ghcup-metadata/.github/workflows/test-sigs.sh

28 lines
660 B
Bash
Raw Normal View History

2023-08-26 06:03:29 +00:00
#!/usr/bin/env bash
set -x
set -eo pipefail
. .github/workflows/common.sh
get_key() {
local key=$1
local server=$2
gpg --batch --keyserver "${server}" --recv-keys "${key}"
echo -e "${key}:6:" | gpg --import-ownertrust
}
# verify signature
keys=(
7D1E8AFD1D4A16D71FADA2F2CCC85C0E40C06A8C # Julian Ospald <maerwald@hasufell.de>
FFEB7CE81E16A36B3E2DED6F2DE04D4E97DB64AD # Ben Gamari <ben@well-typed.com>
88B57FCF7DB53B4DB3BFA4B1588764FBE22D19C4 # Zubin Duggal <zubin@well-typed.com>
)
2023-08-26 06:03:29 +00:00
for key in "${keys[@]}" ; do
get_key "${key}" keys.openpgp.org || get_key "${key}" keyserver.ubuntu.com
done
unset key
gpg --verify "${METADATA_FILE}.sig"