Mailing-List: contact commits-help@brooklyn.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@brooklyn.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: heneveld@apache.org
To: commits@brooklyn.apache.org
Date: Thu, 17 Mar 2016 12:55:01 -0000
Message-Id: <87b3cb7df6b5456e96005af83d5f9a05@git.apache.org>
In-Reply-To: <0d41a24c394149079b2aa793ce3b2ebf@git.apache.org>
References: <0d41a24c394149079b2aa793ce3b2ebf@git.apache.org>
Subject: [03/16] brooklyn-dist git commit: Make release script: better GPG
 handling

Make release script: better GPG handling

Fixed gpg-agent usage so that it detects the useful environment variable
rather than the process name (which is useless without the environment
variable). Does a dummy gpg operation at the start to cause a password
prompt, which should cause gpg-agent to cache the password.

Tweak the gpg-agent configuration example (also used in the Vagrantfile)
to lower the ridiculously long timeouts.

Project: http://git-wip-us.apache.org/repos/asf/brooklyn-dist/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-dist/commit/de1c4251
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-dist/tree/de1c4251
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-dist/diff/de1c4251

Branch: refs/heads/master
Commit: de1c4251a05b2a90428ccd2bbd86aa0b71f075b6
Parents: 2f19749
Author: Richard Downer <richard@apache.org>
Authored: Wed Mar 16 15:51:40 2016 +0000
Committer: Richard Downer <richard@apache.org>
Committed: Wed Mar 16 16:09:36 2016 +0000

----------------------------------------------------------------------
 release/gpg-agent.conf            |  4 ++--
 release/make-release-artifacts.sh | 20 ++++++++++++--------
 2 files changed, 14 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-dist/blob/de1c4251/release/gpg-agent.conf
----------------------------------------------------------------------
diff --git a/release/gpg-agent.conf b/release/gpg-agent.conf
index 3cd0291..313a4a4 100644
--- a/release/gpg-agent.conf
+++ b/release/gpg-agent.conf
@@ -1,2 +1,2 @@
-default-cache-ttl 7200
-max-cache-ttl 86400
+default-cache-ttl 1800
+max-cache-ttl 14400

http://git-wip-us.apache.org/repos/asf/brooklyn-dist/blob/de1c4251/release/make-release-artifacts.sh
----------------------------------------------------------------------
diff --git a/release/make-release-artifacts.sh b/release/make-release-artifacts.sh
index 3975fad..d2257c4 100755
--- a/release/make-release-artifacts.sh
+++ b/release/make-release-artifacts.sh
@@ -133,6 +133,18 @@ echo "This script will cause uploads to be made to a staging repository on the A
 echo ""
 confirm "Shall I continue?  [y/N]" || exit
 
+# Set up GPG agent
+if [ ! -z "${GPG_AGENT_INFO}" ]; then
+  echo "GPG_AGENT_INFO set; assuming gpg-agent is running correctly."
+else
+  eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
+  GPG_TTY=$(tty)
+  export GPG_TTY GPG_AGENT_INFO
+fi
+
+# A GPG no-op, but causes the password request to happen. It should then be cached by gpg-agent.
+gpg2 -o /dev/null --sign /dev/null
+
 ###############################################################################
 # Clean the workspace
 git clean -dxf
@@ -165,14 +177,6 @@ set +x
 echo "Proceeding to build binary release"
 set -x
 
-# Set up GPG agent
-if ps x | grep [g]pg-agent ; then
-  echo "gpg-agent already running; assuming it is set up and exported correctly."
-else
-  eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
-  GPG_TTY=$(tty)
-  export GPG_TTY GPG_AGENT_INFO
-fi
 
 # Workaround for bug BROOKLYN-1
 ( cd ${src_staging_dir} && mvn clean --projects :brooklyn-archetype-quickstart )