -z "${KEYS}" ]; then
+    exit 0
+fi
+
+trap cleanup ERR EXIT TERM HUP INT QUIT
+
+# Tell prepare-dir that there is an update and it can run
+touch "${STAMPFILE}"
+
 # Whenever something goes wrong, its put in there.
 mkdir -p "${ERRORS}"
 
 # We process all new files in our incoming directory
-for file in $(ls -1 ${INCOMING}/*.del ); do
+for file in ${KEYS}; do
     file=${file##*/}
     # First we want to see if we recognize the filename. The buildd people have
     # to follow a certain schema: