1 |
commit: 53a02f675dad2ec39eea52e2130a11b42977eab8 |
2 |
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Apr 1 20:35:31 2019 +0000 |
4 |
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Apr 1 20:35:31 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=53a02f67 |
7 |
|
8 |
create-dev-keyrings: try keys.gentoo.org as well |
9 |
|
10 |
Try the new keys.gentoo.org rotation, prior to the general SKS rotation, |
11 |
mostly because it's local and MUCH faster than the SKS network. |
12 |
|
13 |
keys.g.o does NOT sync with SKS at this time, and does not yet offer |
14 |
HKPS. |
15 |
|
16 |
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org> |
17 |
|
18 |
create-dev-keyrings.bash | 6 +++++- |
19 |
1 file changed, 5 insertions(+), 1 deletion(-) |
20 |
|
21 |
diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash |
22 |
index 309be45..8e581b4 100755 |
23 |
--- a/create-dev-keyrings.bash |
24 |
+++ b/create-dev-keyrings.bash |
25 |
@@ -28,8 +28,12 @@ grab_keys() { |
26 |
local missing=() |
27 |
local remaining=( "${@}" ) |
28 |
|
29 |
+ # this needs to move to HKPS as well, but that part is not yet deployed. |
30 |
+ KS1=hkp://keys.gentoo.org/ |
31 |
+ KS2=hkps://hkps.pool.sks-keyservers.net/ |
32 |
while :; do |
33 |
- timeout 20m gpg -q --recv-keys "${remaining[@]}" || : |
34 |
+ timeout 5m gpg --keyserver $KS1 -q --recv-keys "${remaining[@]}" || : |
35 |
+ timeout 20m gpg --keyserver $KS2 -q --recv-keys "${remaining[@]}" || : |
36 |
missing=() |
37 |
for key in "${remaining[@]}"; do |
38 |
gpg --list-public "${key}" &>/dev/null || missing+=( "${key}" ) |