commit: fbb6e9911b2cc8582f870acb23c2dacac8e2c077 Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> AuthorDate: Sun Feb 27 17:57:48 2022 +0000 Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> CommitDate: Sun Feb 27 17:57:48 2022 +0000 URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=fbb6e991
keyrings: add infra keyring Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org> create-dev-keyrings.bash | 6 ++++++ keyrings.inc.bash | 3 +++ 2 files changed, 9 insertions(+) diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash index 65b2b14..d0ea12a 100755 --- a/create-dev-keyrings.bash +++ b/create-dev-keyrings.bash @@ -27,6 +27,10 @@ export_keys "${OUTPUT_DIR}"/active-devs.gpg \ "${COMMITTING_DEVS[@]}" \ "${NONCOMMITTING_DEVS[@]}" +grab_keys "${INFRA_DEVS[@]}" +export_keys "${OUTPUT_DIR}"/infra-devs.gpg \ + "${INFRA_DEVS[@]}" + # -- not all are on keyservers # -- and are unlikely to turn up now # -- this needs to fetch from some archive instead @@ -39,6 +43,7 @@ export_keys "${OUTPUT_DIR}"/all-devs.gpg \ "${SYSTEM_KEYS[@]}" \ "${COMMITTING_DEVS[@]}" \ "${NONCOMMITTING_DEVS[@]}" \ + "${INFRA_DEVS[@]}" \ "${RETIRED_DEVS[@]}" # Populate keys.gentoo.org with the keys we have, since they might have come from SKS @@ -47,4 +52,5 @@ export KEYSERVER_TIMEOUT=20m push_keys "${SYSTEM_KEYS[@]}" push_keys "${COMMITTING_DEVS[@]}" push_keys "${NONCOMMITTING_DEVS[@]}" +push_keys "${INFRA_DEVS[@]}" push_keys "${RETIRED_DEVS[@]}" diff --git a/keyrings.inc.bash b/keyrings.inc.bash index bf45a86..7989d79 100644 --- a/keyrings.inc.bash +++ b/keyrings.inc.bash @@ -6,6 +6,7 @@ SYSTEM_BASE='ou=system,dc=gentoo,dc=org' COMMIT_RULE='(&(gentooAccess=git.gentoo.org/repo/gentoo.git)(gentooStatus=active))' NONCOMMIT_RULE='(&(!(gentooAccess=git.gentoo.org/repo/gentoo.git))(gentooStatus=active))' RETIRED_RULE='(!(gentooStatus=active))' +INFRA_RULE='(&(gentooAccess=infra.group)(gentooStatus=active))' export KS_GENTOO=hkps://keys.gentoo.org/ # Use local keyserver for speedup @@ -18,6 +19,7 @@ export KEYSERVERS=( ) # empty by default export COMMITTING_DEVS=( ) export NONCOMMITTING_DEVS=( ) export RETIRED_DEVS=( ) +export INFRA_DEVS=( ) export SYSTEM_KEYS=( ) # grab_ldap_fingerprints <ldap-rule> @@ -128,5 +130,6 @@ export_ldap_data_to_env() { export -a COMMITTING_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${COMMIT_RULE}") ) export -a NONCOMMITTING_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${NONCOMMIT_RULE}") ) export -a RETIRED_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${RETIRED_RULE}") ) + export -a INFRA_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${INFRA_RULE}") ) export -a SYSTEM_KEYS=( $(grab_ldap_fingerprints -b "${SYSTEM_BASE}" "${NONCOMMIT_RULE}") ) }