[Qa-jenkins-scm] [Git][qa/jenkins.debian.net][master] 2 commits: reproducible alpine: use specific signing keys
Holger Levsen
gitlab at salsa.debian.org
Mon Dec 2 23:02:26 GMT 2019
Holger Levsen pushed to branch master at Debian QA / jenkins.debian.net
Commits:
e248b363 by kpcyrd at 2019-12-02T23:00:18Z
reproducible alpine: use specific signing keys
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
6d3d550a by kpcyrd at 2019-12-02T23:01:54Z
reproducible archlinux/alpine: give kpcyrd access to pb3+4
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
3 changed files:
- + authorized_keys/kpcyrd at archlinux.pub
- bin/reproducible_setup_alpine_schroot.sh
- update_jdn.sh
Changes:
=====================================
authorized_keys/kpcyrd at archlinux.pub
=====================================
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxjWuENHhZ1IME9oDz14xeJfrD2HDejqfXocqHZb4Ka user at work
=====================================
bin/reproducible_setup_alpine_schroot.sh
=====================================
@@ -113,7 +113,51 @@ fi
$USERCMD gpg --check-trustdb # first run will create ~/.gnupg/gpg.conf
echo "keyserver-options auto-key-retrieve" | tee -a "$SCHROOT_BASE/$TARGET/var/lib/jenkins/.gnupg/gpg.conf"
-$USERCMD abuild-keygen -a -n
+$USERCMD mkdir -vp "$SCHROOT_BASE/$TARGET/var/lib/jenkins/.abuild"
+$USERCMD tee "$SCHROOT_BASE/$TARGET/var/lib/jenkins/.abuild/abuild.conf" <<-__END__
+PACKAGER_PRIVKEY="/var/lib/jenkins/.abuild/build-5de527c8.rsa"
+__END__
+# ci keys, do not use for anything important
+$USERCMD tee "$SCHROOT_BASE/$TARGET/var/lib/jenkins/.abuild/build-5de527c8.rsa" <<-__END__
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAq95i4RZ4GfLLne18xmPSwvE9vcoIISAIbJAsjz9XR+d552TS
+u7rJF3JDIbWqQ53u4P4dvPHxK3wO657KtfBjM1lf8KJbdaE993AYGdbbVbTnak5h
+HStPiJ7z1t6vvbs0EWqcAOWlh1L5lhMbQFLcnsPXXnZ2aeaX9Dlz6VGJFT8Pf0MV
+1ABDn8po84hl0NUFIj1cjsUDibkqI6HF7hiUinUzlo8jO26PFcVJyEPNj0Oz8kuY
+686K/NR6mfvKXVYwXM/mskK6XD3YjKwblDzQQxUzJuRNWSonBQ32FDQmcVfZOoTI
+4mQMDkqKt6dhxiqycX1/R3m9LsE8IlIhoQ99wQIDAQABAoIBADt7mklA14xThblA
+6oBXKCikCbRX6fxc881vEJz7VR/js0Msl+q1OMfOmgFeuHDyhiyEhpJQQiHEq/1M
+VegmLI8nDZdg+bp6ddHfj9fRjtPY6obWXbIUvVARg18Ib1aBJgIpHZkJ4gI163/P
+WQ0oIIcqTK263jzEvC6ge8dymrkpKqCtVNnpI+ToAZ//Ni0QKGZ6tSSC7lg1jENf
+ghnjADUNcQivVjBqbNBd2rR5oJ5NSspUX78spYtf2mFB0wgXVsAvfpGBe6txp5sv
+Pp9xYqozpZ7Wf2Z1cIYw7laIt53HE1VCziSnwivYFTdpplJFIg3Hd65fQ6MfESqZ
+6yW4l4kCgYEA3yy+sZlTTfIVd3m0pdVgyHXf4Y/otonRc6WcclHYK+3ez4F+dOl8
+DZnZBhhJPFHlZBm4J7wWnUY4ZdgAydzKp3YVegZdm43Xhg+aI3P8nfJykAJ01EzI
+5Zd3Z0YWnqdxB1HyP0wYf315tyGM5yMD/1v6ayM+WpAH+LW+wo3CY2MCgYEAxSXM
+8kRQev5zkOLZhtMLb9EC2rDwFm2LEW2ocd1uDNRS9usB7lE30EE5xJNI5+AkoCo1
