diff options
| author | laanwj <126646+laanwj@users.noreply.github.com> | 2022-04-06 12:40:50 +0200 |
|---|---|---|
| committer | laanwj <126646+laanwj@users.noreply.github.com> | 2022-04-06 12:41:15 +0200 |
| commit | b3072799248fae8fc16f910b642edb9c5acf8bac (patch) | |
| tree | 8a61e6f454049211bea0294e75f59abd3afea3cd /contrib/guix | |
| parent | 696d39410fc3372d120a6e89695c1543ac2fc052 (diff) | |
| parent | af74e061c052fa8b260ee71bf048fe22028962ae (diff) | |
Merge bitcoin/bitcoin#24552: guix: make it possible to override gpg binary
af74e061c052fa8b260ee71bf048fe22028962ae guix: make it possible to override gpg binary (Pavol Rusnak)
Pull request description:
For example on Qubes OS one might want to use qubes-gpg-client-wrapper instead
Fixes https://github.com/bitcoin/bitcoin/issues/24346
ACKs for top commit:
laanwj:
Concept and code review ACK af74e061c052fa8b260ee71bf048fe22028962ae
Tree-SHA512: 9e56b5fab231f8908fff15c88fe5b356ac4a31a14a27ae2dd3b6e876f32628910a666a4e2da5bf7c5d159de66cf57652c94c81cdc3b1c3d39a23c23e2c77dd03
Diffstat (limited to 'contrib/guix')
| -rwxr-xr-x | contrib/guix/guix-attest | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/contrib/guix/guix-attest b/contrib/guix/guix-attest index 6e12cbead7..b0ef28dc3f 100755 --- a/contrib/guix/guix-attest +++ b/contrib/guix/guix-attest @@ -19,8 +19,16 @@ source "$(dirname "${BASH_SOURCE[0]}")/libexec/prelude.bash" ################ check_tools cat env basename mkdir diff sort + if [ -z "$NO_SIGN" ]; then - check_tools gpg + # make it possible to override the gpg binary + GPG=${GPG:-gpg} + + # $GPG can contain extra arguments passed to the binary + # so let's check only the existence of arg[0] + # shellcheck disable=SC2206 + GPG_ARRAY=($GPG) + check_tools "${GPG_ARRAY[0]}" fi ################ @@ -90,7 +98,7 @@ if [ -z "${signer_name}" ]; then signer_name="$gpg_key_name" fi -if [ -z "$NO_SIGN" ] && ! gpg --dry-run --list-secret-keys "${gpg_key_name}" >/dev/null 2>&1; then +if [ -z "$NO_SIGN" ] && ! ${GPG} --dry-run --list-secret-keys "${gpg_key_name}" >/dev/null 2>&1; then echo "ERR: GPG can't seem to find any key named '${gpg_key_name}'" exit 1 fi @@ -239,11 +247,11 @@ mkdir -p "$outsigdir" echo "Signing SHA256SUMS to produce SHA256SUMS.asc" for i in *.SHA256SUMS; do if [ ! -e "$i".asc ]; then - gpg --detach-sign \ - --digest-algo sha256 \ - --local-user "$gpg_key_name" \ - --armor \ - --output "$i".asc "$i" + ${GPG} --detach-sign \ + --digest-algo sha256 \ + --local-user "$gpg_key_name" \ + --armor \ + --output "$i".asc "$i" else echo "Signature already there" fi |