From 415a7b3518c55816ce7e8be5da5c7593d8333abb Mon Sep 17 00:00:00 2001
From: Adam Dickmeiss <adam@indexdata.dk>
Date: Tue, 18 Sep 2012 10:30:53 +0000
Subject: [PATCH] Only sign packages that are newer than signage

Which is currently set to 2hrs. Signing of a package should
actually happen when we upload it.
---
 update-archive/update-yum-archive.sh |   22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/update-archive/update-yum-archive.sh b/update-archive/update-yum-archive.sh
index 4010b7b..482fc09 100755
--- a/update-archive/update-yum-archive.sh
+++ b/update-archive/update-yum-archive.sh
@@ -24,6 +24,9 @@ if test ! -x /usr/bin/expect; then
   exit 1
 fi
 
+now=`date +%s`
+# sign if newer than signage (86400=24 hrs)
+signage=8000
 #check if root has rpm macros
 confdir=`pwd`
 architectures="i386 x86_64"
@@ -84,18 +87,21 @@ for vdist in centos/5.5 rhel/5.5; do
             mkdir -p $d/${arch}/Packages
             for f in $distdir/RPMS/${arch}/*.rpm $distdir/RPMS/noarch/*.rpm; do
               if test -f $f; then
-                ln -sf $f $d/${arch}/Packages/
-		if rpm -K $f|grep -q ' gpg' >/dev/null; then
-		  echo "Already signed $f"
-                else
-  		  expect << __EOF
-                  spawn rpm --addsign $f
+		age=`stat --printf='%Y' $f`
+		if expr $now - $age \< $signage >/dev/null; then
+                  ln -sf $f $d/${arch}/Packages/
+		  if rpm -K $f|grep -q ' gpg' >/dev/null; then
+		    echo "Already signed $f"
+                  else
+  		    expect << __EOF
+                    spawn rpm --addsign $f
 expect -exact "Enter pass phrase: "
 send -- "\r"
 expect eof
 __EOF
-                  chgrp staff $f
-                  chmod g+w $f
+                    chgrp staff $f
+                    chmod g+w $f
+                  fi
                 fi
               fi
             done
-- 
1.7.10.4