diff options
| author | Dan McGee <dan@archlinux.org> | 2011-10-22 01:49:00 +0200 |
|---|---|---|
| committer | Dan McGee <dan@archlinux.org> | 2011-10-22 01:49:00 +0200 |
| commit | 2d5777b11d229d115a31a6c82236570002c2dd57 (patch) | |
| tree | a91e12e95fce1072115c106265bac2b445670645 /devel/management/commands/generate_keyring.py | |
| parent | 002574cce1d9756ba28a87a038f6906b566f2e2a (diff) | |
| download | archweb-2d5777b11d229d115a31a6c82236570002c2dd57.tar.gz archweb-2d5777b11d229d115a31a6c82236570002c2dd57.tar.xz | |
Add a generate_keyring command
This grabs all the PGP keys from the developer profiles and adds them to
the keyrings. Obviously we may want to do more in the future such as
filter by groups, active status, etc. but this is just a first
iteration.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'devel/management/commands/generate_keyring.py')
| -rw-r--r-- | devel/management/commands/generate_keyring.py | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/devel/management/commands/generate_keyring.py b/devel/management/commands/generate_keyring.py new file mode 100644 index 0000000..b95d5a8 --- /dev/null +++ b/devel/management/commands/generate_keyring.py @@ -0,0 +1,59 @@ +# -*- coding: utf-8 -*- +""" +generate_keyring command + +Assemble a GPG keyring with all known developer keys. + +Usage: ./manage.py generate_keyring <keyserver> <keyring_path> +""" + +from django.core.management.base import BaseCommand, CommandError +from django.db.models import Q + +import logging +import subprocess +import sys + +from main.models import UserProfile + +logging.basicConfig( + level=logging.INFO, + format='%(asctime)s -> %(levelname)s: %(message)s', + datefmt='%Y-%m-%d %H:%M:%S', + stream=sys.stderr) +logger = logging.getLogger() + +class Command(BaseCommand): + args = "<keyserver> <keyring_path>" + help = "Assemble a GPG keyring with all known developer keys." + + def handle(self, *args, **options): + v = int(options.get('verbosity', None)) + if v == 0: + logger.level = logging.ERROR + elif v == 1: + logger.level = logging.INFO + elif v == 2: + logger.level = logging.DEBUG + + if len(args) != 2: + raise CommandError("keyserver and keyring_path must be provided") + + return generate_keyring(args[0], args[1]) + +def generate_keyring(keyserver, keyring): + logger.info("getting all known key IDs") + + exclude = Q(pgp_key__isnull=True) & Q(pgp_key__exact="") + key_ids = UserProfile.objects.exclude( + exclude).values_list("pgp_key", flat=True) + logger.info("%d keys fetched from user profiles", len(key_ids)) + + gpg_cmd = ["gpg", "--no-default-keyring", "--keyring", keyring, + "--keyserver", keyserver, "--recv-keys"] + logger.info("running command: %r", gpg_cmd) + gpg_cmd.extend(key_ids) + subprocess.check_call(gpg_cmd) + logger.info("keyring at %s successfully updated", keyring) + +# vim: set ts=4 sw=4 et: |