Fail-fast the release process if the PGP key is unable to sign
The execution of the Gerrit release process is conditioned on the
success of the PGP signature. Fail immediately upon release if the key
and passphrase do not allow to perform a digital signature, so that the
process fails immediately.
Change-Id: Id23cf54b1e87a1078a4e02718151202f04e4a3d0
diff --git a/jenkins-docker/agent-release/gerrit-release.sh b/jenkins-docker/agent-release/gerrit-release.sh
index 03949c8..21d54d3 100755
--- a/jenkins-docker/agent-release/gerrit-release.sh
+++ b/jenkins-docker/agent-release/gerrit-release.sh
@@ -84,6 +84,11 @@
export GPG_PASSPHRASE_FILE="$HOME/.gnupg/gpg-passphrase"
echo '$GPG_PASSPHRASE' | envsubst '$GPG_PASSPHRASE' > $GPG_PASSPHRASE_FILE
git config --global gpg.program /usr/local/bin/gpg-loopback
+
+
+ echo "Testing if GPG signature works"
+ echo foo > /tmp/foo
+ /usr/local/bin/gpg-loopback --sign /tmp/foo && /usr/local/bin/gpg-loopback --verify /tmp/foo.gpg
fi
GPG_USER=$(gpg -K --with-colons | grep uid | cut -d ':' -f 10)
