More resilient gpg getting

yosifkit · yosifkit · commit 70f5691017f3 · 2015-04-22T16:27:21.000-07:00
- move to "high-availability" [subset](https://sks-keyservers.net/overview-of-pools.php#pool_ha). - do keys one at a time to ensure every key imports
diff --git a/2.7/Dockerfile b/2.7/Dockerfile
@@ -10,7 +10,11 @@ ENV LANG C.UTF-8
 ENV PYTHON_VERSION 2.7.9
 
 # gpg: key 18ADD4FF: public key "Benjamin Peterson <benjamin@python.org>" imported
-RUN gpg --keyserver pool.sks-keyservers.net --recv-keys C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
+ENV GPG_KEYS C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
+RUN set -xe \
+	&& for key in $GPG_KEYS; do \
+		gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
+	done
 
 RUN set -x \
 	&& mkdir -p /usr/src/python \
diff --git a/3.3/Dockerfile b/3.3/Dockerfile
@@ -10,7 +10,11 @@ ENV LANG C.UTF-8
 ENV PYTHON_VERSION 3.3.6
 
 # gpg: key 36580288: public key "Georg Brandl (Python release signing key) <georg@python.org>" imported
-RUN gpg --keyserver pool.sks-keyservers.net --recv-keys 26DEA9D4613391EF3E25C9FF0A5B101836580288
+ENV GPG_KEYS 26DEA9D4613391EF3E25C9FF0A5B101836580288
+RUN set -xe \
+	&& for key in $GPG_KEYS; do \
+		gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
+	done
 
 RUN set -x \
 	&& mkdir -p /usr/src/python \
diff --git a/3.4/Dockerfile b/3.4/Dockerfile
@@ -10,7 +10,11 @@ ENV LANG C.UTF-8
 ENV PYTHON_VERSION 3.4.3
 
 # gpg: key F73C700D: public key "Larry Hastings <larry@hastings.org>" imported
-RUN gpg --keyserver pool.sks-keyservers.net --recv-keys 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
+ENV GPG_KEYS 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
+RUN set -xe \
+	&& for key in $GPG_KEYS; do \
+		gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
+	done
 
 RUN set -x \
 	&& mkdir -p /usr/src/python \
