From 8bdd5bb476e3e4952bb3d6b79ae5fd446cb72b89 Mon Sep 17 00:00:00 2001 From: Chris Lamb Date: Fri, 28 Oct 2016 18:18:19 +0100 Subject: reproducible Debian: submit signed .buildinfo files to buildinfo.debian.net Signed-off-by: Holger Levsen --- bin/reproducible_build.sh | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/bin/reproducible_build.sh b/bin/reproducible_build.sh index 750dcc8d..3ea3eab4 100755 --- a/bin/reproducible_build.sh +++ b/bin/reproducible_build.sh @@ -773,6 +773,30 @@ check_buildinfo() { rm -f $TMPFILE1 $TMPFILE2 } +sign_buildinfo() { + # Greate GPG key if it does not already exist + if ! gpg --list-secret-keys | grep -qs '^sec' >/dev/null 2>&1 + then + log_info "Generating GPG key" + + gpg --batch --gen-key < - curl -X PUT --max-time 30 --data-binary @- "http://buildinfo.debian.net/api/submit?node=$NODE1" < ./b1/$BUILDINFO || true - curl -X PUT --max-time 30 --data-binary @- "http://buildinfo.debian.net/api/submit?node=$NODE2" < ./b2/$BUILDINFO || true + curl -X PUT --max-time 30 --data-binary @- "http://buildinfo.debian.net/api/submit?node=$NODE1" < ./b1/$BUILDINFO_SIGNED || true + curl -X PUT --max-time 30 --data-binary @- "http://buildinfo.debian.net/api/submit?node=$NODE2" < ./b2/$BUILDINFO_SIGNED || true log_info "Done submitting .buildinfo files." } @@ -848,6 +872,7 @@ elif [ "$1" = "1" ] || [ "$1" = "2" ] ; then else second_build fi + sign_buildinfo echo "$(date -u) - build #$MODE for $SRCPACKAGE/$SUITE/$ARCH on $HOSTNAME done." exit 0 elif [ "$2" != "" ] ; then -- cgit v1.2.3-70-g09d2