commit: 53a02f675dad2ec39eea52e2130a11b42977eab8
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 1 20:35:31 2019 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Mon Apr 1 20:35:31 2019 +0000
URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=53a02f67
create-dev-keyrings: try keys.gentoo.org as well
Try the new keys.gentoo.org rotation, prior to the general SKS rotation,
mostly because it's local and MUCH faster than the SKS network.
keys.g.o does NOT sync with SKS at this time, and does not yet offer
HKPS.
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
create-dev-keyrings.bash | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash
index 309be45..8e581b4 100755
--- a/create-dev-keyrings.bash
+++ b/create-dev-keyrings.bash
@@ -28,8 +28,12 @@ grab_keys() {
local missing=()
local remaining=( "${@}" )
+ # this needs to move to HKPS as well, but that part is not yet deployed.
+ KS1=hkp://keys.gentoo.org/
+ KS2=hkps://hkps.pool.sks-keyservers.net/
while :; do
- timeout 20m gpg -q --recv-keys "${remaining[@]}" || :
+ timeout 5m gpg --keyserver $KS1 -q --recv-keys
"${remaining[@]}" || :
+ timeout 20m gpg --keyserver $KS2 -q --recv-keys
"${remaining[@]}" || :
missing=()
for key in "${remaining[@]}"; do
gpg --list-public "${key}" &>/dev/null || missing+=(
"${key}" )
