[gentoo-commits] proj/qa-scripts:master commit in: /

[Robin H. Johnson]

commit:     fbb6e9911b2cc8582f870acb23c2dacac8e2c077
Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 27 17:57:48 2022 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Sun Feb 27 17:57:48 2022 +0000
URL:        https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=fbb6e991

keyrings: add infra keyring

Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 create-dev-keyrings.bash | 6 ++++++
 keyrings.inc.bash        | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/create-dev-keyrings.bash b/create-dev-keyrings.bash
index 65b2b14..d0ea12a 100755
--- a/create-dev-keyrings.bash
+++ b/create-dev-keyrings.bash
@@ -27,6 +27,10 @@ export_keys "${OUTPUT_DIR}"/active-devs.gpg \
        "${COMMITTING_DEVS[@]}" \
        "${NONCOMMITTING_DEVS[@]}"
 
+grab_keys "${INFRA_DEVS[@]}"
+export_keys "${OUTPUT_DIR}"/infra-devs.gpg \
+       "${INFRA_DEVS[@]}"
+
 # -- not all are on keyservers
 # -- and are unlikely to turn up now
 # -- this needs to fetch from some archive instead
@@ -39,6 +43,7 @@ export_keys "${OUTPUT_DIR}"/all-devs.gpg \
        "${SYSTEM_KEYS[@]}" \
        "${COMMITTING_DEVS[@]}" \
        "${NONCOMMITTING_DEVS[@]}" \
+       "${INFRA_DEVS[@]}" \
        "${RETIRED_DEVS[@]}"
 
 # Populate keys.gentoo.org with the keys we have, since they might have come 
from SKS
@@ -47,4 +52,5 @@ export KEYSERVER_TIMEOUT=20m
 push_keys "${SYSTEM_KEYS[@]}"
 push_keys "${COMMITTING_DEVS[@]}"
 push_keys "${NONCOMMITTING_DEVS[@]}"
+push_keys "${INFRA_DEVS[@]}"
 push_keys "${RETIRED_DEVS[@]}"

diff --git a/keyrings.inc.bash b/keyrings.inc.bash
index bf45a86..7989d79 100644
--- a/keyrings.inc.bash
+++ b/keyrings.inc.bash
@@ -6,6 +6,7 @@ SYSTEM_BASE='ou=system,dc=gentoo,dc=org'
 
COMMIT_RULE='(&(gentooAccess=git.gentoo.org/repo/gentoo.git)(gentooStatus=active))'
 
NONCOMMIT_RULE='(&(!(gentooAccess=git.gentoo.org/repo/gentoo.git))(gentooStatus=active))'
 RETIRED_RULE='(!(gentooStatus=active))'
+INFRA_RULE='(&(gentooAccess=infra.group)(gentooStatus=active))'
 
 export KS_GENTOO=hkps://keys.gentoo.org/
 # Use local keyserver for speedup
@@ -18,6 +19,7 @@ export KEYSERVERS=( ) # empty by default
 export COMMITTING_DEVS=( )
 export NONCOMMITTING_DEVS=( )
 export RETIRED_DEVS=( )
+export INFRA_DEVS=( )
 export SYSTEM_KEYS=( )
 
 # grab_ldap_fingerprints <ldap-rule>
@@ -128,5 +130,6 @@ export_ldap_data_to_env() {
        export -a COMMITTING_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" 
"${COMMIT_RULE}") )
        export -a NONCOMMITTING_DEVS=( $(grab_ldap_fingerprints -b 
"${DEV_BASE}" "${NONCOMMIT_RULE}") )
        export -a RETIRED_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" 
"${RETIRED_RULE}") )
+       export -a INFRA_DEVS=( $(grab_ldap_fingerprints -b "${DEV_BASE}" 
"${INFRA_RULE}") )
        export -a SYSTEM_KEYS=( $(grab_ldap_fingerprints -b "${SYSTEM_BASE}" 
"${NONCOMMIT_RULE}") )
 }