From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1082352-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 9D24A138334
	for <garchives@archives.gentoo.org>; Tue,  9 Apr 2019 05:22:50 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id B01D5E09A4;
	Tue,  9 Apr 2019 05:22:49 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 883BCE09A4
	for <gentoo-commits@lists.gentoo.org>; Tue,  9 Apr 2019 05:22:49 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id E0A83335CA0
	for <gentoo-commits@lists.gentoo.org>; Tue,  9 Apr 2019 05:22:47 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 4E915452
	for <gentoo-commits@lists.gentoo.org>; Tue,  9 Apr 2019 05:22:46 +0000 (UTC)
From: "Robin H. Johnson" <robbat2@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Robin H. Johnson" <robbat2@gentoo.org>
Message-ID: <1554787351.ba4f3b35b91889df2508a203d70d204151f1bd6f.robbat2@gentoo>
Subject: [gentoo-commits] proj/qa-scripts:master commit in: /
X-VCS-Repository: proj/qa-scripts
X-VCS-Files: create-dev-keyrings.bash
X-VCS-Directories: /
X-VCS-Committer: robbat2
X-VCS-Committer-Name: Robin H. Johnson
X-VCS-Revision: ba4f3b35b91889df2508a203d70d204151f1bd6f
X-VCS-Branch: master
Date: Tue,  9 Apr 2019 05:22:46 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: b26a3b76-4197-48fc-8e60-80a58dcafbf6
X-Archives-Hash: cc9f836beb856db4e41d21e461a845da

commit:     ba4f3b35b91889df2508a203d70d204151f1bd6f
Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Tue Apr  9 05:22:31 2019 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Tue Apr  9 05:22:31 2019 +0000
URL:        https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=ba4f3b35

create-dev-keyrings.bash: push keys back to keys.gentoo.org

Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 create-dev-keyrings.bash | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash
index 8e581b4..704e409 100755
--- a/create-dev-keyrings.bash
+++ b/create-dev-keyrings.bash
@@ -9,6 +9,10 @@ COMMIT_RULE='(&(gentooAccess=git.gentoo.org/repo/gentoo.git)(gentooStatus=active
 NONCOMMIT_RULE='(&(!(gentooAccess=git.gentoo.org/repo/gentoo.git))(gentooStatus=active))'
 RETIRED_RULE='(!(gentooStatus=active))'
 
+# this needs to move to HKPS as well, but that part is not yet deployed.
+KS_GENTOO=hkp://keys.gentoo.org/
+KS_SKS=hkps://hkps.pool.sks-keyservers.net/
+
 GPG_TMPDIR=$(mktemp -d)
 clean_tmp() {
 	rm -rf "$GPG_TMPDIR"
@@ -28,12 +32,9 @@ grab_keys() {
 	local missing=()
 	local remaining=( "${@}" )
 
-	# this needs to move to HKPS as well, but that part is not yet deployed.
-	KS1=hkp://keys.gentoo.org/
-	KS2=hkps://hkps.pool.sks-keyservers.net/
 	while :; do
-		timeout 5m  gpg --keyserver $KS1 -q --recv-keys "${remaining[@]}" || :
-		timeout 20m gpg --keyserver $KS2 -q --recv-keys "${remaining[@]}" || :
+		timeout 5m  gpg --keyserver $KS_GENTOO -q --recv-keys "${remaining[@]}" || :
+		timeout 20m gpg --keyserver $KS_SKS -q --recv-keys "${remaining[@]}" || :
 		missing=()
 		for key in "${remaining[@]}"; do
 			gpg --list-public "${key}" &>/dev/null || missing+=( "${key}" )
@@ -55,6 +56,12 @@ grab_keys() {
 	done
 }
 
+# push_keys <fingerprint>...
+push_keys() {
+	timeout 5m  gpg --keyserver $KS_GENTOO -q --send-keys "${remaining[@]}" || :
+	#timeout 5m  gpg --keyserver $KS_SKS -q --send-keys "${remaining[@]}" || :
+}
+
 export_keys() {
 	DST="$1"
 	TMP="${GPG_TMPDIR}"/$(basename "${DST}")
@@ -105,3 +112,9 @@ export_keys "${OUTPUT_DIR}"/all-devs.gpg \
 	"${COMMITTING_DEVS[@]}" \
 	"${NONCOMMITTING_DEVS[@]}" \
 	"${RETIRED_DEVS[@]}"
+
+# Populate keys.gentoo.org with the keys we have, since they might have come from SKS
+push_keys "${SYSTEM_KEYS[@]}"
+push_keys "${COMMITTING_DEVS[@]}"
+push_keys "${NONCOMMITTING_DEVS[@]}"
+push_keys "${RETIRED_DEVS[@]}"