Try keys.openpgp.org before falling back to keyserver.ubuntu.com
This commit is contained in:
Tianon Gravi
parent
87618e7220
commit
c7f11de4a2
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -73,7 +73,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -73,7 +73,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -73,7 +73,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -73,7 +73,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -60,7 +60,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
|
|
@ -115,7 +115,11 @@ RUN set -eux; \
|
|||
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
for key in $GPG_KEYS; do \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
# try keys.openpgp.org first, as it is the superior keyserver
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
|
||||
# GnuPG returns a zero exit code for the above command if it receives key data but without a UID, but with the note that it's skipping the key it was asked to fetch, so the only way we can know if the above command *actually* succeeded is to check! 🙃
|
||||
&& gpg --batch --fingerprint "$key" \
|
||||
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
|
||||
done; \
|
||||
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
|
||||
tar -xf tomcat.tar.gz --strip-components=1; \
|
||||
|
|
|
|||
Loading…
Reference in New Issue