From 99e3ca8b1e774b6732702e8cd761002a7a2bc1d9 Mon Sep 17 00:00:00 2001 From: Pavel Raiskup Date: Mon, 13 Jan 2025 08:31:08 +0100 Subject: [PATCH] copr-keygen: fix using of backup key Do not require the key to be imported in keyring. --- roles/copr/keygen/files/backup_keyring.sh | 2 +- roles/copr/keygen/tasks/setup_backup.yml | 5 ----- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/roles/copr/keygen/files/backup_keyring.sh b/roles/copr/keygen/files/backup_keyring.sh index cf8e8ea9ea..fec11d7f70 100644 --- a/roles/copr/keygen/files/backup_keyring.sh +++ b/roles/copr/keygen/files/backup_keyring.sh @@ -10,7 +10,7 @@ OUTPUT_FILE="$BACKUP_DIR/copr_keygen_keyring_$(date -I).tar.gz.gpg" tar --exclude="*agent*" -czPf - "$PATH_TO_KEYRING_DIR" \ | gpg2 --output "$OUTPUT_FILE".tmp --encrypt \ - --recipient copr-keygen-backup-key --always-trust \ + --recipient-file /root/backup_key.asc \ && mv "$OUTPUT_FILE.tmp" "$OUTPUT_FILE" # shell pattern matching provides sorted output diff --git a/roles/copr/keygen/tasks/setup_backup.yml b/roles/copr/keygen/tasks/setup_backup.yml index 69a03a0d58..84fe243592 100644 --- a/roles/copr/keygen/tasks/setup_backup.yml +++ b/roles/copr/keygen/tasks/setup_backup.yml @@ -4,11 +4,6 @@ - name: copy pubkey for backup encryption copy: src="{{ private }}/files/copr/keygen/backup_key.asc" dest="/root/backup_key.asc" - register: pub_key_installed - -- name: import pubkey for backup encryption - shell: gpg2 --import /root/backup_key.asc creates=/root/backupkeyimported - when: pub_key_installed.changed - name: copy backup script copy: src="backup_keyring.sh" dest="/etc/cron.hourly/backup_keyring.sh" owner=root group=root mode=755