+j3B0CyXyRHbmhmfp7OempF7JAPROrS1gxg0naQORU2i9aiOwNGhbenkSMnUQi3of
+D5YX0zk60TMFWo/hSLW9hrN97iOgF12NajsCjYsCgYAw7zy48GeltakjU1pa6liY
+W9BFQyrBq6JzeyK8plmB+Fxcn4Y82F1NFijR/00/nq1vr3wDqmhC//ypyB0UJgeB
+hJDc+rxXuVhCmvUvROVlNJ4OGZvIWTXLsdSKnoGjNA/CjSNS4bqVacvgbcjZfYII
+4gAcsdOgQ+ibji5PtomjBQKBgDy3n58dmwvGQiFlPElhxivx20cvJ0JBCoubkj0/
+TR12ZvbU+gtDyETDUd9Q3StMxPrvBP/gSl0EmtCrLeRHLKxhy9jjuFQq6fA8AYn9
+kx2sk510rKF7zFDXsxTNJOWVWDscqWRLfZr4DT1Q0V1K4r9Z+bz6mtY08qE/lsYY
+1nhxAoGATFF1Ng7AQMcytiT1nSQjB/A/3C5hzCula7J1ErL+wc0zOS4oenmL2ESI
+IKDt71BfGgXZHy1AKMv+0x1Wk2hOXC2fSxG46lIPD0msR2207+c7ZgVuyARmSDO3
+Y/5yyssrctGJ8bNs+++uUhr8yG9CXBG9uSG3gvtCXxOgwg43lTk=
+-----END RSA PRIVATE KEY-----
+__END__
+$USERCMD tee "$SCHROOT_BASE/$TARGET/var/lib/jenkins/.abuild/build-5de527c8.rsa.pub" <<-__END__
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq95i4RZ4GfLLne18xmPS
+wvE9vcoIISAIbJAsjz9XR+d552TSu7rJF3JDIbWqQ53u4P4dvPHxK3wO657KtfBj
+M1lf8KJbdaE993AYGdbbVbTnak5hHStPiJ7z1t6vvbs0EWqcAOWlh1L5lhMbQFLc
+nsPXXnZ2aeaX9Dlz6VGJFT8Pf0MV1ABDn8po84hl0NUFIj1cjsUDibkqI6HF7hiU
+inUzlo8jO26PFcVJyEPNj0Oz8kuY686K/NR6mfvKXVYwXM/mskK6XD3YjKwblDzQ
+QxUzJuRNWSonBQ32FDQmcVfZOoTI4mQMDkqKt6dhxiqycX1/R3m9LsE8IlIhoQ99
+wQIDAQAB
+-----END PUBLIC KEY-----
+__END__
# Disable SSL verification for future builds
if [ "$HOSTNAME" = "osuosl-build170-amd64" ] ; then
=====================================
update_jdn.sh
=====================================
@@ -122,12 +122,16 @@ user_host_groups['lunar','jenkins']='reproducible'
user_host_groups['lynxis','osuosl-build171-amd64']="$sudo_groups"
user_host_groups['lynxis','osuosl-build172-amd64']="$sudo_groups"
user_host_groups['lynxis','jenkins']="jenkins"
+user_host_groups['kpcyrd','osuosl-build171-amd64']="$sudo_groups"
+user_host_groups['kpcyrd','osuosl-build172-amd64']="$sudo_groups"
+user_host_groups['kpcyrd','jenkins']="jenkins"
user_host_groups['hans','osuosl-build168-amd64']="$sudo_groups"
user_host_groups['vagrant','*']="$sudo_groups"
user_host_groups['bernhard','osuosl-build174-amd64']="$sudo_groups"
u_shell['mattia']='/bin/zsh'
u_shell['lynxis']='/usr/bin/fish'
+u_shell['kpcyrd']='/bin/bash'
u_shell['jenkins-adm']='/bin/bash'
# get the users out of the user_host_groups array's index
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/compare/e380dad155a2530a8a092f5e6f3bb4a06c3931fc...6d3d550a1a8371d28b8a60f2035ba4cbf27882ea
--
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/compare/e380dad155a2530a8a092f5e6f3bb4a06c3931fc...6d3d550a1a8371d28b8a60f2035ba4cbf27882ea
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20191202/d2d45c61/attachment-0001.html>
More information about the Qa-jenkins-scm
mailing list