summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2020-02-25 11:36:11 +0100
committerErich Eckner <git@eckner.net>2020-02-25 11:36:11 +0100
commitba0a8e203ac3a90f0660e71034e55809943a6319 (patch)
tree17e6d0ff5675901973550738fbe793ff678cc8a2
parentc8a00c0ce4c55d87480a118ebbae2e095ce3e5da (diff)
downloadbuilder-ba0a8e203ac3a90f0660e71034e55809943a6319.tar.xz
bin/generate-key-graph: compress information - do not duplicate packager keys for each master keyring
-rwxr-xr-xbin/generate-key-graph59
1 files changed, 48 insertions, 11 deletions
diff --git a/bin/generate-key-graph b/bin/generate-key-graph
index 17e6bd1..6dae873 100755
--- a/bin/generate-key-graph
+++ b/bin/generate-key-graph
@@ -67,10 +67,31 @@ expiration_color() {
printf 'digraph "key-graph" {\n'
printf 'rankdir=LR;\n'
+ mkdir "${tmp_dir}/gnupg"
+ while read -r s _; do
+ printf '%s\n' "${s}" \
+ | base64 -w0 -d
+ done \
+ <"${tmp_dir}/packager-keys" \
+ | ${GPG} --import
+ while read -r _ fp; do
+ printf '"%s"[label="packager key %s\\n%s",color="#0000ff",fontcolor="%s"];\n' \
+ "${fp}" \
+ "${fp:0:8}" \
+ "$(get_user_info "${fp}")" \
+ "$(expiration_color "${fp}")"
+ done \
+ <"${tmp_dir}/packager-keys"
+
+ rm -rf --one-file-system "${tmp_dir}/gnupg"
+
find "${tmp_dir}" -type f -name 'archlinux32-*.pkg.tar*' \
| while read -r keyring_package; do
mkdir "${tmp_dir}/gnupg"
+ kpf="${keyring_package##*/}"
+ kpf="${kpf%.pkg.tar*}"
+
{
while read -r s _; do
printf '%s\n' "${s}" \
@@ -88,32 +109,48 @@ expiration_color() {
| cut -d: -f1
)
- while read -r _ fp; do
- printf '"%s-%s"[label="packager key %s\\n%s",color="#0000ff",fontcolor="%s"];\n' \
- "${keyring_package##*/}" \
- "${fp}" \
- "${fp:0:8}" \
- "$(get_user_info "${fp}")" \
- "$(expiration_color "${fp}")"
- done \
- <"${tmp_dir}/packager-keys"
+ printf 'subgraph "cluster %s" {\n' \
+ "${kpf}"
+ printf 'label="%s";\n' \
+ "${kpf}"
bsdtar -Oxf "${keyring_package}" usr/share/pacman/keyrings/archlinux32-trusted \
| while IFS=: read -r fp _; do
printf '"%s-%s"[label="master key %s\\n%s",color="#00ff00",fontcolor="%s"];\n' \
- "${keyring_package##*/}" \
+ "${kpf}" \
"${fp}" \
"${fp:0:8}" \
"$(get_user_info "${fp}")" \
"$(expiration_color "${fp}")"
done
+
+ printf '}\n'
+
for key_id in ${all_keys}; do
${GPG} --list-sigs --with-colons "0x${key_id}" \
| grep -wF "${all_keys}" \
| grep '^sig:' \
| cut -d : -f 13 \
| grep -vxF "${key_id}" \
- | sed 's/^\S\+$/"'"${keyring_package##*/}"'-\0" -> "'"${keyring_package##*/}"'-'"${key_id}"'";/'
+ | while read -r sig; do
+ if cut -f2 \
+ < "${tmp_dir}/packager-keys" \
+ | grep -qxF "${sig}"; then
+ print_sig="${sig}"
+ else
+ print_sig="${kpf}-${sig}"
+ fi
+ if cut -f2 \
+ < "${tmp_dir}/packager-keys" \
+ | grep -qxF "${key_id}"; then
+ print_key="${key_id}"
+ else
+ print_key="${kpf}-${key_id}"
+ fi
+ printf '"%s" -> "%s";\n' \
+ "${print_sig}" \
+ "${print_key}"
+ done
done \
| sort -u