extend expiration take 2 - update in src/gt and also create signature

tegonal · Oct 25, 2024 · cf187ca · cf187ca
1 parent f97e1c0
commit cf187ca
Show file tree

Hide file tree

Showing 6 changed files with 149 additions and 54 deletions.
diff --git a/.gt/signing-key.public.asc b/.gt/signing-key.public.asc
@@ -59,31 +59,30 @@ AGeerkJ3XN7/ttUFe6sa0vPxbJX+S8CApFzo2smKaL5B+S0UI92G4MvZXaS65i0u
 Ow5JSrpfZvvz1L6+6CEPKdTyC+S2HeLpUHzTFnQBFwZimO2wTrLeMQfoW5ZT75Vz
 8FBqF9w01JC9hmsSA4n4MEsM3yvQTHkAVY4DoTEtlCJUK9kYWh6SorM3DpEQLVjh
 Xzw1QOiyOfzDQFP0l24440kaGEvP+w8809Rd0dNsSZXtbtMN/b6lgTKZ2xC37Zkh
-Qvs6Hs5sx8Se83/Lyh8gO9At3U6amQz0bTzy3Pa3U3UpABEBAAGJBHIEGAEKACYW
-IQQU5W1MPaI/rfVKQONrgrsr7O4ERwUCYrMlyAIbAgUJAeEzgAJACRBrgrsr7O4E
-R8F0IAQZAQoAHRYhBJQHlYGGZpXeqdTJWJRf5hWQTlyFBQJisyXIAAoJEJRf5hWQ
-TlyFTLIP/i44iSXGBT8gRncDddfPWEEWqjVl/W5q3VC1ow5FKEDk3Fe91/yU/iCN
-0AMhmIFkAdZckZJAm5uRL04e2j3L3sHqbEcpXNDUzwSPR9zSwYDrk01b9QGhUFjV
-vYmhvL6MfFquDaWttcllOAoRBt4SJDgBtY2mtTpZlH9OgJPHP4ROgxqRnCdvVIBS
-JXRvCJxRTSVE+8xzjjTZULxDkzGUMBVv9UM/9PfFZOBvlO5py9iuVfX5rY9+/YV1
-n9XG5ZwZbYqi3K80R9NkNhiZLsLU9rXA0/OYEF6DhmepngxmYabdJTwH3dSXOKHS
-6aXHrLH+n2xaKFlND6C8Mfe6tykWjCZPHYQntWiM/7S7+vgVYsE16ZKwUmRpu5B2
-zpK+bZLGgIDEm/f/an3l2qvUNf/NmQfJouBTMwUhDViYxOuqYKTkZOefofiY9fr2
-EGCwZ2jt25KR/J8Cec7FvJ9c6pWUAZNkVxfYs2EmXlpGMQxGsxns4ql8b8v9XfJh
-MHxS5do4nZ80kRfZcg8nB+nNJt1ecRs1urXW+6lPEue0DQSXBjuSFZxcl2Bbd4lj
-RzwaYeZWvNiEqUsW6DEWYCjlKTby+DA+u/s93Od44UrTXs/3AnmYNFN01unPX9lb
-mqqtFFPVoD7r6D7MXnra3ohwjLW0d47nWz7vGnCUfjNrevQQ1eCA4wQP/1CUuOSz
-qi19Mh4B+tHDtUsVUSWJ3VKAx8dbyCezwkaYp3QOpTVjVea2Q3e3RAwYCIx16kj3
-lPD5C4EZy0xTHOZtESazeTsVmureLsAWxeGYW8PvB+dF+F05f39UmiTnIcVDDvWF
-46iuiDvLLVUx5g3C/jYLh4SQBb0tNrOjxxGfzodC8nZf7zgKhxY6TExzGV5MzSg2
-1nNRv3bNSnkdEjwN+/Y1n8RxCaOIGQSu/vJK+C+eSTRaMiJR2Xh3xlSuHLDOGQee
-4J5CSTm6Ht/fZSKUXPmkOySKCkiHsQYwWLHBDMkxLLjTNkKIXDNPu5Edc2oXZ4os
-UOT3AELDi4seNPA9gCFSh4sY8ze3D6kjHSBZYfFZL4OU+/Sv+2nMzF9eBwQkngMy
-eriVPO8dhe9eVc9dqEJdyEKYJbQ0qZ8+s7LJmSPzHsuoWcp7M01zDxyYuza1Lp+Z
-AKmNxev+4lv1NvmlX1ZsTOSFLXjm+dt5+NbHEtm/O3jBKhlAvdHVQ2nU/gs9cMdb
-1U+5P8SsVvBSPgn11q1DayAlUqxX0ydCS43tDakKc1762WXXxCyuvqT6triZ7XnA
