Remove GPG public key for sign-artifacts role

This is actually a noop for gpg, since the private key also contains the public. Change-Id: I60d4ebf0f3343911986a4e6c46a806539cda701b Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-08-25 13:26:50 -04:00 · 2017-08-25 13:26:50 -04:00 · 13889a5878
commit 13889a5878
parent df50917f66
2 changed files with 3 additions and 26 deletions
--- a/roles/sign-artifacts/README.rst
+++ b/roles/sign-artifacts/README.rst
@ -4,13 +4,9 @@ Sign artifacts

 .. zuul:rolevar:: gpg_key

-   Complex argument which contains the GPG public and secret keyrings
-   for signing the artifacts. It is expected that this argument comes
-   from a `Secret`.
-
-  .. zuul:rolevar:: public
-
-     The ascii-armored contents of the GPG public key.
+   Complex argument which contains the GPG private key for signing
+   the artifacts. It is expected that this argument comes from a
+   `Secret`.

  .. zuul:rolevar:: private

--- a/roles/sign-artifacts/tasks/main.yaml
+++ b/roles/sign-artifacts/tasks/main.yaml
@ -22,25 +22,6 @@
    path: "{{ gpg_private_key_tmp.path }}"
    state: absent

- name: Create GPG public key tempfile
-  tempfile:
-    state: file
-  register: gpg_public_key_tmp
-
- name: Create GPG public key
-  copy:
-    content: "{{ gpg_key.public }}"
-    dest: "{{ gpg_public_key_tmp.path }}"
-    mode: 0400
-
- name: Import GPG public key
-  command: "gpg --homedir {{ gnupg_tmpdir.path }} --import {{ gpg_public_key_tmp.path }}"
-
- name: Delete GPG public key
-  file:
-    path: "{{ gpg_public_key_tmp.path }}"
-    state: absent
-
 - name: Find files to sign
  find:
    paths: "{{ gpg_sign_path }}"