[dak/master] enable the buildd keyring stuff

To: debian-dak@lists.debian.org
Subject: [dak/master] enable the buildd keyring stuff
From: Joerg Jaspert <joerg@debian.org>
Date: Sat, 26 Mar 2011 10:35:30 +0000
Message-id: <[🔎] E1Q3QqA-0005Hw-8h@franck.debian.org>

Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
 config/backports/cron.hourly       |   16 +++++++++++++
 config/debian-security/cron.hourly |   43 ++++++++++++++++++++++++++++++++++++
 config/debian/cron.hourly          |   19 ++++++++++++++++
 scripts/debian/buildd-add-keys     |    3 ++
 4 files changed, 81 insertions(+), 0 deletions(-)
 create mode 100755 config/debian-security/cron.hourly

diff --git a/config/backports/cron.hourly b/config/backports/cron.hourly
index 24b8f90..fcab3b3 100755
--- a/config/backports/cron.hourly
+++ b/config/backports/cron.hourly
@@ -25,3 +25,19 @@ dak show-new > /dev/null
 $base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/removals.rss
 
 #$scriptsdir/generate-di
+
+# do the buildd key updates
+BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX)
+exec >> "${BUILDDFUN}" 2>&1
+#${scriptsdir}/buildd-remove-keys
+#${scriptsdir}/buildd-add-keys
+#${scriptsdir}/buildd-prepare-dir
+for keyring in $(dak admin k list-binary); do
+    dak import-keyring --generate-users "%s" ${keyring}
+done
+exec >>/dev/null 2>&1
+
+DATE=$(date -Is)
+cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org
+
+rm -f "${BUILDDFUN}"
diff --git a/config/debian-security/cron.hourly b/config/debian-security/cron.hourly
new file mode 100755
index 0000000..355cc50
--- /dev/null
+++ b/config/debian-security/cron.hourly
@@ -0,0 +1,43 @@
+#! /bin/bash
+#
+# Executed hourly via cron, out of dak's crontab.
+
+set -e
+set -u
+
+export SCRIPTVARS=/srv/security-master.debian.org/dak/config/debian-security/vars
+. $SCRIPTVARS
+
+# dak import-users-from-passwd
+# dak queue-report -n > $webdir/new.html
+# dak queue-report -8 -d new,byhand,proposedupdates,oldproposedupdates -r $webdir/stat
+# dak show-deferred -r $webdir/stat > ${webdir}/deferred.html
+# dak graph -n new,byhand,proposedupdates,oldproposedupdates,deferred -r $webdir/stat -i $webdir/stat -x $scriptsdir/rrd-release-freeze-dates
+# dak show-new > /dev/null
+
+# cd $webdir
+# cat removals-20*.txt > removals-full.txt
+# cat removals.txt >> removals-full.txt
+# cat removals-20*.822 > removals-full.822
+# cat removals.822 >> removals-full.822
+
+#$base/dak/tools/queue_rss.py -q $queuedir/new -o $webdir/rss/ -d $base/misc -l $base/log/
+#$base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/removals.rss
+
+#$scriptsdir/generate-di
+
+# do the buildd key updates
+BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX)
+exec >> "${BUILDDFUN}" 2>&1
+#${scriptsdir}/buildd-remove-keys
+#${scriptsdir}/buildd-add-keys
+#${scriptsdir}/buildd-prepare-dir
+for keyring in $(dak admin k list-binary); do
+    dak import-keyring --generate-users "%s" ${keyring}
+done
+exec >>/dev/null 2>&1
+
+DATE=$(date -Is)
+cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org
+
+rm -f "${BUILDDFUN}"
diff --git a/config/debian/cron.hourly b/config/debian/cron.hourly
index c20f4d1..aef24c0 100755
--- a/config/debian/cron.hourly
+++ b/config/debian/cron.hourly
@@ -30,7 +30,26 @@ cat removals.822 >> removals-full.822
 $base/dak/tools/queue_rss.py -q $queuedir/new -o $webdir/rss/ -d $base/misc -l $base/log/
 $base/dak/tools/removals.pl $configdir/removalsrss.rc > $webdir/rss/removals.rss
 
+
 # Tell ries to sync its tree
 ssh -o Batchmode=yes -o ConnectTimeout=30 -o SetupTimeout=30 -2 -i ${base}/s3kr1t/pushddmirror dak@ries.debian.org sync
 
 $scriptsdir/generate-di
+
+
+# do the buildd key updates
+BUILDDFUN=$(mktemp -p "${TMPDIR}" BUILDDFUN.XXXXXX)
+exec >> "${BUILDDFUN}" 2>&1
+${scriptsdir}/buildd-remove-keys
+${scriptsdir}/buildd-add-keys
+${scriptsdir}/buildd-prepare-dir
+
+for keyring in $(dak admin k list-binary); do
+    dak import-keyring --generate-users "%s" ${keyring}
+done
+exec >>/dev/null 2>&1
+
+DATE=$(date -Is)
+cat "${BUILDDFUN}" | mail -a "X-Debian: DAK" -e -s "[$(hostname -s)] Buildd key changes ${DATE}" buildd-keys@ftp-master.debian.org -- -F "Debian FTP Masters" -f ftpmaster@ftp-master.debian.org
+
+rm -f "${BUILDDFUN}"
diff --git a/scripts/debian/buildd-add-keys b/scripts/debian/buildd-add-keys
index d96fa75..1283838 100755
--- a/scripts/debian/buildd-add-keys
+++ b/scripts/debian/buildd-add-keys
@@ -74,6 +74,9 @@ fi
 
 trap cleanup ERR EXIT TERM HUP INT QUIT
 
+# Tell prepare-dir that there is an update and it can run
+touch "${STAMPFILE}"
+
 # Whenever something goes wrong, its put in there.
 mkdir -p "${ERRORS}"
 
-- 
1.7.2.5

Reply to:

Prev by Date: [dak/master] only run when there is something to do. also only update the keyrings for dsa if there was a change
Next by Date: [dak/master] run i-u-f-p inside c.h and not inside crontab
Previous by thread: [dak/master] only run when there is something to do. also only update the keyrings for dsa if there was a change
Next by thread: [dak/master] run i-u-f-p inside c.h and not inside crontab
Index(es):
- Date
- Thread