-CnUWZTkAlC3I2DZOAiGKPYkZnBnFCwxBaPkHAy8zizXQ2C4/HhQR3dqLYeEWWo6v
-f2vVxNWadi/2nUG/SaIP50nxjd1aDrG9sDgi
-=eXmm
+Qvs6Hs5sx8Se83/Lyh8gO9At3U6amQz0bTzy3Pa3U3UpABEBAAGJBHIEGAEKACYC
+GwIWIQQU5W1MPaI/rfVKQONrgrsr7O4ERwUCZxuE2QUJBkmSkQJAwXQgBBkBCgAd
+FiEElAeVgYZmld6p1MlYlF/mFZBOXIUFAmKzJcgACgkQlF/mFZBOXIVMsg/+LjiJ
+JcYFPyBGdwN1189YQRaqNWX9bmrdULWjDkUoQOTcV73X/JT+II3QAyGYgWQB1lyR
+kkCbm5EvTh7aPcvewepsRylc0NTPBI9H3NLBgOuTTVv1AaFQWNW9iaG8vox8Wq4N
+pa21yWU4ChEG3hIkOAG1jaa1OlmUf06Ak8c/hE6DGpGcJ29UgFIldG8InFFNJUT7
+zHOONNlQvEOTMZQwFW/1Qz/098Vk4G+U7mnL2K5V9fmtj379hXWf1cblnBltiqLc
+rzRH02Q2GJkuwtT2tcDT85gQXoOGZ6meDGZhpt0lPAfd1Jc4odLppcessf6fbFoo
+WU0PoLwx97q3KRaMJk8dhCe1aIz/tLv6+BViwTXpkrBSZGm7kHbOkr5tksaAgMSb
+9/9qfeXaq9Q1/82ZB8mi4FMzBSENWJjE66pgpORk55+h+Jj1+vYQYLBnaO3bkpH8
+nwJ5zsW8n1zqlZQBk2RXF9izYSZeWkYxDEazGeziqXxvy/1d8mEwfFLl2jidnzSR
+F9lyDycH6c0m3V5xGzW6tdb7qU8S57QNBJcGO5IVnFyXYFt3iWNHPBph5la82ISp
+SxboMRZgKOUpNvL4MD67+z3c53jhStNez/cCeZg0U3TW6c9f2Vuaqq0UU9WgPuvo
+PsxeetreiHCMtbR3judbPu8acJR+M2t69BDV4IAJEGuCuyvs7gRH8NkP/2WxlneI
+SqsmFFBYrSRsQSNSBucqV/1IY0vLeGD+bevnB7yKdWx0QtNdyuf5yhBGU66l82i5
+1enJiqsFrVFy4vvTjH3osuEYcSMVD+A7zGom7qnZCjQFDqKMnZjYdsLwunlB2fXY
+DP4AF3jNxtB7yboq0apE5JvBgTB0UPnZTOzXFsSL3oO5KSPQJ1PsLaxFOawG0SEi
+9aqkM6iBCH2GS5D/7jyIYHRVRDD3j6uG2kDALSgaKexn/3Hx7qDVti8pTqeAAPdR
+pPZeFFpjo+Ee1F1V+we5nQtC+kHo0BgJPDErE5h9aZvgTG8Wmq+Q8Pn8mIGFpeiT
++zuhdYSwifm0wC3hEMouuKBkcdC4EMrtSEpU9oAWlWrpn8bimBcqGhwUTrtnObX1
+jo6k2T6Dp/HP4/+QiVq/OFJhvbPdFe2uhbJJIg+lJDP+lkVvqDfTTdGcgMgcb2d9
+jSDrNNbqRL8hOVK87yHLKTOi1yCulc6pFYM/ADGt0C+UgtCUj8DS1v+LvZ4zd950
+/Y72WwLYDcuwLyP6NwQDehKhkUvjpVr83HCG8I85FgNyCL5V22ckgpPfZ8qHpE3n
+WJXPc7Ut7q+ZB2Wuy3nP72bs2PwAb2T67k+xBVmj6doXvtC/WbM1z3u0rIYxfgLR
+fkQXk63joX9vZ7YkWIV+26HHdGwGTnPI6kvy
+=tB7/
 -----END PGP PUBLIC KEY BLOCK-----
-
diff --git a/.gt/signing-key.public.asc.sig b/.gt/signing-key.public.asc.sig
diff --git a/README.md b/README.md
@@ -107,6 +107,16 @@ Please have a look at
 [CONTRIBUTING.md](https://github.com/tegonal/github-commons/tree/main/.github/CONTRIBUTING.md)
 for further suggestions and guidelines.
