diff options
author | Nicolás Reynolds <fauno@kiwwwi.com.ar> | 2011-12-04 23:07:59 -0300 |
---|---|---|
committer | Nicolás Reynolds <fauno@kiwwwi.com.ar> | 2011-12-04 23:07:59 -0300 |
commit | 988c2c6d400b3721464c2891891807d504b076b0 (patch) | |
tree | 013dc3d676edad701d0d3bbd239bc2df0cdf76b4 /devel/management/commands/generate_keyring.py | |
parent | 60a1fc6cc4cef0b9eed58ea4f0ca003b76ec382a (diff) | |
parent | 183c4d9cefa95f46c3fa3a6936f837542426eac2 (diff) |
Merge branch 'master' of ssh://gparabola/parabolaweb
Conflicts:
local_settings.py.example
media/archweb.css
packages/templatetags/package_extras.py
public/views.py
templates/packages/details.html
templates/packages/flag.html
templates/packages/flag_confirmed.html
templates/packages/flagged.html
templates/packages/search.html
templates/public/download.html
templates/todolists/view.html
Diffstat (limited to 'devel/management/commands/generate_keyring.py')
-rw-r--r-- | devel/management/commands/generate_keyring.py | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/devel/management/commands/generate_keyring.py b/devel/management/commands/generate_keyring.py new file mode 100644 index 00000000..062c738b --- /dev/null +++ b/devel/management/commands/generate_keyring.py @@ -0,0 +1,86 @@ +# -*- coding: utf-8 -*- +""" +generate_keyring command + +Assemble a GPG keyring with all known developer keys. + +Usage: ./manage.py generate_keyring <keyserver> <keyring_path> +""" + +from django.core.management.base import BaseCommand, CommandError + +import logging +import subprocess +import sys + +from devel.models import MasterKey +from main.models import UserProfile + +logging.basicConfig( + level=logging.INFO, + format='%(asctime)s -> %(levelname)s: %(message)s', + datefmt='%Y-%m-%d %H:%M:%S', + stream=sys.stderr) +logger = logging.getLogger() + +class Command(BaseCommand): + args = "<keyserver> <keyring_path> [ownertrust_path]" + help = "Assemble a GPG keyring with all known developer keys." + + def handle(self, *args, **options): + v = int(options.get('verbosity', None)) + if v == 0: + logger.level = logging.ERROR + elif v == 1: + logger.level = logging.INFO + elif v == 2: + logger.level = logging.DEBUG + + if len(args) < 2: + raise CommandError("keyserver and keyring_path must be provided") + + generate_keyring(args[0], args[1]) + + if len(args) > 2: + generate_ownertrust(args[2]) + + +def generate_keyring(keyserver, keyring): + logger.info("getting all known key IDs") + + # Screw you Django, for not letting one natively do value != <empty string> + key_ids = UserProfile.objects.filter(user__is_active=True, + pgp_key__isnull=False).extra(where=["pgp_key != ''"]).values_list( + "pgp_key", flat=True) + logger.info("%d keys fetched from user profiles", len(key_ids)) + master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True) + logger.info("%d keys fetched from master keys", len(master_key_ids)) + + gpg_cmd = ["gpg", "--no-default-keyring", "--keyring", keyring, + "--keyserver", keyserver, "--recv-keys"] + logger.info("running command: %r", gpg_cmd) + gpg_cmd.extend(key_ids) + gpg_cmd.extend(master_key_ids) + subprocess.check_call(gpg_cmd) + logger.info("keyring at %s successfully updated", keyring) + + +TRUST_LEVELS = { + 'unknown': 0, + 'expired': 1, + 'undefined': 2, + 'never': 3, + 'marginal': 4, + 'fully': 5, + 'ultimate': 6, +} + + +def generate_ownertrust(trust_path): + master_key_ids = MasterKey.objects.values_list("pgp_key", flat=True) + with open(trust_path, "w") as trustfile: + for key_id in master_key_ids: + trustfile.write("%s:%d:\n" % (key_id, TRUST_LEVELS['marginal'])) + logger.info("trust file at %s created or overwritten", trust_path) + +# vim: set ts=4 sw=4 et: |