[PATCH] submit signed .buildinfo files to buildinfo.debian.net
Holger Levsen
holger at layer-acht.org
Mon Oct 31 21:43:16 UTC 2016
On Sat, Oct 29, 2016 at 11:28:46AM +0100, Chris Lamb wrote:
> Updated sign-buildinfo-submissions-with-gpg-key. I didn't squash &
> force push so that dkg's contribution is correctly attributed. :)
cool!
> (I *think* I'm understanding how & where update_jdn.sh is called, so
> please check the conditional makes sense; we want the individual build
> notes to sign the keys, not the jenkins master).
thanks a lot! it just needed a small
we might use gpg signing for other purposes, so I removed that
constraint…
this is the result, seems to work nicely except one detail:
gpg: directory `/var/lib/jenkins/.gnupg' created
gpg: new configuration file `/var/lib/jenkins/.gnupg/gpg.conf' created
gpg: WARNING: options in `/var/lib/jenkins/.gnupg/gpg.conf' are not yet
active during this run
gpg: keyring `/var/lib/jenkins/.gnupg/secring.gpg' created
gpg: keyring `/var/lib/jenkins/.gnupg/pubring.gpg' created
gpg: /var/lib/jenkins/.gnupg/trustdb.gpg: trustdb created
wbq0: Mon Oct 31 21:38:09 UTC 2016 - Generating GPG key for jenkins
user.
gpg: skipping control `%no-ask-passphrase' ()
gpg: skipping control `%no-protection' ()
.......+++++
and
gpg: directory `/var/lib/jenkins/.gnupg' created
gpg: new configuration file `/var/lib/jenkins/.gnupg/gpg.conf' created
gpg: WARNING: options in `/var/lib/jenkins/.gnupg/gpg.conf' are not yet
active during this run
gpg: keyring `/var/lib/jenkins/.gnupg/secring.gpg' created
gpg: keyring `/var/lib/jenkins/.gnupg/pubring.gpg' created
gpg: /var/lib/jenkins/.gnupg/trustdb.gpg: trustdb created
jtk1a: Mon Oct 31 21:37:54 UTC 2016 - Generating GPG key for jenkins
user.
gpg: -:4: missing argument
humpf…
on *some* jessie hosts this worked nicely, however, eg:
gpg: /var/lib/jenkins/.gnupg/trustdb.gpg: trustdb created
jenkins: Mon Oct 31 21:37:25 UTC 2016 - Generating GPG key for jenkins
user.
gpg: skipping control `%no-ask-passphrase' ()
gpg: skipping control `%no-protection' ()
.........................+++++
.............+++++
gpg: key 6031ABAE marked as ultimately trusted
> Thanks to all for the feedback.
many thanks to you for pushing this!
are you getting signed .buildinfo files already? :-) from all hosts?
--
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20161031/8ec8b26a/attachment.sig>
More information about the Reproducible-builds
mailing list