 
+## Extend expiration of signing-key
+
+Execute the following script, which will extend the sub-key 945FE615904E5C85 by one year and copies it to 
+src/gt/signing-key.public.asc and also signs it again with the key 4B78012139378220 and finally copies the files
+to the .gt folder.
+
+```bash
+./scripts/extend-expiration-signing-key.sh
+```
+
 # License
 
 Most provided files are licensed under [Creative Commons Zero v1.0 Universal](https://creativecommons.org/publicdomain/zero/1.0/).  

diff --git a/scripts/extend-expiration-signing-key.sh b/scripts/extend-expiration-signing-key.sh
@@ -0,0 +1,87 @@
+#!/usr/bin/env bash
+#
+#   / /____ ___ ____  ___  ___ _/ /       This file is provided to you by https://github.com/tegonal/github-commons
+#  / __/ -_) _ `/ _ \/ _ \/ _ `/ /        Copyright 2022 Tegonal Genossenschaft <info@tegonal.com>
+#  \__/\__/\_, /\___/_//_/\_,_/_/         It is licensed under Creative Commons Zero v1.0 Universal
+#         /___/                           Please report bugs and contribute back your improvements
+#
+#                                         Version: v2.9.0-SNAPSHOT
+###################################
+set -euo pipefail
+shopt -s inherit_errexit
+unset CDPATH
+
+if ! [[ -v scriptsDir ]]; then
+	scriptsDir="$(cd -- "$(dirname -- "${BASH_SOURCE[0]:-$0}")" >/dev/null && pwd 2>/dev/null)"
+	readonly scriptsDir
+fi
+
+if ! [[ -v projectDir ]]; then
+	projectDir="$(realpath "$scriptsDir/../")"
+	readonly projectDir
+fi
+
+if ! [[ -v dir_of_github_commons ]]; then
+	dir_of_github_commons="$projectDir/src"
+	readonly dir_of_github_commons
+fi
+
+if ! [[ -v dir_of_tegonal_scripts ]]; then
+	dir_of_tegonal_scripts="$scriptsDir/../lib/tegonal-scripts/src"
+	source "$dir_of_tegonal_scripts/setup.sh" "$dir_of_tegonal_scripts"
+fi
+
+sourceOnce "$dir_of_tegonal_scripts/utility/gpg-utils.sh"
+
+function setupTmpDir() {
+	local -r tmpDir=$1
+	mkdir "$tmpDir"
+	local -r gpgDir="$tmpDir/gpg"
+	mkdir "$gpgDir"
+	chmod 700 "$gpgDir"
+}
+
+function importGpgViaClipboard() {
+	local -r tmpDir=$1
+	local -r keyId=$2
+	local -r gpgDir="$tmpDir/gpg"
+
+	echo "copy the private key of $keyId into your clipboard and press enter"
+	read -r
+	xclip -o -sel clipboard >"$tmpDir/$keyId.asc"
+	# we make sure the asc ends with an empty line otherwise gpg will fail
+	echo "" >>"./$keyId.asc"
+	gpg --homedir "$gpgDir" --import "$tmpDir/$keyId.asc"
+
+	gpg --homedir "$gpgDir" --list-secret-keys
