[dak/master] only run when there is something to do. also only update the keyrings for dsa if there was a change
Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
scripts/debian/buildd-add-keys | 12 ++++++++++--
scripts/debian/buildd-prepare-dir | 30 +++++++++++++++++-------------
scripts/debian/buildd-remove-keys | 15 +++++++++++++--
3 files changed, 40 insertions(+), 17 deletions(-)
diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys
index 2ba4bac..d96fa75 100755
--- a/scripts/debian/buildd-add-keys
+++ b/scripts/debian/buildd-add-keys
@@ -51,12 +51,12 @@ function cleanup() {
done
exit $ERRVAL
}
-trap cleanup ERR EXIT TERM HUP INT QUIT
base="${base}/scripts/builddkeyrings"
INCOMING="${base}/incoming"
ERRORS="${base}/errors"
ADMINS="${base}/adminkeys.gpg"
+STAMPFILE="${base}/updatedkeyring"
# Default options for our gpg calls
DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting"
@@ -66,11 +66,19 @@ if ! [ -d "${INCOMING}" ]; then
exit 1
fi
+cd "${INCOMING}"
+KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.key | sed -e "s,./,," | xargs)
+if [ -z "${KEYS}" ]; then
+ exit 0
+fi
+
+trap cleanup ERR EXIT TERM HUP INT QUIT
+
# Whenever something goes wrong, its put in there.
mkdir -p "${ERRORS}"
# We process all new files in our incoming directory
-for file in $(ls -1 ${INCOMING}/*.key); do
+for file in ${KEYS}; do
file=${file##*/}
# First we want to see if we recognize the filename. The buildd people have
# to follow a certain schema:
diff --git a/scripts/debian/buildd-prepare-dir b/scripts/debian/buildd-prepare-dir
index d8ae922..df4b098 100755
--- a/scripts/debian/buildd-prepare-dir
+++ b/scripts/debian/buildd-prepare-dir
@@ -42,20 +42,24 @@ GNUPGHOME="${base}/s3kr1t/dot-gnupg"
base="${base}/scripts/builddkeyrings"
TARGET="${base}/keyrings"
REMOVED="${base}/removed-buildd-keys.gpg"
+STAMPFILE="${base}/updatedkeyring"
-mkdir -p "${TARGET}/keyrings"
+mkdir -p "${TARGET}/buildd-keyrings"
-for arch in $archs; do
- if [ -f ${base}/${arch}/keyring.gpg ]; then
- cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
- chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
- fi
-done
+if [ -f "${STAMPFILE}" ]; then
+ rm -f "${STAMPFILE}"
+ for arch in $archs; do
+ if [ -f ${base}/${arch}/keyring.gpg ]; then
+ cp -afl ${base}/${arch}/keyring.gpg ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
+ chmod 0644 ${TARGET}/buildd-keyrings/buildd-${arch}-keyring.gpg
+ fi
+ done
-cd ${TARGET}
-sha512sum buildd-keyrings/* > sha512sums
+ cd ${TARGET}
+ sha512sum buildd-keyrings/* > sha512sums
-rm -f ${TARGET}/sha512sums.txt
-SIGNINGKEY=B1326A8D
-GNUPGHOME=${GNUPGHOME} gpg --no-options --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums"
-rm -f ${TARGET}/sha512sums
+ rm -f ${TARGET}/sha512sums.txt
+ SIGNINGKEY=B1326A8D
+ GNUPGHOME=${GNUPGHOME} gpg --no-options --batch --no-tty --armour --default-key ${SIGNINGKEY} --clearsign -o "${TARGET}/sha512sums.txt" "${TARGET}/sha512sums"
+ rm -f ${TARGET}/sha512sums
+fi
diff --git a/scripts/debian/buildd-remove-keys b/scripts/debian/buildd-remove-keys
index 0ea4c23..3591785 100755
--- a/scripts/debian/buildd-remove-keys
+++ b/scripts/debian/buildd-remove-keys
@@ -51,13 +51,13 @@ function cleanup() {
done
exit $ERRVAL
}
-trap cleanup ERR EXIT TERM HUP INT QUIT
base="${base}/scripts/builddkeyrings"
INCOMING="${base}/incoming"
ERRORS="${base}/errors"
ADMINS="${base}/adminkeys.gpg"
REMOVED="${base}/removed-buildd-keys.gpg"
+STAMPFILE="${base}/updatedkeyring"
# Default options for our gpg calls
DEFGPGOPT="--no-default-keyring --batch --no-tty --no-options --exit-on-status-write-error --no-greeting"
@@ -67,11 +67,22 @@ if ! [ -d "${INCOMING}" ]; then
exit 1
fi
+cd "${INCOMING}"
+KEYS=$(find . -maxdepth 1 -mindepth 1 -type f -name \*.del | sed -e "s,./,," | xargs)
+if [ -z "${KEYS}" ]; then
+ exit 0
+fi
+
+trap cleanup ERR EXIT TERM HUP INT QUIT
+
+# Tell prepare-dir that there is an update and it can run
+touch "${STAMPFILE}"
+
# Whenever something goes wrong, its put in there.
mkdir -p "${ERRORS}"
# We process all new files in our incoming directory
-for file in $(ls -1 ${INCOMING}/*.del ); do
+for file in ${KEYS}; do
file=${file##*/}
# First we want to see if we recognize the filename. The buildd people have
# to follow a certain schema:
--
1.7.2.5
Reply to: