From e2a3a6656581960bc96b6e24076afdb823ef12fac95dcf0b5277bd9f6599c30e Mon Sep 17 00:00:00 2001 From: "Marc S. Weidner" Date: Fri, 7 Nov 2025 08:02:45 +0100 Subject: [PATCH] V8.13.384.2025.11.06 Signed-off-by: Marc S. Weidner --- lib/lib_check_pkgs.sh | 8 ++------ lib/lib_clean_up.sh | 2 +- lib/lib_gnupg.sh | 6 ++++++ 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/lib/lib_check_pkgs.sh b/lib/lib_check_pkgs.sh index 34217ca..5217c58 100644 --- a/lib/lib_check_pkgs.sh +++ b/lib/lib_check_pkgs.sh @@ -27,6 +27,8 @@ check_pkgs() { apt-get update -qq > /dev/null 2>&1 + apt-get install -y --no-install-recommends gnupg gpgv gpg-agent pinentry-curses pinentry-tty gnupg-utils + if ! command -v lsb_release >/dev/null 2>&1; then apt-get install -y --no-install-recommends lsb-release @@ -55,12 +57,6 @@ check_pkgs() { fi - if ! command -v gpg >/dev/null 2>&1; then - - apt-get install -y --no-install-recommends gnupg gpgv gpg-agent pinentry-curses gnupg-utils - - fi - if [[ ! -f /usr/share/live/build/VERSION ]]; then apt-get install -y live-build diff --git a/lib/lib_clean_up.sh b/lib/lib_clean_up.sh index 8962b38..9f6a167 100644 --- a/lib/lib_clean_up.sh +++ b/lib/lib_clean_up.sh @@ -87,7 +87,7 @@ clean_up() { # Removes secrets securely. # shellcheck disable=SC2312 - find "${VAR_TMP_SECRET}" -xdev -type f -print0 | xargs -0 -- no-run-if-empty shred -fzu -n 5 -- + find "${VAR_TMP_SECRET}" -xdev -type f -print0 | xargs -0 --no-run-if-empty shred -fzu -n 5 -- find "${VAR_TMP_SECRET}" -xdev -depth -type d -empty -delete shopt -u nullglob dotglob diff --git a/lib/lib_gnupg.sh b/lib/lib_gnupg.sh index 408205d..220edaf 100644 --- a/lib/lib_gnupg.sh +++ b/lib/lib_gnupg.sh @@ -44,6 +44,8 @@ init_gnupg() { ### Avoid collision with Gitea runner workflows. if [[ ! "${VAR_CDLB_INSIDE_RUNNER}" == "true" ]]; then + printf "\e[93m++++ ++++ ++++ ++++ ++++ ++++ ++ VAR_CDLB_INSIDE_RUNNER: [%s] \e[0m\n" "${VAR_CDLB_INSIDE_RUNNER}" + declare -grx GNUPGHOME="/dev/shm/cdlb_${VAR_ISO8601}_gnupg" # shellcheck disable=SC2174 @@ -52,6 +54,10 @@ init_gnupg() { echo 'allow-loopback-pinentry' >| "${GNUPGHOME}/gpg-agent.conf" gpgconf --reload gpg-agent || true + else + + printf "\e[93m++++ ++++ ++++ ++++ ++++ ++++ ++ VAR_CDLB_INSIDE_RUNNER: [%s] \e[0m\n" "${VAR_CDLB_INSIDE_RUNNER}" + fi gpg --batch --import "${VAR_TMP_SECRET}/${VAR_SIGNING_KEY}"