+}
+
+function extendExpirationSigningKey() {
+	trap "[[ -d /tmp/signing-key ]] && rm -r /tmp/signing-key" EXIT
+
+	local -r signingKey="$dir_of_github_commons/gt/signing-key.public.asc"
+	local -r actualSig="$dir_of_github_commons/gt/signing-key.public.asc.actual_sig"
+	local -r tmpDir="/tmp/signing-key"
+	local -r gpgDir="$tmpDir/gpg"
+
+	setupTmpDir "$tmpDir"
+	gpg --homedir "$gpgDir" --import "$signingKey"
+	importGpgViaClipboard "$tmpDir" 6B82BB2BECEE0447
+	printf "key 945FE615904E5C85\nexpire\n1y\nsave\n" |
+		gpg --homedir "$gpgDir" --batch --command-fd 0 --edit-key 6B82BB2BECEE0447
+	gpg --homedir "$gpgDir" --export --armor 6B82BB2BECEE0447 >"$signingKey"
+	rm -r "$tmpDir"
+
+	setupTmpDir "$tmpDir"
+	importGpgViaClipboard "$tmpDir" 4B78012139378220
+	gpg --homedir "$gpgDir" --detach-sign -u 4B78012139378220 --output "$actualSig"  "$signingKey"
+	rm -r "$tmpDir"
+
+	"$scriptsDir/before-pr.sh"
+
+	logSuccess "expiration date for %s updated and signed (%s) and copied to the .gt directory" "$signingKey" "$actualSig"
+
+}
+
+${__SOURCED__:+return}
+extendExpirationSigningKey "$@"
diff --git a/src/gt/signing-key.public.asc b/src/gt/signing-key.public.asc
@@ -59,31 +59,30 @@ AGeerkJ3XN7/ttUFe6sa0vPxbJX+S8CApFzo2smKaL5B+S0UI92G4MvZXaS65i0u
 Ow5JSrpfZvvz1L6+6CEPKdTyC+S2HeLpUHzTFnQBFwZimO2wTrLeMQfoW5ZT75Vz
 8FBqF9w01JC9hmsSA4n4MEsM3yvQTHkAVY4DoTEtlCJUK9kYWh6SorM3DpEQLVjh
 Xzw1QOiyOfzDQFP0l24440kaGEvP+w8809Rd0dNsSZXtbtMN/b6lgTKZ2xC37Zkh
-Qvs6Hs5sx8Se83/Lyh8gO9At3U6amQz0bTzy3Pa3U3UpABEBAAGJBHIEGAEKACYW
-IQQU5W1MPaI/rfVKQONrgrsr7O4ERwUCYrMlyAIbAgUJAeEzgAJACRBrgrsr7O4E
-R8F0IAQZAQoAHRYhBJQHlYGGZpXeqdTJWJRf5hWQTlyFBQJisyXIAAoJEJRf5hWQ
-TlyFTLIP/i44iSXGBT8gRncDddfPWEEWqjVl/W5q3VC1ow5FKEDk3Fe91/yU/iCN
-0AMhmIFkAdZckZJAm5uRL04e2j3L3sHqbEcpXNDUzwSPR9zSwYDrk01b9QGhUFjV
-vYmhvL6MfFquDaWttcllOAoRBt4SJDgBtY2mtTpZlH9OgJPHP4ROgxqRnCdvVIBS
-JXRvCJxRTSVE+8xzjjTZULxDkzGUMBVv9UM/9PfFZOBvlO5py9iuVfX5rY9+/YV1
-n9XG5ZwZbYqi3K80R9NkNhiZLsLU9rXA0/OYEF6DhmepngxmYabdJTwH3dSXOKHS
-6aXHrLH+n2xaKFlND6C8Mfe6tykWjCZPHYQntWiM/7S7+vgVYsE16ZKwUmRpu5B2
-zpK+bZLGgIDEm/f/an3l2qvUNf/NmQfJouBTMwUhDViYxOuqYKTkZOefofiY9fr2
-EGCwZ2jt25KR/J8Cec7FvJ9c6pWUAZNkVxfYs2EmXlpGMQxGsxns4ql8b8v9XfJh
-MHxS5do4nZ80kRfZcg8nB+nNJt1ecRs1urXW+6lPEue0DQSXBjuSFZxcl2Bbd4lj
-RzwaYeZWvNiEqUsW6DEWYCjlKTby+DA+u/s93Od44UrTXs/3AnmYNFN01unPX9lb
-mqqtFFPVoD7r6D7MXnra3ohwjLW0d47nWz7vGnCUfjNrevQQ1eCA4wQP/1CUuOSz
-qi19Mh4B+tHDtUsVUSWJ3VKAx8dbyCezwkaYp3QOpTVjVea2Q3e3RAwYCIx16kj3
