You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by ho...@apache.org on 2018/02/12 23:26:31 UTC
[incubator-openwhisk-release] branch master updated: Validate the
secret key (#39)
This is an automated email from the ASF dual-hosted git repository.
houshengbo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-release.git
The following commit(s) were added to refs/heads/master by this push:
new f4339c2 Validate the secret key (#39)
f4339c2 is described below
commit f4339c2db842590537fd329a0f985d3b67910f05
Author: violagao <33...@users.noreply.github.com>
AuthorDate: Mon Feb 12 18:26:30 2018 -0500
Validate the secret key (#39)
---
tools/sign_artifacts.sh | 1 +
tools/travis/import_pgp_key.sh | 2 ++
tools/util.sh | 3 ---
tools/verify_local_artifacts.sh | 3 +--
tools/verify_remote_artifacts.sh | 6 +++---
5 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/tools/sign_artifacts.sh b/tools/sign_artifacts.sh
index 8695d11..a4b0992 100755
--- a/tools/sign_artifacts.sh
+++ b/tools/sign_artifacts.sh
@@ -40,6 +40,7 @@ for artifact in *.tar.gz; do
# The option --passphrase-fd does not work on Mac.
`gpg --yes --armor --output ${artifact}.asc --detach-sig ${artifact}`
elif [ $sysOS == "Linux" ];then
+ echo "started to sign it"
`echo $passphrase | gpg -c -q --passphrase-fd 0 --yes --armor --output ${artifact}.asc --detach-sig ${artifact}`
fi
done
diff --git a/tools/travis/import_pgp_key.sh b/tools/travis/import_pgp_key.sh
index 2998758..01e64e5 100755
--- a/tools/travis/import_pgp_key.sh
+++ b/tools/travis/import_pgp_key.sh
@@ -13,3 +13,5 @@ gpg --import $PARENTDIR/key_pub.gpg
echo "Load the private key."
gpg --allow-secret-key-import --import $PARENTDIR/key_sec.gpg
+
+gpg --list-keys
diff --git a/tools/util.sh b/tools/util.sh
index 36ddc8b..17720c6 100755
--- a/tools/util.sh
+++ b/tools/util.sh
@@ -12,9 +12,6 @@ function json_by_key() {
function import_key_verify_signature() {
key_url=$1
- dir=$2
- cd $dir
-
echo "Importing PGP keys"
curl $key_url | gpg --import && \
echo "[✓] GPG keys imported" \
diff --git a/tools/verify_local_artifacts.sh b/tools/verify_local_artifacts.sh
index 3a83484..78a94d7 100755
--- a/tools/verify_local_artifacts.sh
+++ b/tools/verify_local_artifacts.sh
@@ -7,7 +7,6 @@ echo "Verify the local artifacts with the KEYS"
SCRIPTDIR="$(cd $(dirname "$0")/ && pwd)"
source "$SCRIPTDIR/load_config.sh" $1 $2 $3
-mkdir -p $OPENWHISK_SVN
cd $OPENWHISK_SVN/$REMOTE_PATH
-import_key_verify_signature $STAGE_URL/KEYS $OPENWHISK_SVN/$REMOTE_PATH
+import_key_verify_signature $STAGE_URL/KEYS
diff --git a/tools/verify_remote_artifacts.sh b/tools/verify_remote_artifacts.sh
index ad4f330..0d50d24 100755
--- a/tools/verify_remote_artifacts.sh
+++ b/tools/verify_remote_artifacts.sh
@@ -7,7 +7,8 @@ echo "Verify the remote artifacts with the KEYS"
SCRIPTDIR="$(cd $(dirname "$0")/ && pwd)"
source "$SCRIPTDIR/load_config.sh" $1 $2 $3
-mkdir -p $OPENWHISK_SVN
+rm -rf $OPENWHISK_SVN
+mkdir -p $OPENWHISK_SVN/$REMOTE_PATH
cd $OPENWHISK_SVN
# Remove the local folder, because we are about to download the artifacts from the staging folder.
@@ -15,7 +16,6 @@ rm -rf $REMOTE_PATH
# Check out the artifacts.
svn co $CURRENT_VERSION_URL $REMOTE_PATH
-
cd $REMOTE_PATH
-import_key_verify_signature $STAGE_URL/KEYS $OPENWHISK_SVN/$REMOTE_PATH
+import_key_verify_signature $STAGE_URL/KEYS
--
To stop receiving notification emails like this one, please contact
houshengbo@apache.org.