getuto: Get keys from remote keyservers in parallel

desultory · desultory · commit d6cbf744f727 · 2025-02-04T17:29:32.000-06:00
Signed-off-by: Zen &lt;z@pyl.onl&gt;
diff --git a/getuto b/getuto
@@ -159,14 +159,19 @@ if [[ ! -d ${GNUPGHOME} ]] ; then
 
 	# TODO: keys.openpgp.org lacks a UID for our keys, need to verify email
 	for keyserver in "${mykeyservers[@]}" ; do
-		gpg ${QUIET_GPG} --batch --keyserver "${keyserver}" --recv-keys ${myrelkeys} || true
+		einfo "Importing release engineering keys from: ${keyserver}"
+		gpg ${QUIET_GPG} --batch --keyserver "${keyserver}" --recv-keys ${myrelkeys} || true &
 	done
 	# We only sign (-> ultimate trust) the keys we originally import, so this is fine and
 	# just serves as an additional refresh method.
-	gpg ${QUIET_GPG} --auto-key-locate=clear,nodefault,wkd --locate-key releng@gentoo.org infrastructure@gentoo.org repomirrorci@gentoo.org || true
+	einfo "Importing release engineering keys using WKD"
+	gpg ${QUIET_GPG} --auto-key-locate=clear,nodefault,wkd --locate-key releng@gentoo.org infrastructure@gentoo.org repomirrorci@gentoo.org || true &
+
+	wait
 
 	# Locally sign all release engineering keys.
 	for relkeyid in ${myrelkeys} ; do
+		einfo "Signing key: ${relkeyid}"
 		# We have to use --quick-lsign-key for this to work with batch: https://dev.gnupg.org/T1606
 		if ! gpg ${QUIET_GPG} --batch --yes --no-tty --passphrase-file="${GNUPGHOME}/pass" --pinentry-mode loopback --quick-lsign-key "${relkeyid}" ; then
 			# But that won't work for subkeys, so fallback to a hackier method.
