[Qa-jenkins-scm] [Git][qa/jenkins.debian.net][master] Reproducible Arch Linux: import GnuPG keys before running makepkg

[Holger Levsen]

Holger Levsen pushed to branch master at Debian QA / jenkins.debian.net


Commits:
1b36569b by Eli Schwartz at 2019-01-18T18:05:33Z
Reproducible Arch Linux: import GnuPG keys before running makepkg

This means that when things fail, we get to see errors from gpg, rather
than relying on silent behavior from gpg while attempting to verify the
file (in which case all we see is "unknown public key" from makepkg
itself).

Signed-off-by: Holger Levsen <holger at layer-acht.org>

- - - - -


1 changed file:

- bin/reproducible_build_archlinux_pkg.sh


Changes:

=====================================
bin/reproducible_build_archlinux_pkg.sh
=====================================
@@ -163,6 +163,8 @@ first_build() {
 	echo $VERSION > $TMPDIR/b1/$SRCPACKAGE/build1.version
 	# show env variables
 	schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -- bash -l -c "$MAKEPKG_ENV_VARS printenv 2>&1" | tee -a $LOG
+	# preseed GnuPG keys if relevant in order to get good error logs
+	schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -- bash -l -c "makepkg --printsrcinfo | awk -F ' = ' '/^\s+validpgpkeys/{print \$2}'| while read pgpkey; do gpg --recv-key \$pgpkey; done" | tee -a $LOG
 	# nicely run makepkg with a timeout of $TIMEOUT hours
 	timeout -k $TIMEOUT.1h ${TIMEOUT}h /usr/bin/ionice -c 3 /usr/bin/nice \
 		schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -- bash -l -c "$MAKEPKG_ENV_VARS makepkg $MAKEPKG_OPTIONS 2>&1" | tee -a $LOG
@@ -248,6 +250,8 @@ second_build() {
 	echo $VERSION > $TMPDIR/b2/$SRCPACKAGE/build2.version
 	# show env variables
 	schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -u root -- su -c "bash -l -c '$MAKEPKG_ENV_VARS printenv 2>&1'" build2 | tee -a $LOG
+	# preseed GnuPG keys if relevant in order to get good error logs
+	schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -- bash -l -c "makepkg --printsrcinfo | awk -F ' = ' '/^\s+validpgpkeys/{print \$2}'| while read pgpkey; do gpg --recv-key \$pgpkey; done" | tee -a $LOG
 	# nicely run makepkg with a timeout of $TIMEOUT hours
 	timeout -k $TIMEOUT.1h ${TIMEOUT}h /usr/bin/ionice -c 3 /usr/bin/nice \
 		schroot --run-session -c $SESSION --directory "$BUILDDIR/$ACTUAL_SRCPACKAGE/trunk" -- bash -l -c "$MAKEPKG_ENV_VARS makepkg $MAKEPKG_OPTIONS 2>&1" | tee -a $LOG



View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/commit/1b36569b939ef68495d89c1b731c13d1f491c434

-- 
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/commit/1b36569b939ef68495d89c1b731c13d1f491c434
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20190118/fc20d826/attachment-0001.html>