This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository buildscripts. commit e6f76455ac92c08197f6d50e0dee989ff548a0d1 Author: Mihai Moldovan <ionic@ionic.de> Date: Thu Jul 2 02:55:41 2015 +0200 bin/build-rpm-package: use ${GPG_KEY} or ${GPG_KEY_EPEL5} to sign packages and RPM repo data. --- bin/build-rpm-package | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/bin/build-rpm-package b/bin/build-rpm-package index 0fdea9a..8af6d23 100755 --- a/bin/build-rpm-package +++ b/bin/build-rpm-package @@ -692,7 +692,7 @@ build_packages() { find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/x86_64/${BUILD_RESULT}/RPMS/" -type f \( -iname '*.rpm' -and -not -iname '*.src.rpm' \) -print0 | while read -r -d '' rpmfile; do cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/" done - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm # also copy and sign source RPM's # For information on why this weird -print0 | read -r -d '' construction works, @@ -700,7 +700,7 @@ build_packages() { find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/x86_64/${BUILD_RESULT}/SRPMS/" -type f -iname '*.rpm' -print0 | while read -r -d '' rpmfile; do cp "${rpmfile}" "$PKGDIST/${l_DIST}/${l_CODENAME}/SRPM/" done - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm else exit 1 fi @@ -729,11 +729,11 @@ build_packages() { # /usr/lib/rpm/macros # http://adminotes.blogspot.fr/2011/12/centos-6-rpm-sign-problem-v4-signatures... RPMMACRO_V3SIGN="%__gpg_sign_cmd %{__gpg} /usr/bin/gpg --force-v3-sigs --digest-algo=sha1 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" - rpmsign-unattended -D "%_gpg_name debian@x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm - rpmsign-unattended -D "%_gpg_name debian@x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm else - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm fi cat "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/build.log" else @@ -775,7 +775,7 @@ build_packages() { find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/i386/${BUILD_RESULT}/RPMS/" -type 'f' \( -iname '*.rpm' -and -not -iname '*.src.rpm' \) -print0 | while read -r -d '' rpmfile; do cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/" done - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm # copy and later sign source RPM's, if needed (that is, not already generated by x86_64/noarch code above) SEARCH_SRPM="$(find "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM" -type 'f' -iname "*.src.rpm" -print)" @@ -785,7 +785,7 @@ build_packages() { find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/i386/${BUILD_RESULT}/SRPMS/" -type 'f' -iname '*.src.rpm' -print0 | while read -r -d '' rpmfile; do cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/" done - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm fi else exit 1 @@ -816,11 +816,11 @@ build_packages() { if [ "${l_DIST}" = "epel" ] && [ "${l_CODENAME}" = "5" ]; then RPMMACRO_V3SIGN="%__gpg_sign_cmd /usr/bin/gpg --force-v3-sigs --digest-algo=sha1 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u \"%_gpg_name\" -sbo %{__signature_filename} %{__plaintext_filename}" - rpmsign-unattended -D "%_gpg_name debian@x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm - [ "x${SIGN_SRPM}" = "x1" ] && rpmsign-unattended -D "%_gpg_name debian@x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm + [ "x${SIGN_SRPM}" = "x1" ] && rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm else - rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm - [ "x$SIGN_SRPM" = "x1" ] && rpmsign-unattended -D "%_gpg_name debian@x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm + rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm + [ "x$SIGN_SRPM" = "x1" ] && rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm fi cat "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/build.log" else @@ -871,13 +871,15 @@ upload_packages() { scp *.rpm "${REPOS_SERVER}:${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/rpms/${PROJECT}/" || true CREATEREPO_OPTS="" + typeset gpg_sign_with="${GPG_KEY}" if [ "${l_DIST}" = "epel" ] && [ "${l_CODENAME}" = "5" ]; then CREATEREPO_OPTS="-s sha" + gpg_sign_with="${GPG_KEY_EPEL5}" fi 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/ && createrepo ${CREATEREPO_OPTS} ." - 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && rm -f -- repomd.xml.asc && gpg -a -u ${GPG_KEY} --detach-sign repomd.xml" 1>/dev/null 2>/dev/null - 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && test -e repomd.xml.key || gpg -a --output repomd.xml.key --export ${GPG_KEY}" + 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && rm -f -- repomd.xml.asc && gpg -a -u ${gpg_sign_with} --detach-sign repomd.xml" 1>/dev/null 2>/dev/null + 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && test -e repomd.xml.key || gpg -a --output repomd.xml.key --export ${gpg_sign_with}" fi done done -- Alioth's /srv/git/code.x2go.org/buildscripts.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/buildscripts.git