diff --git a/dev-tools/scripts/buildAndPushRelease.py b/dev-tools/scripts/buildAndPushRelease.py index af3053b521..8c5174355d 100644 --- a/dev-tools/scripts/buildAndPushRelease.py +++ b/dev-tools/scripts/buildAndPushRelease.py @@ -218,12 +218,6 @@ def pushLocal(version, root, rev, rcNum, localDir): run('tar xjf "%s/solr/package/solr.tar.bz2"' % root) os.remove('%s/solr/package/solr.tar.bz2' % root) - print(' KEYS') - run('wget http://home.apache.org/keys/group/lucene.asc') - os.rename('lucene.asc', 'KEYS') - run('chmod a+r-w KEYS') - run('cp KEYS ../lucene') - print(' chmod...') os.chdir('..') run('chmod -R a+rX-w .') @@ -245,6 +239,8 @@ def parse_config(): formatter_class=argparse.RawDescriptionHelpFormatter) parser.add_argument('--no-prepare', dest='prepare', default=True, action='store_false', help='Use the already built release in the provided checkout') + parser.add_argument('--no-check-keys', dest='checkKeys', default=True, action='store_false', + help='Skips downloading online KEYS file to validate existence of GPG key ID') parser.add_argument('--push-local', metavar='PATH', help='Push the release to the local path') parser.add_argument('--sign', metavar='KEYID', @@ -289,12 +285,43 @@ def check_cmdline_tools(): # Fail fast if there are cmdline tool problems antVersion = os.popen('ant -version').read().strip() if not antVersion.startswith('Apache Ant(TM) version 1.8') and not antVersion.startswith('Apache Ant(TM) version 1.9'): raise RuntimeError('ant version is not 1.8.X: "%s"' % antVersion) - + + +def check_key_in_keys(gpgKeyID): + if gpgKeyID is not None: + print(' Verify your gpg key is in the main KEYS file') + keysFileURL = "https://archive.apache.org/dist/lucene/KEYS" + keysFileText = urllib.request.urlopen(keysFileURL).read().decode('iso-8859-1') + if len(gpgKeyID) > 2 and gpgKeyID[0:2] == '0x': + gpgKeyID = gpgKeyID[2:] + if len(gpgKeyID) > 40: + gpgKeyID = gpgKeyID.replace(" ", "") + if len(gpgKeyID) == 8: + re_to_match = r"^pub\s+\d+[DR]/%s " % gpgKeyID + elif len(gpgKeyID) == 40: + gpgKeyID40Char = "%s %s %s %s %s %s %s %s %s %s" % \ + (gpgKeyID[0:4], gpgKeyID[4:8], gpgKeyID[8:12], gpgKeyID[12:16], gpgKeyID[16:20], + gpgKeyID[20:24], gpgKeyID[24:28], gpgKeyID[28:32], gpgKeyID[32:36], gpgKeyID[36:]) + print("Generated id string %s" % gpgKeyID40Char) + re_to_match = r"^\s+Key fingerprint = %s$" % gpgKeyID40Char + else: + print('Invalid gpg key id format. Must be 8 byte short ID or 40 byte fingerprint, with or without 0x prefix.') + exit(2) + if re.search(re_to_match, keysFileText, re.MULTILINE): + print(' Found key %s in KEYS file at %s' % (gpgKeyID, keysFileURL)) + else: + print(' ERROR: Did not find your key %s in KEYS file at %s. Please add it, push it online and try again.' % (gpgKeyID, keysFileURL)) + exit(2) + + def main(): check_cmdline_tools() c = parse_config() + if c.checkKeys: + check_key_in_keys(c.key_id) + if c.prepare: rev = prepare(c.root, c.version, c.key_id, c.key_password) else: