fixup fadd6ac7: actually create GPG key for jenkins user and not for the user running update_jdn.sh

Signed-off-by: Holger Levsen <holger@layer-acht.org>

1 files changed, 8 insertions, 10 deletions

diff --git a/update_jdn.sh b/update_jdn.sh
index 0eb22491..e8aad062 100755
--- a/update_jdn.sh
+++ b/update_jdn.sh
@@ -678,16 +678,15 @@ if [ "$HOSTNAME" = "jenkins" ] || [ "$HOSTNAME" = "jenkins-test-vm" ] ; then
 	rm -f $TMPFILE
 fi
 
-# Greate GPG key on nodes if they do not already exist in order to sign .buildinfo files
-if [ "$HOSTNAME" != "jenkins" ] || [ "$HOSTNAME" = "jenkins-test-vm" ] ; then
-
-	if gpg --with-colons --fixed-list-mode --list-secret-keys | cut -d: -f1 | grep -qsFx 'sec' >/dev/null 2>&1
-	then
-		explain "$(date) Not generating GPG key as one already exists"
-	else
-		explain "$(date) Generating GPG key"
+#
+# Create GPG key for jenkins user if they do not already exist (eg. to sign .buildinfo files)
+#
+if sudo -u jenkins gpg --with-colons --fixed-list-mode --list-secret-keys | cut -d: -f1 | grep -qsFx 'sec' >/dev/null 2>&1 ; then
+	explain "$(date) Not generating GPG key as one already exists"
+else
+	explain "$(date) Generating GPG key"
 
-		gpg --no-tty --batch --gen-key <<EOF
+	sudo -u jenkins gpg --no-tty --batch --gen-key <<EOF
 Key-Type: RSA
 Key-Length: 4096
 Key-Usage: sign
@@ -698,7 +697,6 @@ Expire-Date: 0
 %no-protection
 %commit
 EOF
-	fi
 fi
 
 #