Adjust APT release script during GPG key rotation (#464)

joaopalet · web-flow · commit 2a98589920f7 · 2024-08-29T13:55:27.000Z
diff --git a/scripts/new-public-key.gpg b/scripts/new-public-key.gpg
@@ -0,0 +1,14 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEZs7fYxYJKwYBBAHaRw8BAQdAyoFCfBmwdPB3c7pVsQw+lYSuJzXZO3VkQlZs
+mFteW5q0NVNUQUNLSVQgR1BHIFNJR05FUiA8c3RhY2tpdC1ncGctc2lnbmVyQHN0
+YWNraXQuY2xvdWQ+iJkEExYKAEEWIQS4bpVrR+qLfEWw7biJ8pBDfqyyqwUCZs7f
+YwIbAwUJAO1OAAULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRCJ8pBDfqyy
+q9RbAPsF3c+JkyXkOpHlIRzy0dfFwNO0H75ev95TuAhZlk6+5wEAl/WOogYvlUbD
+x8Uko7PbY1cN3S1N8ZAruOabxSvjPAG4OARmzt9jEgorBgEEAZdVAQUBAQdAI62z
+jCQW8MI6f9SFsaMHDOkhLTcQ5dGfngybmHTWgy4DAQgHiH4EGBYKACYWIQS4bpVr
+R+qLfEWw7biJ8pBDfqyyqwUCZs7fYwIbDAUJAO1OAAAKCRCJ8pBDfqyyqwBxAP96
+6oW1eQLAeTkZTshfQOHU1JTEe5kNPqKg4j2QrnCyYwD/SI0yqHeHYSV+LQ1XYngY
+dGSb94FNr07033VwWlokFg4=
+=f80Z
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/scripts/publish-apt-packages.sh b/scripts/publish-apt-packages.sh
@@ -50,6 +50,9 @@ aptly snapshot create new-snapshot from repo new-repo
 printf "\n>>> Merging snapshots \n"
 aptly snapshot pull -no-remove -architectures="amd64,i386,arm64" current-snapshot new-snapshot updated-snapshot ${DISTRIBUTION}
 
+# Import new public key (temporary)
+gpg --no-default-keyring --keyring=${CUSTOM_KEYRING_FILE} --import new-public-key.gpg
+
 # Publish the new snapshot to the remote repo
 printf "\n>>> Publishing updated snapshot \n"
 aptly publish snapshot -keyring="${CUSTOM_KEYRING_FILE}" -gpg-key="${GPG_PRIVATE_KEY_FINGERPRINT}" -passphrase "${GPG_PASSPHRASE}" -config "${APTLY_CONFIG_FILE_PATH}" updated-snapshot "s3:${APT_BUCKET_NAME}:${APT_REPO_FOLDER}"
