diff options
author | MarcoFalke <falke.marco@gmail.com> | 2021-08-19 11:47:58 +0200 |
---|---|---|
committer | MarcoFalke <falke.marco@gmail.com> | 2021-08-26 11:17:59 +0200 |
commit | fa001602cd5ac61b9258e998ee2b236688c19ef7 (patch) | |
tree | a09510e4677caba5c3151bc388e0eb4b82b9d03a | |
parent | fa880b10d67542b8eb476a0e1f3ffb67e88d5e53 (diff) |
ci: Re-enable verify-commits.py check
-rwxr-xr-x | ci/lint/06_script.sh | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/ci/lint/06_script.sh b/ci/lint/06_script.sh index c3c7619ef7..f7dacd8512 100755 --- a/ci/lint/06_script.sh +++ b/ci/lint/06_script.sh @@ -23,10 +23,15 @@ test/lint/git-subtree-check.sh src/crc32c test/lint/check-doc.py test/lint/lint-all.sh -if [ "$CIRRUS_REPO_FULL_NAME" = "bitcoin/bitcoin" ] && [ -n "$CIRRUS_CRON" ]; then - git log --merges --before="2 days ago" -1 --format='%H' > ./contrib/verify-commits/trusted-sha512-root-commit +if [ "$CIRRUS_REPO_FULL_NAME" = "bitcoin/bitcoin" ] && [ "$CIRRUS_PR" = "" ] ; then + # Sanity check only the last few commits to get notified of missing sigs, + # missing keys, or expired keys. Usually there is only one new merge commit + # per push on the master branch and a few commits on release branches, so + # sanity checking only a few (10) commits seems sufficient and cheap. + git log HEAD~10 -1 --format='%H' > ./contrib/verify-commits/trusted-sha512-root-commit + git log HEAD~10 -1 --format='%H' > ./contrib/verify-commits/trusted-git-root ${CI_RETRY_EXE} gpg --keyserver hkps://keys.openpgp.org --recv-keys $(<contrib/verify-commits/trusted-keys) && - ./contrib/verify-commits/verify-commits.py --clean-merge=2; + ./contrib/verify-commits/verify-commits.py; fi echo |