From 1c320417a82fc7c75a70406bc6059d3e1e0cc764 Mon Sep 17 00:00:00 2001
From: Jan-Niklas Burfeind <jan-niklas.burfeind@vorausrobotik.com>
Date: Fri, 15 Nov 2024 09:55:27 +0100
Subject: [PATCH] feat: Add voraus gpg as maintainer key (#25)

> to increase the number of viable signers to three persons.
>
> The new potential signers are our admins Jan-Frederik Schmidt and
Lukas Beckmann.
>
> Co-authored-by: Jan-Frederik Schmidt
<jan-frederik.schmidt@vorausrobotik.com>
> Co-authored-by: Jens Kotlarski <jens.kotlarski@vorausrobotik.com>






This resolves the internal Ticket [PROG-4681].

[PROG-4681]:
https://vorausrobotik.atlassian.net/browse/PROG-4681?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

Co-authored-by: Jan-Frederik Schmidt <jan-frederik.schmidt@vorausrobotik.com>
Co-authored-by: Jens Kotlarski <jens.kotlarski@vorausrobotik.com>
---
 .github/CODEOWNERS                                 |  2 +-
 .../ci_ubuntu_verify_external_installation.yml     |  8 ++++----
 .../workflows/ci_ubuntu_verify_installation.yml    |  8 ++++----
 .github/workflows/ci_ubuntu_verify_repo.yml        |  2 +-
 README.md                                          |  8 ++++----
 index.html                                         |  4 ++--
 ...an-niklas.gpg => wibu-packages-maintainers.gpg} | 14 ++++++++++++++
 7 files changed, 30 insertions(+), 16 deletions(-)
 rename ubuntu/{burfeind_jan-niklas.gpg => wibu-packages-maintainers.gpg} (82%)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 64732c7..4fe293a 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1 +1 @@
-* @AiyionPrime
+* @AiyionPrime @g3n35i5 @lbckmnn
diff --git a/.github/workflows/ci_ubuntu_verify_external_installation.yml b/.github/workflows/ci_ubuntu_verify_external_installation.yml
index 068f331..2794c22 100644
--- a/.github/workflows/ci_ubuntu_verify_external_installation.yml
+++ b/.github/workflows/ci_ubuntu_verify_external_installation.yml
@@ -12,9 +12,9 @@ jobs:
       cm_versions: ${{ steps.extract-versions.outputs.cm_versions }}
     steps:
       - name: Install maintainer publickey
-        run: curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg
+        run: curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg
       - name: Add local repo to APT sources
-        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
+        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
       - name: update apt
         run: sudo apt-get update
       - name: Get available versions of c-lite
@@ -35,9 +35,9 @@ jobs:
         version: ${{ fromJson(needs.fetch_installations_externally.outputs.cm_versions) }}
     steps:
       - name: Install maintainer publickey
-        run: curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg
+        run: curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg
       - name: Add local repo to APT sources
-        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
+        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
       - name: Update apt
         run: sudo apt-get update
       - name: Install codemeter-lite in version ${{ matrix.version }}
diff --git a/.github/workflows/ci_ubuntu_verify_installation.yml b/.github/workflows/ci_ubuntu_verify_installation.yml
index 373da29..41a48b9 100644
--- a/.github/workflows/ci_ubuntu_verify_installation.yml
+++ b/.github/workflows/ci_ubuntu_verify_installation.yml
@@ -16,9 +16,9 @@ jobs:
         run: nohup python3 -m http.server 8080 &
         working-directory: ./ubuntu/
       - name: Install maintainer publickey
-        run: curl -s --compressed http://localhost:8080/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg
+        run: curl -s --compressed http://localhost:8080/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg
       - name: Add local repo to APT sources
-        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
+        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
       - name: update apt
         run: sudo apt-get update
       - name: Get available versions of c-lite
@@ -47,9 +47,9 @@ jobs:
         run: nohup python3 -m http.server 8080 &
         working-directory: ./ubuntu/
       - name: Install maintainer publickey
-        run: curl -s --compressed http://localhost:8080/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg
+        run: curl -s --compressed http://localhost:8080/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg
       - name: Add local repo to APT sources
-        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
+        run: echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
       - name: Update apt
         run: sudo apt-get update
       - name: Install codemeter-lite in version ${{ matrix.version }}
diff --git a/.github/workflows/ci_ubuntu_verify_repo.yml b/.github/workflows/ci_ubuntu_verify_repo.yml
index d0bb12d..029af69 100644
--- a/.github/workflows/ci_ubuntu_verify_repo.yml
+++ b/.github/workflows/ci_ubuntu_verify_repo.yml
@@ -53,7 +53,7 @@ jobs:
           done
         working-directory: ./ubuntu/
       - name: Try to import the pubkey
-        run: gpg --import burfeind_jan-niklas.gpg
+        run: gpg --import wibu-packages-maintainers.gpg
         working-directory: ./ubuntu/
       - name: Verify Release.gpg
         run: gpg --verify Release.gpg Release
diff --git a/README.md b/README.md
index f40eaee..84ac199 100644
--- a/README.md
+++ b/README.md
@@ -13,13 +13,13 @@ our customers, free of charge[^KB-0336].
 At first the maintainers publickey should be installed as trusted for `apt` packages like this:
 
 ```console
-curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg > /dev/null
+curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg > /dev/null
 ```
 
