Merge pull request #4963 from guggero/verify-no-key-fix

scripts: don't fail signature verification on missing public key
This commit is contained in:
Oliver Gugger 2021-01-28 14:52:22 +01:00 committed by GitHub
commit 688a8045f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -108,14 +108,17 @@ NUM_CHECKS=0
for signature in $SIGNATURES; do for signature in $SIGNATURES; do
# First make sure the downloaded signature file is valid. # First make sure the downloaded signature file is valid.
echo "Verifying $signature" echo "Verifying $signature"
if ! gpg --verify "$signature" 2>&1 | grep -q "Good signature"; then if gpg --verify "$signature" 2>&1 | grep -q "Good signature"; then
echo "Signature for $signature checks out: "
gpg --verify "$signature" 2>&1 | grep "using"
elif gpg --verify "$signature" 2>&1 | grep -q "No public key"; then
echo "Unable to verify signature $signature, no key available, skipping"
continue
else
echo "ERROR: Did not get valid signature for $signature!" echo "ERROR: Did not get valid signature for $signature!"
exit 1 exit 1
fi fi
echo "Signature for $signature checks out: "
gpg --verify "$signature" 2>&1 | grep "using"
echo "" echo ""
# Then make sure that the hash of the installed binaries can be found in the # Then make sure that the hash of the installed binaries can be found in the