commit: 39b69cb7d63d14f2816fd864eb60595680cfc94a
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Sat May 4 19:24:35 2019 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Sat May 4 19:24:35 2019 +0000
URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=39b69cb7
keyrings: check for any change before renaming new dump
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
keyrings.inc.bash | 24 +++++++++++++++++++-----
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/keyrings.inc.bash b/keyrings.inc.bash
index 54f0e8c..2b5ad9a 100644
--- a/keyrings.inc.bash
+++ b/keyrings.inc.bash
@@ -83,13 +83,27 @@ export_keys() {
# 'gpg --export' returns zero if there was no error with the command
itself
# If there are no keys in the export set, then it ALSO does not write
the destination file
# and prints 'gpg: WARNING: nothing exported' to stderr
- if gpg --output "$TMP" --export "${@}" && test -s "${TMP}"; then
- chmod a+r "${TMP}"
- mv "${TMP}" "${DST}"
- else
- echo "Unable to export keys to $DST"
+ if ! gpg --output "$TMP" --export "${@}"; then
+ echo "Unable to export keys to $DST: GPG returned non-zero"
+ exit 1
+ fi
+ if ! test -s "${TMP}"; then
+ echo "Unable to export keys to $DST: GPG returned zero but
generated empty file"
exit 1
fi
+ # We have a non-empty output now!
+ # Capture it in a textual format that can be compared for changes, but
make sure it exports correctly
+ if ! gpg --list-packets "${TMP}" >"${TMP}.packets.txt"; then
+ echo "Unable to export keys to $DST: GPG failed to list packets"
+ exit 1
+ fi
+ # Check if the textual format has changed at all, and emit the new
version
+ # if there are ANY changes at all.
+ if ! cmp -s "${DST}.packets.txt" "${TMP}.packets.txt"; then
+ chmod a+r "${TMP}"
+ mv -f "${TMP}" "${DST}"
+ mv -f "${TMP}.packets.txt" "${DST}.packets.txt"
+ fi
}
# populate common variables
