1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
#!/bin/sh
TMPSIG=$(mktemp)
TMPLNK=$(mktemp)
TMPSIG1=$(mktemp -t XXXXXXXX.2000)
TMPSIG3=$(mktemp -t XXXXXXXX.2018)
TMPSIG4=$(mktemp -t XXXXXXXX.2019)
TMPSIG2020=$(mktemp -t XXXXXXXX.2020)
TMPSIG2021=$(mktemp -t XXXXXXXX.2021)
TMPSIG2022=$(mktemp -t XXXXXXXX.2022)
cd /home/rpmbuild/site/rpms
for dep in fedora/{33,34,35,36}/*/{i386,x86_64} enterprise/{7,8,9}/*/{i386,x86_64,armhfp,aarch64}
do
[[ $dep =~ /modular ]] && continue
[[ $dep =~ /debug-modular ]] && continue
arch=${dep##*/}
LST=""
if [ -d $dep/repodata -a $dep -nt $dep/repodata -a ! -f $dep/.closed ]
then echo "== Nouveaux RPM dans $dep =="
if [ $arch = x86_64 ]
then
find $dep -name \*.rpm -a -newer $dep/repodata -print >>$TMPSIG
else
find $dep -name \*.noarch.rpm -a -newer $dep/repodata -print >>$TMPLNK
find $dep -name \*.i?86.rpm -a -newer $dep/repodata -print >>$TMPSIG
fi
fi
done
find SRPMS -name \*.rpm -a -newer SRPMS/repodata -print >>$TMPSIG
if [ -s $TMPSIG ]; then
echo "À signer:"; sort < $TMPSIG
# old
grep el7 $TMPSIG > $TMPSIG1
# 2018
grep el8 $TMPSIG > $TMPSIG3
# 2019
grep fc30 $TMPSIG > $TMPSIG4
grep fc31 $TMPSIG >> $TMPSIG4
# 2020
grep fc32 $TMPSIG > $TMPSIG2020
grep fc33 $TMPSIG >> $TMPSIG2020
# 2021
grep fc34 $TMPSIG > $TMPSIG2021
grep fc35 $TMPSIG >> $TMPSIG2021
grep el9 $TMPSIG >> $TMPSIG2021
# 2022
grep fc36 $TMPSIG > $TMPSIG2022
grep src.rpm $TMPSIG >> $TMPSIG2022
if [ -s $TMPSIG2022 ]; then
echo "== Signature des $(cat $TMPSIG2022 | wc -l) nouveaux RPM (2022) =="
if rpmsign --define '_gpg_path /home/remi/.gnupgrpm' --define "_gpg_name 845160D23149DAD504F0A32D83C0639E1FEF0014" --addsign $(cat $TMPSIG2022)
then echo done.
else exit 1
fi
fi
if [ -s $TMPSIG2021 ]; then
echo "== Signature des $(cat $TMPSIG2021 | wc -l) nouveaux RPM (2021) =="
if rpmsign --define '_gpg_path /home/remi/.gnupg2021' --define "_gpg_name B1ABF71E14C9D74897E198A8B19527F1478F8947" --addsign $(cat $TMPSIG2021)
then echo done.
else exit 1
fi
fi
if [ -s $TMPSIG2020 ]; then
echo "== Signature des $(cat $TMPSIG2020 | wc -l) nouveaux RPM (2020) =="
if rpmsign --define '_gpg_path /home/remi/.gnupg2020' --define "_gpg_name 34C10BDBCC6F1B252E50BA1A0714919E4C21A808" --addsign $(cat $TMPSIG2020)
then echo done.
else exit 1
fi
fi
if [ -s $TMPSIG4 ]; then
echo "== Signature des $(cat $TMPSIG4 | wc -l) nouveaux RPM (2019) =="
if rpmsign --define '_gpg_path /home/remi/.gnupg2019' --define "_gpg_name 5F136145BF10369B7685D8DE503666CCBBAE6F1B" --addsign $(cat $TMPSIG4)
then echo done.
else exit 1
fi
fi
if [ -s $TMPSIG3 ]; then
echo "== Signature des $(cat $TMPSIG3 | wc -l) nouveaux RPM (2018) =="
if rpmsign --define '_gpg_path /home/remi/.gnupg2018' --define "_gpg_name 6B38FEA7231F87F52B9CA9D8555097595F11735A" --addsign $(cat $TMPSIG3)
then echo done.
else exit 1
fi
fi
if [ -s $TMPSIG1 ]; then
echo "== Signature des $(cat $TMPSIG1 | wc -l) nouveaux RPM (old) =="
if rpmsign --define '_gpg_path /home/remi/.gnupgrpm' --define "_gpg_name 1EE04CCE88A4AE4AA29A5DF5004E6F4700F97F56" --addsign $(cat $TMPSIG1)
then echo done.
else exit 1
fi
fi
else echo "Rien à signer."
fi
if [ -s $TMPLNK ]
then echo "== Création des liens (noarch) =="
cat $TMPLNK | while read dest
do
srce=${dest/\/ppc64/\/x86_64}
srce=${srce/\/ppc/\/x86_64}
srce=${srce/\/i386/\/x86_64}
srce=${srce/\/armhfp/\/x86_64}
srce=${srce/\/aarch64/\/x86_64}
ln -f $srce $dest && echo $dest
done
else echo "Rien à lier."
fi
for dep in SRPMS fedora/{33,34,35,36}/*/{i386,x86_64} enterprise/{7,8,9}/*/{i386,x86_64,armhfp,aarch64}
do
[[ $dep =~ /modular ]] && continue
[[ $dep =~ /debug-modular ]] && continue
if [ -d $dep/repodata -a $dep -nt $dep/repodata -a ! -f $dep/.closed ]
then echo "== Actualisation de $dep =="
pushd $dep
mkrepo nocheck
touch repodata
popd
#else echo "== $dep est à jour =="
fi
done
|