From: Jessica Wagantall Date: Wed, 11 Sep 2019 20:17:37 +0000 (-0700) Subject: Fix import key release jobs X-Git-Tag: v0.43.0^0 X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=e823b65850383cef52df972e38c6e53648ed86b3;p=releng%2Fglobal-jjb.git Fix import key release jobs Import GPG signing key before verifying Gerrit tag details. Change-Id: I132fb8dbba51de995b0e42765344bf218340415c Signed-off-by: Jessica Wagantall --- diff --git a/releasenotes/notes/fix-import-sigul-key-release-904e6d1668a8db33.yaml b/releasenotes/notes/fix-import-sigul-key-release-904e6d1668a8db33.yaml new file mode 100644 index 00000000..c9ad3034 --- /dev/null +++ b/releasenotes/notes/fix-import-sigul-key-release-904e6d1668a8db33.yaml @@ -0,0 +1,4 @@ +--- +fixes: + - | + Import GPG signing key in release jobs before verifying Gerrit tag details. diff --git a/shell/release-job.sh b/shell/release-job.sh index 785bda4e..72b3baea 100644 --- a/shell/release-job.sh +++ b/shell/release-job.sh @@ -119,6 +119,8 @@ verify_version(){ } tag(){ + # Import public signing key + gpg --import "$SIGNING_PUBKEY" if git tag -v "$VERSION"; then echo "---> OK: Repo already tagged $VERSION Continuting to release" else @@ -126,7 +128,6 @@ tag(){ git tag -am "${PROJECT//\//-} $VERSION" "$VERSION" sigul --batch -c "$SIGUL_CONFIG" sign-git-tag "$SIGUL_KEY" "$VERSION" < "$SIGUL_PASSWORD" echo "Showing latest signature for $PROJECT:" - gpg --import "$SIGNING_PUBKEY" echo "git tag -v $VERSION" git tag -v "$VERSION"