summaryrefslogtreecommitdiff
path: root/commitpkg.in
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2012-02-15 20:11:03 +1000
committerPierre Schmitz <pierre@archlinux.de>2012-02-15 11:25:49 +0100
commitafc93f3430fae17291edabb8d280d1cb532d9c7c (patch)
tree8daf37b1253f05bace7f9a7c1b7f04deae422ef3 /commitpkg.in
parent9ab0d94578af8e79b64809b07346db89a07b7f61 (diff)
downloaddevtools-afc93f3430fae17291edabb8d280d1cb532d9c7c.tar.xz
Always sign unsigned packages
We do not allow packages to be uploaded without signatures so force all unsigned packages to be signed. This has the bonus of not breaking makepkg signing support by requiring you use an internal makepkg variable. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Diffstat (limited to 'commitpkg.in')
-rw-r--r--commitpkg.in12
1 files changed, 4 insertions, 8 deletions
diff --git a/commitpkg.in b/commitpkg.in
index 8139090..4ce0f7b 100644
--- a/commitpkg.in
+++ b/commitpkg.in
@@ -143,21 +143,17 @@ for _arch in ${arch[@]}; do
uploads+=("$pkgfile")
sigfile="${pkgfile}.sig"
- if [[ $SIGNPKG == 'y' && ! -f $sigfile ]]; then
+ if [[ ! -f $sigfile ]]; then
msg "Signing package ${pkgfile}..."
if [[ -n $GPGKEY ]]; then
SIGNWITHKEY="-u ${GPGKEY}"
fi
gpg --detach-sign --use-agent ${SIGNWITHKEY} "${pkgfile}" || die
fi
- if [[ -f $sigfile ]]; then
- if ! gpg --verify "$sigfile" >/dev/null 2>&1; then
- die "Signature ${pkgfile}.sig is incorrect!"
- fi
- uploads+=("$sigfile")
- else
- die "Signature ${pkgfile}.sig was not found"
+ if ! gpg --verify "$sigfile" >/dev/null 2>&1; then
+ die "Signature ${pkgfile}.sig is incorrect!"
fi
+ uploads+=("$sigfile")
done
done