aboutsummaryrefslogtreecommitdiff
Maintainer notes
================

Adding a new team member key
----------------------------

make keyrings/team-members.gpg
gpg --no-default-keyring --keyring keyrings/team-members.gpg \
  --no-auto-check-trustdb --import $KEYFILE
jetring-gen keyrings/team-members.gpg~ keyrings/team-members.gpg \
  "add adsb (ID: C5CE5DC2C542CD59)"
jetring-accept team-members/ add-C5CE5DC2C542CD59 

or

./scripts/add-member "$KEYFILE" "C5CE5DC2C542CD59" "add adsb" 

Adding a new archive key
------------------------

make keyrings/jadupc-archive-keyring.gpg
gpg --no-default-keyring --keyring keyrings/jadupc-archive-keyring.gpg \
  --no-auto-check-trustdb --import $KEYFILE
jetring-gen keyrings/jadupc-archive-keyring.gpg~ \
  keyrings/jadupc-archive-keyring.gpg \
  "add shopno automatic key (security)"
mv add-9D6D8F6BC857C906 add-shopno-security-automatic
jetring-accept active-keys/ add-shopno-security-automatic

or

./scripts/add-archive $KEYFILE "9D6D8F6BC857C906" "shopno automatic key (security)"

Note that the filenames used for the changeset filenames must never be
subsets of another changeset filename, or the keyring build will
over-eagerly remove them and then fail.

Removing an archive key
-----------------------

[There should be a better way of doing this]

Copy the corresponding entry from active-keys/index to removed-keys/index
Move active-keys/add-$foo to removed-keys/
gpg --detach-sign --output removed-keys/index.gpg --armor --sign \
  removed-keys/index
Remove the relevant entry from active-keys/index
gpg --detach-sign --output active-keys/index.gpg --armor --sign \
  active-keys/index

Confirm that the result was as expected by:

make clean
make keyrings/jadupc-archive-keyring.gpg
make keyrings/jadupc-archive-removed-keys.gpg

and checking the contents of each keyring

Add an entry to jadupc/jadupc-archive-keyring.maintscript:

rm_conffile /etc/apt/trusted.gpg.d/jadupc-archive-${foo}.gpg ${version}~~

Pre-build
---------

gpg --armor --detach-sign keyrings/jadupc-archive-keyring.gpg

If any keys were removed:
gpg --armor --detach-sign keyrings/jadupc-archive-removed-keys.gpg
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-02 07:42:13 +0000