[Git][reproducible-builds/reproducible-misc][master] dump-gpg-keys: loop over multiple keyservers when looking for somebody's key

Mattia Rizzolo gitlab at salsa.debian.org
Thu May 7 15:58:46 UTC 2020 


Mattia Rizzolo pushed to branch master at Reproducible Builds / reproducible-misc


Commits:
1e88e8d6 by Mattia Rizzolo at 2020-05-07T17:56:29+02:00
dump-gpg-keys: loop over multiple keyservers when looking for somebody's key

with the dying keyserver network sometimes it's hard to obtain all (the
pieces of) keys from a single arbitrary kesyerver.

Signed-off-by: Mattia Rizzolo <mattia at debian.org>

- - - - -


1 changed file:

- dump-gpg-keys.sh


Changes:

=====================================
dump-gpg-keys.sh
=====================================
@@ -20,11 +20,24 @@ keys=(
 )
 
 # import all the keys
+# run over multiple keyservers, so to make sure to pick up the latests updated
+keyservers=(
+    keyring.debian.org
+    keyserver.ubuntu.com
+    keys.openpgp.org
+)
 
-"${GPG[@]}" \
-    --keyserver keyring.debian.org \
-    --recv-keys \
-    "${keys[@]}"
+for _k in "${keyservers[@]}"; do
+    "${GPG[@]}" \
+        --keyserver "${_k}" \
+        --recv-keys \
+        "${keys[@]}" || echo "W: $_k returned no useful data, continuing…" >&2
+done
+
+if [ -z "$("${GPG[@]}" -k 2>/dev/null)" ]; then
+    echo "E: None of the wanted keys was found in any keyserver." >&2
+    exit 1
+fi
 
 # print some information about the keys
 # (--fingerprint twice so the fingeprint of the subkeys is printed too)
@@ -39,5 +52,5 @@ keys=(
 "${GPG[@]}" \
     --export \
     --armor \
-    --export-options export-minimal \
+    --export-options export-clean,export-minimal \
     "${keys[@]}"



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-misc/-/commit/1e88e8d665fd5e147f1cb6cb236c813960dd40b7

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-misc/-/commit/1e88e8d665fd5e147f1cb6cb236c813960dd40b7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20200507/d7454a6e/attachment.htm>

More information about the rb-commits mailing list