Update the Signing Key for Percona Debian and Ubuntu Packages
Attempting to build images fails now with an error because of a change in the signing key for Percona packages. Quick summary copied from [1] Percona .deb packages are signed with a key that uses an algorithm now considered weak. Starting with the next release, Debian and Ubuntu packages are signed with a new key that uses the much stronger SHA-512 algorithm. All future package release will also contain the new algorithm. It’s important that you add the new key before the next release. See also [2] in trove. [1] https://www.percona.com/blog/2016/10/13/new-signing-key-for-percona-debian-and-ubuntu-packages/ [2] https://review.openstack.org/#/c/390342/ Change-Id: I4ca5fccf51e51059d4035f7206609c8afa997c94
This commit is contained in:
parent
a7ad2f1748
commit
e42be7b1de
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
# CONTEXT: GUEST during PRE-CONSTRUCTION as ROOT
|
||||
# PURPOSE: Setup apt-repo list so that we can connect to Percona's repo
|
||||
|
@ -17,17 +17,24 @@ mkdir -p /home/${GUEST_USERNAME}/.gnupg
|
|||
# https://bugs.launchpad.net/percona-server/+bug/907789. Disable
|
||||
# shell errexit so we can interrogate the exit code and take action
|
||||
# based on the exit code. We will reenable it later.
|
||||
set +e
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
|
||||
function get_key_robust() {
|
||||
KEY=$1
|
||||
set +e
|
||||
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys ${KEY}
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys ${KEY}
|
||||
fi
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys 1C4CBDCDCD2EFD2A
|
||||
fi
|
||||
}
|
||||
|
||||
set -e
|
||||
get_key_robust 1C4CBDCDCD2EFD2A
|
||||
get_key_robust 9334A25F8507EFA5
|
||||
|
||||
# Add Percona repo
|
||||
# Creates the Percona sources list
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
# CONTEXT: GUEST during PRE-CONSTRUCTION as ROOT
|
||||
# PURPOSE: Setup apt-repo list so that we can connect to Percona's repo
|
||||
|
@ -17,17 +17,24 @@ mkdir -p /home/${GUEST_USERNAME}/.gnupg
|
|||
# https://bugs.launchpad.net/percona-server/+bug/907789. Disable
|
||||
# shell errexit so we can interrogate the exit code and take action
|
||||
# based on the exit code. We will reenable it later.
|
||||
set +e
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
|
||||
function get_key_robust() {
|
||||
KEY=$1
|
||||
set +e
|
||||
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys ${KEY}
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys ${KEY}
|
||||
fi
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys 1C4CBDCDCD2EFD2A
|
||||
fi
|
||||
}
|
||||
|
||||
set -e
|
||||
get_key_robust 1C4CBDCDCD2EFD2A
|
||||
get_key_robust 9334A25F8507EFA5
|
||||
|
||||
# Add Percona repo
|
||||
# Creates the percona sources list
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
# CONTEXT: GUEST during PRE-CONSTRUCTION as ROOT
|
||||
# PURPOSE: Setup apt-repo list so that we can connect to Percona's repo
|
||||
|
@ -19,17 +19,24 @@ fi
|
|||
# https://bugs.launchpad.net/percona-server/+bug/907789. Disable
|
||||
# shell errexit so we can interrogate the exit code and take action
|
||||
# based on the exit code. We will reenable it later.
|
||||
set +e
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
|
||||
function get_key_robust() {
|
||||
KEY=$1
|
||||
set +e
|
||||
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys ${KEY}
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys ${KEY}
|
||||
fi
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys 1C4CBDCDCD2EFD2A
|
||||
fi
|
||||
}
|
||||
|
||||
set -e
|
||||
get_key_robust 1C4CBDCDCD2EFD2A
|
||||
get_key_robust 9334A25F8507EFA5
|
||||
|
||||
# add Percona repo
|
||||
# creates the percona sources list
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
# CONTEXT: GUEST during PRE-CONSTRUCTION as ROOT
|
||||
# PURPOSE: Setup apt-repo list so that we can connect to Percona's repo
|
||||
|
@ -19,17 +19,24 @@ fi
|
|||
# https://bugs.launchpad.net/percona-server/+bug/907789. Disable
|
||||
# shell errexit so we can interrogate the exit code and take action
|
||||
# based on the exit code. We will reenable it later.
|
||||
set +e
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
|
||||
function get_key_robust() {
|
||||
KEY=$1
|
||||
set +e
|
||||
|
||||
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys ${KEY}
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys ${KEY}
|
||||
fi
|
||||
|
||||
if [ "$?" -ne "0" ];
|
||||
then
|
||||
echo "Trying alternate keyserver hkp://keyserver.ubuntu.com"
|
||||
set -e
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv-keys 1C4CBDCDCD2EFD2A
|
||||
fi
|
||||
}
|
||||
|
||||
set -e
|
||||
get_key_robust 1C4CBDCDCD2EFD2A
|
||||
get_key_robust 9334A25F8507EFA5
|
||||
|
||||
# add Percona repo
|
||||
# creates the percona sources list
|
||||
|
|
Loading…
Reference in New Issue