[gentoo-commits] proj/docker-images:master commit in: /

Fri, 02 Jan 2026 18:57:10 -0800 

commit:     3b3b30aa18f8fe669b9106163e99afbaf9fc8134
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Jan  3 02:49:58 2026 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Jan  3 02:56:53 2026 +0000
URL:        https://gitweb.gentoo.org/proj/docker-images.git/commit/?id=3b3b30aa

{portage,stage3}.Dockerfile: always pass `--batch` to gpg

Per gpg(1):
> It is highly recommended to use this option along with the options --status-fd
> and --with-colons for any unattended use of gpg.  Should not be used in an 
> option file.

Signed-off-by: Sam James <sam <AT> gentoo.org>

 portage.Dockerfile | 6 +++---
 stage3.Dockerfile  | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/portage.Dockerfile b/portage.Dockerfile
index 7227f1a..aae59b3 100644
--- a/portage.Dockerfile
+++ b/portage.Dockerfile
@@ -32,10 +32,10 @@ RUN <<-EOF
        honor-http-proxy
        disable-ipv6
        GPG
-    gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} || \
-       gpg --auto-key-locate=clear,nodefault,wkd --locate-key 
[email protected]
+    gpg --batch --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} 
|| \
+       gpg --batch --auto-key-locate=clear,nodefault,wkd --locate-key 
[email protected]
     gpg --batch --passphrase '' --no-default-keyring --quick-generate-key 
me@localhost
-    gpg --no-default-keyring --quick-lsign-key ${SIGNING_KEY}
+    gpg --batch --no-default-keyring --quick-lsign-key ${SIGNING_KEY}
 
     gpg_temp=$(mktemp -d)
     gpg --batch --status-fd 3 --verify -- "${SNAPSHOT}.gpgsig" "${SNAPSHOT}" 
3> ${gpg_temp}/gpg.status

diff --git a/stage3.Dockerfile b/stage3.Dockerfile
index d08f9f7..cfa491b 100644
--- a/stage3.Dockerfile
+++ b/stage3.Dockerfile
@@ -36,14 +36,14 @@ RUN <<-EOF
        honor-http-proxy
        disable-ipv6
        GPG
-    gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} || \
-       gpg --auto-key-locate=clear,nodefault,wkd --locate-key [email protected]
+    gpg --batch --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} 
|| \
+       gpg --batch --auto-key-locate=clear,nodefault,wkd --locate-key 
[email protected]
     gpg --batch --passphrase '' --no-default-keyring --quick-generate-key 
me@localhost
-    gpg --no-default-keyring --quick-lsign-key ${SIGNING_KEY}
+    gpg --batch --no-default-keyring --quick-lsign-key ${SIGNING_KEY}
 
     # obtain and extract stage3
     wget -q -- "${DIST}/latest-stage3-${MICROARCH}${SUFFIX}.txt"
-    gpg --verify -- "latest-stage3-${MICROARCH}${SUFFIX}.txt"
+    gpg --batch --verify -- "latest-stage3-${MICROARCH}${SUFFIX}.txt"
     STAGE3PATH="$(sed -n '6p' "latest-stage3-${MICROARCH}${SUFFIX}.txt" | cut 
-f 1 -d ' ')"
     echo "STAGE3PATH:" ${STAGE3PATH}
     STAGE3="$(basename ${STAGE3PATH})"

Reply via email to