On 2022.01.07 10:14, Fabian Stelzer wrote: > To test for a key that is completely unknown to the keyring we need one > to sign the commit with. This was done by generating a new key and not > add it into the keyring. To avoid the key generation overhead and > problems where GPG did hang in CI during it, switch GNUPGHOME to an > empty directory instead, therefore making all used keys unknown for this > single `verify-commit` call. > > Reported-by: Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> > Signed-off-by: Fabian Stelzer <fs@xxxxxxxxxxxx> > --- > This was reported by Ævar in <211222.86ilvhpbl0.gmgdl@xxxxxxxxxxxxxxxxxxx>. > Just using an empty keyring / gpg homedir should achieve the same effect and > keeps the stress of generating a gpg key out of the CI. Looks good to me. Reviewed-by: Josh Steadmon <steadmon@xxxxxxxxxx>
