Remove GPG public key for sign-artifacts role
This is actually a noop for gpg, since the private key also contains the public. Change-Id: I60d4ebf0f3343911986a4e6c46a806539cda701b Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
df50917f66
commit
13889a5878
@ -4,13 +4,9 @@ Sign artifacts
|
|||||||
|
|
||||||
.. zuul:rolevar:: gpg_key
|
.. zuul:rolevar:: gpg_key
|
||||||
|
|
||||||
Complex argument which contains the GPG public and secret keyrings
|
Complex argument which contains the GPG private key for signing
|
||||||
for signing the artifacts. It is expected that this argument comes
|
the artifacts. It is expected that this argument comes from a
|
||||||
from a `Secret`.
|
`Secret`.
|
||||||
|
|
||||||
.. zuul:rolevar:: public
|
|
||||||
|
|
||||||
The ascii-armored contents of the GPG public key.
|
|
||||||
|
|
||||||
.. zuul:rolevar:: private
|
.. zuul:rolevar:: private
|
||||||
|
|
||||||
|
@ -22,25 +22,6 @@
|
|||||||
path: "{{ gpg_private_key_tmp.path }}"
|
path: "{{ gpg_private_key_tmp.path }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
- name: Create GPG public key tempfile
|
|
||||||
tempfile:
|
|
||||||
state: file
|
|
||||||
register: gpg_public_key_tmp
|
|
||||||
|
|
||||||
- name: Create GPG public key
|
|
||||||
copy:
|
|
||||||
content: "{{ gpg_key.public }}"
|
|
||||||
dest: "{{ gpg_public_key_tmp.path }}"
|
|
||||||
mode: 0400
|
|
||||||
|
|
||||||
- name: Import GPG public key
|
|
||||||
command: "gpg --homedir {{ gnupg_tmpdir.path }} --import {{ gpg_public_key_tmp.path }}"
|
|
||||||
|
|
||||||
- name: Delete GPG public key
|
|
||||||
file:
|
|
||||||
path: "{{ gpg_public_key_tmp.path }}"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Find files to sign
|
- name: Find files to sign
|
||||||
find:
|
find:
|
||||||
paths: "{{ gpg_sign_path }}"
|
paths: "{{ gpg_sign_path }}"
|
||||||
|
Loading…
Reference in New Issue
Block a user