[gentoo-commits] proj/qa-scripts:master commit in: /

Sat, 21 Jul 2018 11:57:27 -0700 

commit:     2e128d0ac18528149eabdb5d96114de480971abd
Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Sat Jul 21 18:56:41 2018 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Jul 21 18:56:41 2018 +0000
URL:        https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=2e128d0a

create-dev-keyrings: Include separate group for system users

 create-dev-keyrings.bash | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash
index 9190004..17bdfd4 100755
--- a/create-dev-keyrings.bash
+++ b/create-dev-keyrings.bash
@@ -2,13 +2,16 @@
 
 OUTPUT_DIR=${1:-.}
 
+DEV_BASE='ou=devs,dc=gentoo,dc=org'
+SYSTEM_BASE='ou=system,dc=gentoo,dc=org'
+
 
COMMIT_RULE='(&(gentooAccess=git.gentoo.org/repo/gentoo.git)(gentooStatus=active))'
 
NONCOMMIT_RULE='(&(!(gentooAccess=git.gentoo.org/repo/gentoo.git))(gentooStatus=active))'
 RETIRED_RULE='(!(gentooStatus=active))'
 
 # grab_ldap_fingerprints <ldap-rule>
 grab_ldap_fingerprints() {
-       ldapsearch "${1}" -Z gpgfingerprint -LLL |
+       ldapsearch "${@}" -Z gpgfingerprint -LLL |
                sed -n -e '/^gpgfingerprint: /{s/^.*://;s/ //g;p}' |
                sort -u |
                grep -v undefined
@@ -45,13 +48,15 @@ grab_keys() {
 
 set -e
 
-COMMITTING_DEVS=( $(grab_ldap_fingerprints "${COMMIT_RULE}") )
-NONCOMMITTING_DEVS=( $(grab_ldap_fingerprints "${NONCOMMIT_RULE}") )
-#RETIRED_DEVS=( $(grab_ldap_fingerprints "${RETIRED_RULE}") )
+COMMITTING_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${COMMIT_RULE}") )
+NONCOMMITTING_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" 
"${NONCOMMIT_RULE}") )
+#RETIRED_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" "${RETIRED_RULE}") )
+SYSTEM_KEYS=( $(grab_ldap_fingerprints -b "${SYSTEM_BASE}" 
"${NONCOMMIT_RULE}") )
 
-grab_keys "${COMMITTING_DEVS[@]}" "${NONCOMMITTING_DEVS[@]}"
+grab_keys "${COMMITTING_DEVS[@]}" "${NONCOMMITTING_DEVS[@]}" 
"${SYSTEM_KEYS[@]}"
 gpg --export "${COMMITTING_DEVS[@]}" > "${OUTPUT_DIR}"/committing-devs.gpg
 gpg --export "${COMMITTING_DEVS[@]}" "${NONCOMMITTING_DEVS[@]}" > 
"${OUTPUT_DIR}"/active-devs.gpg
+gpg --export "${SYSTEM_KEYS[@]}" > "${OUTPUT_DIR}"/release-keys.gpg
 # -- not all are on keyservers
 #grab_keys "${RETIRED_DEVS[@]}"
 #gpg --export > "${OUTPUT_DIR}"/all-devs.gpg

Reply via email to