From: Joerg Jaspert Date: Sat, 26 Mar 2011 09:58:35 +0000 (+0100) Subject: only run when there is something to do. also only update the keyrings for dsa if... X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d102935d5f1bda668b10fe77961e4384c3b8c9e8;p=dak only run when there is something to do. also only update the keyrings for dsa if there was a change Signed-off-by: Joerg Jaspert --- diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys index 2ba4bac1..d96fa758 100755 --- a/scripts/debian/buildd-add-keys +++ b/scripts/debian/buildd-add-keys @@ -51,12 +51,12 @@ function cleanup() { done exit $ERRVAL } -trap cleanup ERR EXIT TERM HUP INT QUIT base="${base}/scripts/builddkeyrings" INCOMING="${base}/incoming" ERRORS="${base}/errors" ADMINS="${base}/adminkeys.gpg" +STAMPFILE="${base}/updatedkeyring" # Default options for our gpg calls DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting" @@ -66,11 +66,19 @@ if ! [ -d "${INCOMING}" ]; then exit 1 fi +cd "${INCOMING}" +KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.key | sed -e "s,./,," | xargs) +if [ -z "${KEYS}" ]; then + exit 0 +fi + +trap cleanup ERR EXIT TERM HUP INT QUIT + # Whenever something goes wrong, its put in there. mkdir -p "${ERRORS}" # We process all new files in our incoming directory -for file in $(ls -1 ${INCOMING}/*.key); do +for file in ${KEYS}; do file=${file##*/} # First we want to see if we recognize the filename. The buildd people have # to follow a certain schema: diff --git a/scripts/debian/buildd-prepare-dir b/scripts/debian/buildd-prepare-dir index d8ae9227..df4b098e 100755 --- a/scripts/debian/buildd-prepare-dir +++ b/scripts/debian/buildd-prepare-dir @@ -42,20 +42,24 @@ GNUPGHOME="${base}/s3kr1t/dot-gnupg" base="${base}/scripts/builddkeyrings" TARGET="${base}/keyrings" REMOVED="${base}/removed-buildd-keys.gpg" +STAMPFILE="${base}/updatedkeyring" -mkdir -p "${TARGET}/keyrings" +mkdir -p "${TARGET}/buildd-keyrings" -for arch in $archs; do - if [ -f ${base}/${arch}/keyring.gpg ]; then - cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg - chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg - fi -done +if [ -f "${STAMPFILE}" ]; then + rm -f "${STAMPFILE}" + for arch in $archs; do + if [ -f ${base}/${arch}/keyring.gpg ]; then + cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg + chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg + fi + done -cd ${TARGET} -sha512sum buildd-keyrings/* > sha512sums + cd ${TARGET} + sha512sum buildd-keyrings/* > sha512sums -rm -f ${TARGET}/sha512sums.txt -SIGNINGKEY=B1326A8D -GNUPGHOME=${GNUPGHOME} gpg --no-options --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums" -rm -f ${TARGET}/sha512sums + rm -f ${TARGET}/sha512sums.txt + SIGNINGKEY=B1326A8D + GNUPGHOME=${GNUPGHOME} gpg --no-options --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums" + rm -f ${TARGET}/sha512sums +fi diff --git a/scripts/debian/buildd-remove-keys b/scripts/debian/buildd-remove-keys index 0ea4c23d..3591785d 100755 --- a/scripts/debian/buildd-remove-keys +++ b/scripts/debian/buildd-remove-keys @@ -51,13 +51,13 @@ function cleanup() { done exit $ERRVAL } -trap cleanup ERR EXIT TERM HUP INT QUIT base="${base}/scripts/builddkeyrings" INCOMING="${base}/incoming" ERRORS="${base}/errors" ADMINS="${base}/adminkeys.gpg" REMOVED="${base}/removed-buildd-keys.gpg" +STAMPFILE="${base}/updatedkeyring" # Default options for our gpg calls DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting" @@ -67,11 +67,22 @@ if ! [ -d "${INCOMING}" ]; then exit 1 fi +cd "${INCOMING}" +KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.del | sed -e "s,./,," | xargs) +if [ -z "${KEYS}" ]; then + exit 0 +fi + +trap cleanup ERR EXIT TERM HUP INT QUIT + +# Tell prepare-dir that there is an update and it can run +touch "${STAMPFILE}" + # Whenever something goes wrong, its put in there. mkdir -p "${ERRORS}" # We process all new files in our incoming directory -for file in $(ls -1 ${INCOMING}/*.del ); do +for file in ${KEYS}; do file=${file##*/} # First we want to see if we recognize the filename. The buildd people have # to follow a certain schema: