diff options
author | Erich Eckner <git@eckner.net> | 2020-02-25 11:36:11 +0100 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2020-02-25 11:36:11 +0100 |
commit | ba0a8e203ac3a90f0660e71034e55809943a6319 (patch) | |
tree | 17e6d0ff5675901973550738fbe793ff678cc8a2 | |
parent | c8a00c0ce4c55d87480a118ebbae2e095ce3e5da (diff) | |
download | builder-ba0a8e203ac3a90f0660e71034e55809943a6319.tar.xz |
bin/generate-key-graph: compress information - do not duplicate packager keys for each master keyring
-rwxr-xr-x | bin/generate-key-graph | 59 |
1 files changed, 48 insertions, 11 deletions
diff --git a/bin/generate-key-graph b/bin/generate-key-graph index 17e6bd1..6dae873 100755 --- a/bin/generate-key-graph +++ b/bin/generate-key-graph @@ -67,10 +67,31 @@ expiration_color() { printf 'digraph "key-graph" {\n' printf 'rankdir=LR;\n' + mkdir "${tmp_dir}/gnupg" + while read -r s _; do + printf '%s\n' "${s}" \ + | base64 -w0 -d + done \ + <"${tmp_dir}/packager-keys" \ + | ${GPG} --import + while read -r _ fp; do + printf '"%s"[label="packager key %s\\n%s",color="#0000ff",fontcolor="%s"];\n' \ + "${fp}" \ + "${fp:0:8}" \ + "$(get_user_info "${fp}")" \ + "$(expiration_color "${fp}")" + done \ + <"${tmp_dir}/packager-keys" + + rm -rf --one-file-system "${tmp_dir}/gnupg" + find "${tmp_dir}" -type f -name 'archlinux32-*.pkg.tar*' \ | while read -r keyring_package; do mkdir "${tmp_dir}/gnupg" + kpf="${keyring_package##*/}" + kpf="${kpf%.pkg.tar*}" + { while read -r s _; do printf '%s\n' "${s}" \ @@ -88,32 +109,48 @@ expiration_color() { | cut -d: -f1 ) - while read -r _ fp; do - printf '"%s-%s"[label="packager key %s\\n%s",color="#0000ff",fontcolor="%s"];\n' \ - "${keyring_package##*/}" \ - "${fp}" \ - "${fp:0:8}" \ - "$(get_user_info "${fp}")" \ - "$(expiration_color "${fp}")" - done \ - <"${tmp_dir}/packager-keys" + printf 'subgraph "cluster %s" {\n' \ + "${kpf}" + printf 'label="%s";\n' \ + "${kpf}" bsdtar -Oxf "${keyring_package}" usr/share/pacman/keyrings/archlinux32-trusted \ | while IFS=: read -r fp _; do printf '"%s-%s"[label="master key %s\\n%s",color="#00ff00",fontcolor="%s"];\n' \ - "${keyring_package##*/}" \ + "${kpf}" \ "${fp}" \ "${fp:0:8}" \ "$(get_user_info "${fp}")" \ "$(expiration_color "${fp}")" done + + printf '}\n' + for key_id in ${all_keys}; do ${GPG} --list-sigs --with-colons "0x${key_id}" \ | grep -wF "${all_keys}" \ | grep '^sig:' \ | cut -d : -f 13 \ | grep -vxF "${key_id}" \ - | sed 's/^\S\+$/"'"${keyring_package##*/}"'-\0" -> "'"${keyring_package##*/}"'-'"${key_id}"'";/' + | while read -r sig; do + if cut -f2 \ + < "${tmp_dir}/packager-keys" \ + | grep -qxF "${sig}"; then + print_sig="${sig}" + else + print_sig="${kpf}-${sig}" + fi + if cut -f2 \ + < "${tmp_dir}/packager-keys" \ + | grep -qxF "${key_id}"; then + print_key="${key_id}" + else + print_key="${kpf}-${key_id}" + fi + printf '"%s" -> "%s";\n' \ + "${print_sig}" \ + "${print_key}" + done done \ | sort -u |