Re-add key grip needed for private key
authorJan Dittberner <jandd@cacert.org>
Fri, 2 Aug 2019 08:27:01 +0000 (10:27 +0200)
committerJan Dittberner <jandd@cacert.org>
Fri, 2 Aug 2019 08:27:01 +0000 (10:27 +0200)
hieradata/nodes/webstatic.yaml
sitemodules/profiles/manifests/debarchive.pp

index 7dd2459..c489195 100644 (file)
@@ -5,7 +5,6 @@ profiles::base::admins:
   - jandd
   - law
 profiles::debarchive::notification_email_address: jandd@cacert.org
-profiles::debarchive::release_signing_keyid: "CAcert Debian Archive Signing Key 2019"
 profiles::debarchive::release_signing_key: >
     ENC[PKCS7,MIIIzQYJKoZIhvcNAQcDoIIIvjCCCLoCAQAxggEhMIIBHQIBADAFMAACAQEw
     DQYJKoZIhvcNAQEBBQAEggEAtJiS4GluyFbbkmxFKmH+2CWZRD1wotHn8HAc
@@ -58,6 +57,8 @@ profiles::debarchive::release_signing_key: >
     7qKVOpRKA15H3QDHEsh/SOc59L9tvzCa637rBGJMBfvf8QyrUwOVnVebgFSm
     r9bg7DReCgweHUukIbHzVPy3UE/lyqnAZWeIPJ4+jmTqrATq/EOs9iQQetyR
     VP8xiy7PwA==]
+profiles::debarchive::release_signing_keygrip: 223894064EE26851A245DE9208C5C0ABF772F7A7
+profiles::debarchive::release_signing_keyid: "CAcert Debian Archive Signing Key 2019"
 profiles::debarchive::uploaders:
   - jandd
 profiles::icinga2_agent::pki_ticket: >
index 595d92c..44c46bb 100644 (file)
@@ -9,11 +9,13 @@
 # @param notification_email_address email address that will receive reports
 #                                   from mini-dinstall
 #
-# @param release_signing_keyid      GPG key id of the release signing key
-#
 # @param release_signing_key        data of a GPG key that is used for
 #                                   release file signing
 #
+# @param release_signing_keygrip    GPG keygrip of the release signing key
+#
+# @param release_signing_keyid      GPG key id of the release signing key
+#
 # @param uploaders                  a list of users that are allowed to dput
 #                                   files to the Debian archive
 #
@@ -37,8 +39,9 @@
 #
 class profiles::debarchive (
   String $notification_email_address,
-  String $release_signing_keyid,
   String $release_signing_key,
+  String $release_signing_keygrip,
+  String $release_signing_keyid,
   Array[String] $uploaders = [],
 ) {
   include profiles::base