summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Levsen <holger@layer-acht.org>2016-10-31 22:34:34 +0100
committerHolger Levsen <holger@layer-acht.org>2016-10-31 22:34:34 +0100
commite361cd00f5f35496be8fedc2c7aa3d741a1c5ff7 (patch)
tree0a11f31e7aae04c2943dc96f7fd6a412344583be
parentfadd6ac719be7514ee0f54a787b36df81fda17df (diff)
downloadjenkins.debian.net-e361cd00f5f35496be8fedc2c7aa3d741a1c5ff7.tar.xz
fixup fadd6ac7: actually create GPG key for jenkins user and not for the user running update_jdn.sh
Signed-off-by: Holger Levsen <holger@layer-acht.org>
-rwxr-xr-xupdate_jdn.sh18
1 files changed, 8 insertions, 10 deletions
diff --git a/update_jdn.sh b/update_jdn.sh
index 0eb22491..e8aad062 100755
--- a/update_jdn.sh
+++ b/update_jdn.sh
@@ -678,16 +678,15 @@ if [ "$HOSTNAME" = "jenkins" ] || [ "$HOSTNAME" = "jenkins-test-vm" ] ; then
rm -f $TMPFILE
fi
-# Greate GPG key on nodes if they do not already exist in order to sign .buildinfo files
-if [ "$HOSTNAME" != "jenkins" ] || [ "$HOSTNAME" = "jenkins-test-vm" ] ; then
-
- if gpg --with-colons --fixed-list-mode --list-secret-keys | cut -d: -f1 | grep -qsFx 'sec' >/dev/null 2>&1
- then
- explain "$(date) Not generating GPG key as one already exists"
- else
- explain "$(date) Generating GPG key"
+#
+# Create GPG key for jenkins user if they do not already exist (eg. to sign .buildinfo files)
+#
+if sudo -u jenkins gpg --with-colons --fixed-list-mode --list-secret-keys | cut -d: -f1 | grep -qsFx 'sec' >/dev/null 2>&1 ; then
+ explain "$(date) Not generating GPG key as one already exists"
+else
+ explain "$(date) Generating GPG key"
- gpg --no-tty --batch --gen-key <<EOF
+ sudo -u jenkins gpg --no-tty --batch --gen-key <<EOF
Key-Type: RSA
Key-Length: 4096
Key-Usage: sign
@@ -698,7 +697,6 @@ Expire-Date: 0
%no-protection
%commit
EOF
- fi
fi
#