[PATCH] submit signed .buildinfo files to buildinfo.debian.net
Mattia Rizzolo
mattia at debian.org
Fri Oct 28 17:20:11 UTC 2016
On Fri, Oct 28, 2016 at 06:14:39PM +0100, Chris Lamb wrote:
> HW42 wrote:
>
> > > +sign_buildinfo() {
> > > + # Greate GPG key if it does not already exist
> > > + if ! gpg --list-secret-keys | grep -qs '^sec' >/dev/null 2>&1
> >
> > Is this ever called concurrently?
>
> Not on a node AFAICT.
Yes it is.
On a single node there are several build jobs running, Holger can tell
you the number by heart (I'd need to count them), but I think they are
around 10 concurrent jobs at least.
Maybe the gpg key could be created by the deploy script instead (like, a
"jenkins node $NODE gpg key") and the build script use it only if it's
present already?
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20161028/7d39db4d/attachment.sig>
More information about the Reproducible-builds
mailing list