]> git.scottworley.com Git - auto-upgrade-with-pinch/commitdiff
Specify key by long key id, not fingerprint
authorScott Worley <scottworley@scottworley.com>
Wed, 20 May 2020 04:33:12 +0000 (21:33 -0700)
committerScott Worley <scottworley@scottworley.com>
Wed, 20 May 2020 04:33:12 +0000 (21:33 -0700)
The GnuPG manual says "The best way to specify a key Id is by using the
fingerprint," but --trusted-key doesn't accept fingerprints.  ಠ_ಠ

overlays/keyedgit.nix

index a4465dcf493328d12f3b53b33b5f18ecfa8de3ff..7688acefb3f0e9e2abdb49905801380f7d106755 100644 (file)
@@ -13,7 +13,7 @@ self: super: {
       '';
       keyids = super.runCommand "keyids" {} ''
         ${homelessGPG} --no-default-keyring --with-colons --show-keys ${keys} |
       '';
       keyids = super.runCommand "keyids" {} ''
         ${homelessGPG} --no-default-keyring --with-colons --show-keys ${keys} |
-          ${self.gawk}/bin/awk -F: 'prev == "pub" && $1 == "fpr" { print $10 } { prev = $1 }' > $out
+          ${self.gawk}/bin/awk -F: '$1 == "pub" { print $5 }' > $out
       '';
       keyedGPG = super.writeShellScript "keyed-gpg" ''
         trusted_key_args=()
       '';
       keyedGPG = super.writeShellScript "keyed-gpg" ''
         trusted_key_args=()