config/debian-security/cron.unchecked: export policy queues in old format

[dak.git] / config / debian-security / cron.unchecked
diff --git a/config/debian-security/cron.unchecked b/config/debian-security/cron.unchecked

index 10423531b2a603f47b8dc3dc1676e21b214c8e34..f55315c5028de92ce927db75ed48e1afcba9b4cb 100755 (executable)
--- a/config/debian-security/cron.unchecked
+++ b/config/debian-security/cron.unchecked
@@ -37,13 +37,11 @@ fi
  trap cleanup EXIT
  
  for queue in embargoed; do
-    cd ${queuedir}/${queue}/COMMENTS
-    comments=$(find . -maxdepth 1 -mindepth 1 -type f '(' -name "ACCEPT.*.changes" -o -name "REJECT.*.changes" ')' | sed -e "s,./,," | xargs)
-    if [ -n "$comments" ]; then
+    echo "$timestamp: processing ${queue}" >> ${report}
+    dak process-policy ${queue} >> ${report}
+    accepted=$(find ${queuedir}/accepted -type f -name "*.changes")
+    if [ -n "${accepted}" ]; then
         dopolicy=true
-       echo "$timestamp": ${comments:-"Nothing to do for ${queue}"}  >> $report
-       dak process-policy ${queue} >> ${report}
-       find /srv/security-master.debian.org/queue/accepted -type f -exec mv -t /srv/queued/ftpmaster '{}' +
      fi
  done
  
@@ -69,6 +67,16 @@ if [ "${doanything}" = "false" ] && [ "${dopolicy}" = "false" ]; then
      exit 0
  fi
  
+# export policy queues
+for queue in embargoed; do
+    pushd ${queuedir}/${queue}
+    rm -rf export.new
+    dak export -q ${queue} -d export.new --all
+    rsync -a --delete export.new/. export/.
+    rm -rf export.new
+    popd
+done
+
  # manage build queues
  dak manage-build-queues -a
  dak generate-packages-sources2 -a build-queues
@@ -89,20 +97,23 @@ for suite in stable testing; do
      rm -f Release
  
      cd ${incoming}
-    apt-ftparchive -qq -o APT::FTPArchive::Release::Origin="Debian" -o APT::FTPArchive::Release::Label="Debian" -o APT::FTPArchive::Release::Description="buildd $suite incoming" -o APT::FTPArchive::Release::Architectures="$archs" release ${suite}.new >${suite}.Release
+    apt-ftparchive -qq -o APT::FTPArchive::Release::Origin="Debian" -o APT::FTPArchive::Release::Label="Debian" -o APT::FTPArchive::Release::Description="buildd $suite security" -o APT::FTPArchive::Release::Architectures="$archs" release ${suite}.new >${suite}.Release
  
-    gpg --secret-keyring /srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg /srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg --no-options --batch --no-tty --armour --default-key 473041FA --detach-sign -o ${suite}.Release.gpg ${suite}.Release
+    gpg --secret-keyring /srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg --keyring /srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg --no-options --batch --no-tty --armour --default-key 473041FA --detach-sign -o ${suite}.Release.gpg ${suite}.Release
  
      mv ${suite}.Release ${suite}.new/Release
      mv ${suite}.Release.gpg ${suite}.new/Release.gpg
  
-    mv ${suite} ${suite}.old
+    if [ -d ${suite} ]; then
+       mv ${suite} ${suite}.old
+    fi
      mv ${suite}.new ${suite}
      rm -rf ${suite}.old
  done
  
  if [ "x${dopolicy}x" = "xtruex" ]; then
      # We had something approved from a policy queue, push out new archive
+    find /srv/security-master.debian.org/queue/accepted -type f -exec mv -t /srv/queued/ftpmaster '{}' +
      dak dominate
      #dak generate-filelist
      cd $configdir