David, WOW, you’re a genius!!
This worked well and makes the Docerfiles clean. For the record, I dislike awk. What you had is exactly I would have done it if I understood gpg better. Now, if we can get consistent on the sha512 files, lol. Thanks, Rod. On 9/16/21, 11:55 AM, "David Blevins" <[email protected]> wrote: > On Sep 16, 2021, at 11:03 AM, Jenkins, Rodney J (Rod) <[email protected]> wrote: > > Hello David, > > Thank you for the response..... I think I understand the issue...... > > The script parses the KEYS file as such: > for key in `curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' | awk -F ' = ' '$1 ~ /^ +Key fingerprint$/ { gsub(" ", "", $2); print $2 }' | sort -u`; do \ > > The key you used that starts with 626C does not have the line "Key fingerprint = 626C..." > > Your output gave me the fingerprint I needed I added it to the Dockerfile manually and it was found in the key servers. Jean-Louis is in a similar boat. His finger print is there it is missing " Key fingerprint =" in front of it. Thanks for the explanation and pointer, Rod! I dug and found the loop in question. Looks like there's a way to get gpg to list the keys in a file without importing them and give us more consistent output to parse. $ cat KEYS | gpg --with-colons --import-options show-only --import I never learned awk, but here's a way to parse it: for key in $(curl -fsSL 'https://www.apache.org/dist/tomee/KEYS' |cat KEYS | gpg --with-colons --import-options show-only --import | grep '^fpr' | cut -d : -f 10 ); do # do the stuff done You could probably cook up something fancier with your awk skills :) -David
