#
# Executed after cron.unchecked
-ARCHS_oldstable="alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc s390 amd64"
-ARCHS_stable="alpha amd64 arm hppa i386 ia64 mips mipsel powerpc sparc s390"
-ARCHS_testing="$ARCHS_stable"
-DISTS="oldstable stable testing"
-SSH_SOCKET=~/.ssh/buildd.debian.org.socket
-
set -e
-export SCRIPTVARS=/org/security.debian.org/dak/config/debian-security/vars
+set -u
+
+export SCRIPTVARS=/srv/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
+SSH_SOCKET=~/.ssh/buildd.debian.org.socket
+DISTS=$(dak admin s list)
-if [ ! -e $ftpdir/Archive_Maintenance_In_Progress ]; then
- cd $masterdir
- for d in $DISTS; do
- eval SOURCES_$d=`stat -c "%Y" $base/buildd/$d/Sources.gz`
- eval PACKAGES_$d=`stat -c "%Y" $base/buildd/$d/Packages.gz`
- done
- apt-ftparchive -qq -o APT::FTPArchive::Contents=off generate apt.conf.buildd
- dists=
- for d in $DISTS; do
- eval NEW_SOURCES_$d=`stat -c "%Y" $base/buildd/$d/Sources.gz`
- eval NEW_PACKAGES_$d=`stat -c "%Y" $base/buildd/$d/Packages.gz`
- old=SOURCES_$d
- new=NEW_$old
- if [ ${!new} -gt ${!old} ]; then
- if [ -z "$dists" ]; then
- dists="$d"
- else
- dists="$dists $d"
- fi
- continue
- fi
- old=PACKAGES_$d
- new=NEW_$old
- if [ ${!new} -gt ${!old} ]; then
- if [ -z "$dists" ]; then
- dists="$d"
- else
- dists="$dists $d"
- fi
- continue
- fi
- done
- if [ ! -z "$dists" ]; then
- # setup ssh master process
- ssh buildd@buildd -S $SSH_SOCKET -MN 2> /dev/null &
- SSH_PID=$!
- while [ ! -S $SSH_SOCKET ]; do
- sleep 1
- done
- trap 'kill -TERM $SSH_PID' 0
- for d in $dists; do
- archs=ARCHS_$d
- ARCHS=${!archs}
- cd /org/security.debian.org/buildd/$d
- for a in $ARCHS; do
- quinn-diff -a /org/security.debian.org/buildd/Packages-arch-specific -A $a 2>/dev/null | ssh buildd@buildd -S $SSH_SOCKET wanna-build -d $d-security -b $a/build-db --merge-partial-quinn
- ssh buildd@buildd -S $SSH_SOCKET wanna-build -d $d-security -A $a -b $a/build-db --merge-packages < Packages
- done
- if [ "$d" = "oldstable" ]; then
- ssh buildd@bester.farm.ftbfs.de -i ~/.ssh/id_bester sleep 1
- fi
- done
- fi
+if [ -e $ftpdir/Archive_Maintenance_In_Progress ]; then
+ exit 0
fi
+for dist in $DISTS; do
+ eval SOURCES_$dist=`stat -c "%Y" $base/buildd/$dist/Sources.gz`
+ eval PACKAGES_$dist=`stat -c "%Y" $base/buildd/$dist/Packages.gz`
+done
+
+cd $configdir
+apt-ftparchive -qq -o APT::FTPArchive::Contents=off generate apt.conf.buildd
+
+cd ${base}/buildd
+for dist in $DISTS; do
+ rm -f $dist/Release*
+ darchs=$(dak admin s-a list-arch $dist | tr '\n' ' ')
+ codename=$(dak admin s show ${dist} | grep ^Codename | awk '{print $2}')
+ apt-ftparchive -qq -o APT::FTPArchive::Release::Codename="${codename}" -o APT::FTPArchive::Release::Origin="Debian" -o APT::FTPArchive::Release::Label="Debian" -o APT::FTPArchive::Release::Description="buildd $dist security" -o APT::FTPArchive::Release::Architectures="${darchs}" release $dist > Release
+ gpg --secret-keyring ${base}/s3kr1t/dot-gnupg/secring.gpg --keyring ${base}/s3kr1t/dot-gnupg/pubring.gpg --no-options --batch --no-tty --armour --default-key 55BE302B --detach-sign -o Release.gpg Release
+ mv Release* $dist/.
+done
+
+dists=
+
+
+for dist in $DISTS; do
+ eval NEW_SOURCES_$dist=`stat -c "%Y" $base/buildd/$dist/Sources.gz`
+ eval NEW_PACKAGES_$dist=`stat -c "%Y" $base/buildd/$dist/Packages.gz`
+ old=SOURCES_$dist
+ new=NEW_$old
+ if [ ${!new} -gt ${!old} ]; then
+ if [ -z "$dists" ]; then
+ dists="$dist"
+ else
+ dists="$dists $dist"
+ fi
+ continue
+ fi
+ old=PACKAGES_$dist
+ new=NEW_$old
+ if [ ${!new} -gt ${!old} ]; then
+ if [ -z "$dists" ]; then
+ dists="$dist"
+ else
+ dists="$dists $dist"
+ fi
+ continue
+ fi
+done
+
+if [ ! -z "$dists" ]; then
+ # setup ssh master process
+ ssh wbadm@buildd -S $SSH_SOCKET -MN 2> /dev/null &
+ SSH_PID=$!
+ while [ ! -S $SSH_SOCKET ]; do
+ sleep 1
+ done
+ trap 'kill -TERM $SSH_PID' 0
+ for d in $dists; do
+ ssh wbadm@buildd -S $SSH_SOCKET trigger.security $d
+ done
+fi
projects / dak.git / blobdiff