 Afterwards this repo can be added to the `apt` package sources:
 
 ```console
-echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
+echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list
 ```
 
 At this point the package manager can update its sources and be used to install e.g. `codemeter-lite`.
@@ -53,8 +53,8 @@ python -m http.server 8080
 While in another terminal, the installation of both the public key and the sources list can take place:
 
 ```bash
-curl -s --compressed http://localhost:8080/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg
-echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
+curl -s --compressed http://localhost:8080/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg
+echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] http://localhost:8080 ./" | sudo tee /etc/apt/sources.list.d/localrepo.list
 sudo apt-get update
 ```
 
diff --git a/index.html b/index.html
index cfc1ac1..e68890d 100644
--- a/index.html
+++ b/index.html
@@ -76,14 +76,14 @@ <h1>voraus wibu-packages</h1>
         <div class="step">
             <h2>Step 1: Install the maintainers signing key</h2>
             <div class="code-terminal">
-                <div class="code-line"><span class="prompt">$ </span>curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/burfeind_jan-niklas.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg > /dev/null</div>
+                <div class="code-line"><span class="prompt">$ </span>curl -s --compressed https://wibu-packages.vorausrobotik.com/ubuntu/wibu-packages-maintainers.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg > /dev/null</div>
             </div>
         </div>
 
         <div class="step">
             <h2>Step 2: Install the package repo</h2>
             <div class="code-terminal">
-                <div class="code-line"><span class="prompt">$ </span>echo "deb [signed-by=/etc/apt/trusted.gpg.d/burfeind_jan-niklas.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list</div>
+                <div class="code-line"><span class="prompt">$ </span>echo "deb [signed-by=/etc/apt/trusted.gpg.d/wibu-packages-maintainers.gpg] https://wibu-packages.vorausrobotik.com/ubuntu/ ./" | sudo tee /etc/apt/sources.list.d/voraus-wibu.list</div>
                 <div class="code-line"><span class="prompt">$ </span>sudo apt update</div>
             </div>
         </div>
diff --git a/ubuntu/burfeind_jan-niklas.gpg b/ubuntu/wibu-packages-maintainers.gpg
similarity index 82%
rename from ubuntu/burfeind_jan-niklas.gpg
rename to ubuntu/wibu-packages-maintainers.gpg
index 7e2fb68..c18053c 100644
--- a/ubuntu/burfeind_jan-niklas.gpg
+++ b/ubuntu/wibu-packages-maintainers.gpg
@@ -50,3 +50,17 @@ h5Be8EOBuqr1Jyo8LvUVmstz2xaCt+kyZl79xbjtk0lwfnQU+r2x+JZ+5agyg1+f
 Fy9xwG7CIw3Lz2AZj7udxL41sFJ7ego=
 =MSxB
 -----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEZvERtRYJKwYBBAHaRw8BAQdAjuyRvUdpgWBeyuUJRDGIRP8I6HgXL8DLZTh+
+hwG+uwa0PUphbi1GcmVkZXJpayBTY2htaWR0IDxqYW4tZnJlZGVyaWsuc2NobWlk
+dEB2b3JhdXNyb2JvdGlrLmNvbT6IkwQTFgoAOxYhBOhTmJl3zwbYIOZsRLK2vxwD
+TTzMBQJm8RG1AhsDBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJELK2vxwD
+TTzMvsIA/2gFjKW7xKkPHpHkxQMzWbrCuTTfskITett3tAwJPBCaAP4yvaHzqb37
+i8AMKd3gmu4cz3vLe7on5AqTtotn90NMBbg4BGbxEbUSCisGAQQBl1UBBQEBB0D5
+L1t4ep1o3ya8+GhekgEuxdOuoZVtHVFAYAfSQi8cSAMBCAeIeAQYFgoAIBYhBOhT
+mJl3zwbYIOZsRLK2vxwDTTzMBQJm8RG1AhsMAAoJELK2vxwDTTzMxv0A/iHutoM0
++m3MuFTducQvGqRSbRgRV6xTmOHLrkAAreshAQCG1NDXZ8FjptI3XEBlDv18pqJ/
+UD/N2plGmLSPRy8DCg==
+=MZcY
+-----END PGP PUBLIC KEY BLOCK-----