minor adjustments to rpm signing

Check in Gary's adjustments to the RPM signing scripts. These changes were
present on the Jenkins server.

Signed-off-by: Ken Dreyer <ken.dreyer@inktank.com>

diff --git a/sign_and_index_rpm_repo.sh b/sign_and_index_rpm_repo.sh
index 45b2b6a636c95a4b63795e0ca5c80b6425e1f637..a146b7df3ae49d23556810257b438084cecd66b1 100755 (executable)
--- a/sign_and_index_rpm_repo.sh
+++ b/sign_and_index_rpm_repo.sh
@@ -35,7 +35,7 @@ do
     echo "indexing $dir"
     if [ -d $dir ] ; then
         createrepo $dir
-        gpg --detach-sign --armor -u $keyid $dir/repodata/repomd.xml
+        gpg --batch --yes --detach-sign --armor -u $keyid $dir/repodata/repomd.xml
     fi
 done
 

diff --git a/sign_rpms.sh b/sign_rpms.sh
index e494506eac90d23663d877b9ab92ccd295fbc5cd..cbb522d9bf4dece5927779a5cf15a48c5f4fd38f 100755 (executable)
--- a/sign_rpms.sh
+++ b/sign_rpms.sh
@@ -1,4 +1,4 @@
-#!/bin/bash -x
+#!/bin/bash
 
 set -e
 
@@ -23,9 +23,17 @@ echo "signing rpms, version $cephvers key $keyid"
 #rpm --addsign --define "_gpg_name $keyid" $rpm
 #use expect wrapper to supply null passphrase
 
+#shopt -s nocasematch
 for rpm in `find ${repodir}/${cephvers} -name "*.rpm"`
 do
-    $bindir/rpm-autosign.exp --define "_gpg_name $keyid" $rpm
+    signature=$(rpm -qi  -p $rpm 2>/dev/null | grep ^Signature)
+    if grep -iq $keyid <<< "$signature" ; then
+        echo "skipping: $rpm"
+    else
+        echo "signing:  $rpm"
+        $bindir/rpm-autosign.exp --define "_gpg_name $keyid" $rpm
+    fi
 done
+#shopt -u nocasematch
 
 echo done