-lPD5C4EZy0xTHOZtESazeTsVmureLsAWxeGYW8PvB+dF+F05f39UmiTnIcVDDvWF
-46iuiDvLLVUx5g3C/jYLh4SQBb0tNrOjxxGfzodC8nZf7zgKhxY6TExzGV5MzSg2
-1nNRv3bNSnkdEjwN+/Y1n8RxCaOIGQSu/vJK+C+eSTRaMiJR2Xh3xlSuHLDOGQee
-4J5CSTm6Ht/fZSKUXPmkOySKCkiHsQYwWLHBDMkxLLjTNkKIXDNPu5Edc2oXZ4os
-UOT3AELDi4seNPA9gCFSh4sY8ze3D6kjHSBZYfFZL4OU+/Sv+2nMzF9eBwQkngMy
-eriVPO8dhe9eVc9dqEJdyEKYJbQ0qZ8+s7LJmSPzHsuoWcp7M01zDxyYuza1Lp+Z
-AKmNxev+4lv1NvmlX1ZsTOSFLXjm+dt5+NbHEtm/O3jBKhlAvdHVQ2nU/gs9cMdb
-1U+5P8SsVvBSPgn11q1DayAlUqxX0ydCS43tDakKc1762WXXxCyuvqT6triZ7XnA
-CnUWZTkAlC3I2DZOAiGKPYkZnBnFCwxBaPkHAy8zizXQ2C4/HhQR3dqLYeEWWo6v
-f2vVxNWadi/2nUG/SaIP50nxjd1aDrG9sDgi
-=eXmm
+Qvs6Hs5sx8Se83/Lyh8gO9At3U6amQz0bTzy3Pa3U3UpABEBAAGJBHIEGAEKACYC
+GwIWIQQU5W1MPaI/rfVKQONrgrsr7O4ERwUCZxuE2QUJBkmSkQJAwXQgBBkBCgAd
+FiEElAeVgYZmld6p1MlYlF/mFZBOXIUFAmKzJcgACgkQlF/mFZBOXIVMsg/+LjiJ
+JcYFPyBGdwN1189YQRaqNWX9bmrdULWjDkUoQOTcV73X/JT+II3QAyGYgWQB1lyR
+kkCbm5EvTh7aPcvewepsRylc0NTPBI9H3NLBgOuTTVv1AaFQWNW9iaG8vox8Wq4N
+pa21yWU4ChEG3hIkOAG1jaa1OlmUf06Ak8c/hE6DGpGcJ29UgFIldG8InFFNJUT7
+zHOONNlQvEOTMZQwFW/1Qz/098Vk4G+U7mnL2K5V9fmtj379hXWf1cblnBltiqLc
+rzRH02Q2GJkuwtT2tcDT85gQXoOGZ6meDGZhpt0lPAfd1Jc4odLppcessf6fbFoo
+WU0PoLwx97q3KRaMJk8dhCe1aIz/tLv6+BViwTXpkrBSZGm7kHbOkr5tksaAgMSb
+9/9qfeXaq9Q1/82ZB8mi4FMzBSENWJjE66pgpORk55+h+Jj1+vYQYLBnaO3bkpH8
+nwJ5zsW8n1zqlZQBk2RXF9izYSZeWkYxDEazGeziqXxvy/1d8mEwfFLl2jidnzSR
+F9lyDycH6c0m3V5xGzW6tdb7qU8S57QNBJcGO5IVnFyXYFt3iWNHPBph5la82ISp
+SxboMRZgKOUpNvL4MD67+z3c53jhStNez/cCeZg0U3TW6c9f2Vuaqq0UU9WgPuvo
+PsxeetreiHCMtbR3judbPu8acJR+M2t69BDV4IAJEGuCuyvs7gRH8NkP/2WxlneI
+SqsmFFBYrSRsQSNSBucqV/1IY0vLeGD+bevnB7yKdWx0QtNdyuf5yhBGU66l82i5
+1enJiqsFrVFy4vvTjH3osuEYcSMVD+A7zGom7qnZCjQFDqKMnZjYdsLwunlB2fXY
+DP4AF3jNxtB7yboq0apE5JvBgTB0UPnZTOzXFsSL3oO5KSPQJ1PsLaxFOawG0SEi
+9aqkM6iBCH2GS5D/7jyIYHRVRDD3j6uG2kDALSgaKexn/3Hx7qDVti8pTqeAAPdR
+pPZeFFpjo+Ee1F1V+we5nQtC+kHo0BgJPDErE5h9aZvgTG8Wmq+Q8Pn8mIGFpeiT
++zuhdYSwifm0wC3hEMouuKBkcdC4EMrtSEpU9oAWlWrpn8bimBcqGhwUTrtnObX1
+jo6k2T6Dp/HP4/+QiVq/OFJhvbPdFe2uhbJJIg+lJDP+lkVvqDfTTdGcgMgcb2d9
+jSDrNNbqRL8hOVK87yHLKTOi1yCulc6pFYM/ADGt0C+UgtCUj8DS1v+LvZ4zd950
+/Y72WwLYDcuwLyP6NwQDehKhkUvjpVr83HCG8I85FgNyCL5V22ckgpPfZ8qHpE3n
+WJXPc7Ut7q+ZB2Wuy3nP72bs2PwAb2T67k+xBVmj6doXvtC/WbM1z3u0rIYxfgLR
+fkQXk63joX9vZ7YkWIV+26HHdGwGTnPI6kvy
+=tB7/
 -----END PGP PUBLIC KEY BLOCK-----
-
diff --git a/src/gt/signing-key.public.asc.actual_sig b/src/gt/signing-key.public.asc.actual_sig