Skip to content

Commit cb3dece

Browse files
johnstcnjohnstcn
committed
chore(dogfood): update keys, add script to do so
1 parent ef635f1 commit cb3dece

12 files changed

+62
-0
lines changed

dogfood/files/usr/share/keyrings/ansible.gpg

-852 Bytes
Binary file not shown.

dogfood/files/usr/share/keyrings/docker.gpg

-2.09 KB
Binary file not shown.

dogfood/files/usr/share/keyrings/github-cli.gpg

-860 Bytes
Binary file not shown.

dogfood/files/usr/share/keyrings/google-chrome.gpg

-5.27 KB
Binary file not shown.

dogfood/files/usr/share/keyrings/google-cloud.gpg

-909 Bytes
Binary file not shown.

dogfood/files/usr/share/keyrings/hashicorp.gpg

-2.15 KB
Binary file not shown.

dogfood/files/usr/share/keyrings/microsoft.gpg

-452 Bytes
Binary file not shown.

dogfood/files/usr/share/keyrings/neovim.gpg

-826 Bytes
Binary file not shown.

dogfood/files/usr/share/keyrings/nodesource.gpg

-1.72 KB
Binary file not shown.

dogfood/files/usr/share/keyrings/postgresql.gpg

-2.57 KB
Binary file not shown.

dogfood/files/usr/share/keyrings/yarnpkg.gpg

-8.02 KB
Binary file not shown.

dogfood/update-keys.sh

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
#!/usr/bin/env bash
2+
3+
set -euo pipefail
4+
5+
PROJECT_ROOT="$(git rev-parse --show-toplevel)"
6+
7+
curl_flags=(
8+
--silent
9+
--show-error
10+
--location
11+
)
12+
13+
gpg_flags=(
14+
--dearmor
15+
--yes
16+
)
17+
18+
pushd "$PROJECT_ROOT/dogfood/files/usr/share/keyrings"
19+
# Upstream Docker signing key
20+
curl "${curl_flags[@]}" "https://download.docker.com/linux/ubuntu/gpg" | \
21+
gpg "${gpg_flags[@]}" --output="docker.gpg"
22+
23+
# Google Cloud signing key
24+
curl "${curl_flags[@]}" "https://packages.cloud.google.com/apt/doc/apt-key.gpg" | \
25+
gpg "${gpg_flags[@]}" --output="google-cloud.gpg"
26+
27+
# Google Linux Software repository signing key (Chrome)
28+
curl "${curl_flags[@]}" "https://dl.google.com/linux/linux_signing_key.pub" | \
29+
gpg "${gpg_flags[@]}" --output="google-chrome.gpg"
30+
31+
# Microsoft repository signing key (Edge)
32+
curl "${curl_flags[@]}" "https://packages.microsoft.com/keys/microsoft.asc" | \
33+
gpg "${gpg_flags[@]}" --output="microsoft.gpg"
34+
35+
# Upstream PostgreSQL signing key
36+
curl "${curl_flags[@]}" "https://www.postgresql.org/media/keys/ACCC4CF8.asc" | \
37+
gpg "${gpg_flags[@]}" --output="postgresql.gpg"
38+
39+
# NodeSource signing key
40+
curl "${curl_flags[@]}" "https://deb.nodesource.com/gpgkey/nodesource.gpg.key" | \
41+
gpg "${gpg_flags[@]}" --output="nodesource.gpg"
42+
43+
# Yarnpkg signing key
44+
curl "${curl_flags[@]}" "https://dl.yarnpkg.com/debian/pubkey.gpg" | \
45+
gpg "${gpg_flags[@]}" --output="yarnpkg.gpg"
46+
47+
# Ansible PPA signing key
48+
curl "${curl_flags[@]}" "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x6125e2a8c77f2818fb7bd15b93c4a3fd7bb9c367" | \
49+
gpg "${gpg_flags[@]}" --output="ansible.gpg"
50+
51+
# Neovim signing key
52+
curl "${curl_flags[@]}" "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x9dbb0be9366964f134855e2255f96fcf8231b6dd" | \
53+
gpg "${gpg_flags[@]}" --output="neovim.gpg"
54+
55+
# Hashicorp signing key
56+
curl "${curl_flags[@]}" "https://apt.releases.hashicorp.com/gpg" | \
57+
gpg "${gpg_flags[@]}" --output="hashicorp.gpg"
58+
59+
# GitHub CLI signing key
60+
curl "${curl_flags[@]}" "https://cli.github.com/packages/githubcli-archive-keyring.gpg" | \
61+
gpg "${gpg_flags[@]}" --output="github-cli.gpg"
62+
popd

0 commit comments

Comments
 (0)