aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcoFalke <falke.marco@gmail.com>2021-08-19 11:47:58 +0200
committerMarcoFalke <falke.marco@gmail.com>2021-08-26 11:17:59 +0200
commitfa001602cd5ac61b9258e998ee2b236688c19ef7 (patch)
treea09510e4677caba5c3151bc388e0eb4b82b9d03a
parentfa880b10d67542b8eb476a0e1f3ffb67e88d5e53 (diff)
ci: Re-enable verify-commits.py check
-rwxr-xr-xci/lint/06_script.sh11
1 files changed, 8 insertions, 3 deletions
diff --git a/ci/lint/06_script.sh b/ci/lint/06_script.sh
index c3c7619ef7..f7dacd8512 100755
--- a/ci/lint/06_script.sh
+++ b/ci/lint/06_script.sh
@@ -23,10 +23,15 @@ test/lint/git-subtree-check.sh src/crc32c
test/lint/check-doc.py
test/lint/lint-all.sh
-if [ "$CIRRUS_REPO_FULL_NAME" = "bitcoin/bitcoin" ] && [ -n "$CIRRUS_CRON" ]; then
- git log --merges --before="2 days ago" -1 --format='%H' > ./contrib/verify-commits/trusted-sha512-root-commit
+if [ "$CIRRUS_REPO_FULL_NAME" = "bitcoin/bitcoin" ] && [ "$CIRRUS_PR" = "" ] ; then
+ # Sanity check only the last few commits to get notified of missing sigs,
+ # missing keys, or expired keys. Usually there is only one new merge commit
+ # per push on the master branch and a few commits on release branches, so
+ # sanity checking only a few (10) commits seems sufficient and cheap.
+ git log HEAD~10 -1 --format='%H' > ./contrib/verify-commits/trusted-sha512-root-commit
+ git log HEAD~10 -1 --format='%H' > ./contrib/verify-commits/trusted-git-root
${CI_RETRY_EXE} gpg --keyserver hkps://keys.openpgp.org --recv-keys $(<contrib/verify-commits/trusted-keys) &&
- ./contrib/verify-commits/verify-commits.py --clean-merge=2;
+ ./contrib/verify-commits/verify-commits.py;
fi
echo