On Tue, Nov 01, 2016 at 12:18:27PM -0400, Daniel Kahn Gillmor wrote:
> > It's defined by bash. (And not exported to the environment)
> isn't hostname(1) a more reliable construct?
yes, it is.
however, jenkins.debian.net.git assumes (+demands) bash in so many places…
--
cheers,
Holger
On Tue 2016-11-01 11:49:42 -0400, Daniel Shahaf wrote:
> Mattia Rizzolo wrote on Tue, Nov 01, 2016 at 11:18:37 +:
>> On Tue, Nov 01, 2016 at 11:12:44AM +, Chris Lamb wrote:
>> > Feel free to change to -f
>>
>> Holger changed that to ${HOSTNAME}, a variable that I've never
>> understood
Mattia Rizzolo wrote on Tue, Nov 01, 2016 at 11:18:37 +:
> On Tue, Nov 01, 2016 at 11:12:44AM +, Chris Lamb wrote:
> > Feel free to change to -f
>
> Holger changed that to ${HOSTNAME}, a variable that I've never
> understood where it comes from
It's defined by bash. (And not exported to
On Tue, Nov 01, 2016 at 11:12:44AM +, Chris Lamb wrote:
> No need to bite my head off ;)
Oh, sorry, clearly I wasn't trying to put you in the pillory! :*
> Feel free to change to -f
Holger changed that to ${HOSTNAME}, a variable that I've never
understood where it comes from, but it does
Mattia Rizzolo wrote:
> umh, no.
No need to bite my head off ;) Just reporting what I saw on my machines;
they are like misconfigured in a myriad of different ways! Thanks for the
correction!
Feel free to change to -f
Regards,
--
,''`.
: :' : Chris Lamb
`. `'`
On Mon 2016-10-31 20:46:14 -0400, Holger Levsen wrote:
> On Mon, Oct 31, 2016 at 08:42:28PM -0400, Daniel Kahn Gillmor wrote:
>> This is not a glitch at all, these are instructions that will make it
>> work well with gpg 2.1.x, and are harmless in 1.4.x. Please keep it
>> intact, since reasonable
On Mon, Oct 31, 2016 at 08:42:28PM -0400, Daniel Kahn Gillmor wrote:
> This is not a glitch at all, these are instructions that will make it
> work well with gpg 2.1.x, and are harmless in 1.4.x. Please keep it
> intact, since reasonable people will want to use modern GnuPG. :)
reasonable people
On Mon 2016-10-31 19:52:13 -0400, Holger Levsen wrote:
> still, there is this glitch:
>
> gpg: skipping control `%no-ask-passphrase' ()
> gpg: skipping control `%no-protection' ()
>
> Is that harmless?
This is not a glitch at all, these are instructions that will make it
work well with gpg 2.1.x,
On Mon, Oct 31, 2016 at 11:00:18PM +, Chris Lamb wrote:
> > > we might use gpg signing for other purposes, so I removed that
> > > constraint…
> Constraint? I'd really prefer it if each node had its own key. That way I
> can throw away the nasty ?node=$NODE blah of the submission.
sure. but
On Mon 2016-10-31 19:00:18 -0400, Chris Lamb wrote:
> Daniel Kahn Gillmor wrote:
>
>> > we might use gpg signing for other purposes, so I removed that
>> > constraint…
fwiw, i didn't say this ↑↑ but it looks like you're attributing it to me
:/
>> "hostname -a", which was silently changed from
On Mon, Oct 31, 2016 at 11:00:18PM +, Chris Lamb wrote:
> > "hostname -a", which was silently changed from "hostname -f" in the
> > prior version.
>
> hostname -f returns just my local hostname whilst -a returns the fully-
> qualified version with a domain name. I would far prefer seeing the
On Mon, Oct 31, 2016 at 09:43:16PM +, Holger Levsen wrote:
> jtk1a: Mon Oct 31 21:37:54 UTC 2016 - Generating GPG key for jenkins user.
> gpg: -:4: missing argument
>
> humpf…
yup, I can reproduce it…
holger@jtk1a:~$ sudo -u jenkins gpg --no-tty --batch --gen-key
< Key-Type: RSA
>
On Fri, Oct 28, 2016 at 06:19:19PM +0100, Chris Lamb wrote:
> > please update your patch :)
> "sign-buildinfo-submissions-with-gpg-key" branch updated.
cool, thanks!
however, thanks to Mattia, I wont take it as it is anymore, as he is
right, the key should be created in update_jdn.sh on
On Fri, Oct 28, 2016 at 06:14:39PM +0100, Chris Lamb wrote:
> > > mail -s "buildinfo from $NODE1" sub...@buildinfo.kfreebsd.eu <
> > > ./b1/$BUILDINFO || true
> > > mail -s "buildinfo from $NODE2" sub...@buildinfo.kfreebsd.eu <
> > > ./b2/$BUILDINFO || true
> > I think you should also submit
On Fri, Oct 28, 2016 at 05:20:11PM +, Mattia Rizzolo wrote:
> Maybe the gpg key could be created by the deploy script instead (like, a
> "jenkins node $NODE gpg key") and the build script use it only if it's
> present already?
yes, please. (I'll happily merge such code.)
--
cheers,
Chris Lamb:
> HW42 wrote:
[...]
>>> +Subkey-Type: ELG-E
>>> +Subkey-Length: 1024
>>
>> Huh?
>
> Suggestions welcome. I cribbed it from the internet.
[...]
> Just to re-iterate — and I hope this comes across the right way! — but
> the current state of buildinfo.debian.net is really just a hack, a
On Fri, Oct 28, 2016 at 06:14:39PM +0100, Chris Lamb wrote:
> HW42 wrote:
>
> > > +sign_buildinfo() {
> > > + # Greate GPG key if it does not already exist
> > > + if ! gpg --list-secret-keys | grep -qs '^sec' >/dev/null 2>&1
> >
> > Is this ever called concurrently?
>
> Not on a node AFAICT.
HW42 wrote:
> > +sign_buildinfo() {
> > + # Greate GPG key if it does not already exist
> > + if ! gpg --list-secret-keys | grep -qs '^sec' >/dev/null 2>&1
>
> Is this ever called concurrently?
Not on a node AFAICT.
> > +Subkey-Type: ELG-E
> > +Subkey-Length: 1024
>
> Huh?
Suggestions
> +sign_buildinfo() {
> + # Greate GPG key if it does not already exist
> + if ! gpg --list-secret-keys | grep -qs '^sec' >/dev/null 2>&1
Is this ever called concurrently?
> +Subkey-Type: ELG-E
> +Subkey-Length: 1024
Huh?
> mail -s "buildinfo from $NODE1"
On Fri, Oct 28, 2016 at 12:57:12PM +0100, Chris Lamb wrote:
> For now, please just remove them.
please update your patch :)
> Whilst buildinfo.debian.net is in flux, lets keep the existing .buildinfo
> files just as they are (ie. unsigned for the time being)
makes sense, thanks!
--
cheers,
Hi,
On Fri, Oct 28, 2016 at 12:30:55PM +0100, Chris Lamb wrote:
> Attached is the following:
>
> commit 97857695251a979b31bcf1e6c021c948f206db47
> reproducible Debian: Use our log_info method instead of manual echo
> calls.
nice catch, thanks! (+merged…)
> commit
21 matches
Mail list logo