Changes method for setting trust level of GPG keys
This commit is contained in:
parent
effce163dc
commit
6deb09e5db
|
@ -10,6 +10,7 @@
|
|||
git_email: ''
|
||||
gpg_key_id: '' # optional
|
||||
ssh_key_name: '' # optional
|
||||
git_verify_sigs: true
|
||||
roles:
|
||||
- role: common
|
||||
tags: common
|
||||
|
|
|
@ -9,6 +9,7 @@ zcash_gitian_sigs_repo: https://github.com/zcash/gitian.sigs
|
|||
zcash_version: master
|
||||
gitian_host_ip: 10.0.2.15
|
||||
lxc_guest_ip: 10.0.3.5
|
||||
git_verify_sigs: false
|
||||
zcash_developer_pubkeys:
|
||||
- name: nathan
|
||||
id: ED417FBE79C99E8C
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
#!/usr/bin/expect
|
||||
|
||||
set timeout 5
|
||||
spawn /usr/bin/gpg2 --edit-key $argv 0 --yes trust quit
|
||||
expect "Your decision? " { send "5\n" }
|
||||
expect "Do you really want to set this key to ultimate trust? (y/N) " { send "y\n" }
|
||||
interact
|
|
@ -21,6 +21,7 @@
|
|||
- curl
|
||||
- debootstrap
|
||||
- git-core
|
||||
- gnupg2
|
||||
- kpartx
|
||||
- make
|
||||
- parted
|
||||
|
|
|
@ -1,18 +1,4 @@
|
|||
---
|
||||
- name: Install expect and GnuPG v2.
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- expect
|
||||
- gnupg2
|
||||
|
||||
- name: Copy trust-setting script.
|
||||
copy:
|
||||
src: set-trust.exp
|
||||
dest: /usr/local/bin/set-trust.exp
|
||||
mode: "0755"
|
||||
|
||||
- name: Download Zcash developer public keys from website.
|
||||
become: yes
|
||||
get_url:
|
||||
|
@ -29,7 +15,11 @@
|
|||
with_items: "{{ zcash_developer_pubkeys }}"
|
||||
|
||||
- name: Set Zcash developer public keys to ultimately trusted.
|
||||
command: "set-trust.exp {{ item.id }}"
|
||||
with_items: "{{ zcash_developer_pubkeys }}"
|
||||
shell: >
|
||||
gpg --list-keys --with-colons --with-fingerprint `gpg --list-keys
|
||||
--with-colons | grep "pub:f:.*:-:" |
|
||||
sed -r -e 's/pub:f:[0-9]+:[0-9]+:([A-F0-9]+):.*/0x\1/'` | grep "^fpr:" |
|
||||
sed -r -e 's/fpr:::::::::([0-9A-F]+):/\1:6:/' | gpg --import-ownertrust
|
||||
become_user: "{{ gitian_user }}"
|
||||
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
|
Loading…
Reference in New Issue