apt-key: ignore gpg1 already imported secret key import failure

On Travis and co the default gpg implementation is gpg1 which for some
reason fails if a secret key which was already imported is imported
again. We would prefer it to be a NOP like gpg2 handles it so we crudely
check the error message. apt-key usually doesn't deal with secret keys –
it only learned to do it for manual testing and the integration
framework usage, so no public interface is effected.

Triggered-By: 4ce2f35248123ff2366c8c365ad6a94945578d66
Gbp-Dch: Ignore

diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in
index 76fa371236ad43dca018e2df5b6e1b81d807e9b5..723af06ff7ce19707a7556a3d539764a1345d107 100644 (file)
--- a/cmdline/apt-key.in
+++ b/cmdline/apt-key.in
@@ -675,8 +675,11 @@ exec '$(escape_shell "${GPG_EXE}")' --ignore-time-conflict --no-options --no-def
     # for advanced operations, we might really need a secret keyring after all
     if [ -n "$FORCED_SECRET_KEYRING" ] && [ -r "$FORCED_SECRET_KEYRING" ]; then
        if ! aptkey_execute "$GPG" -v --batch --import "$FORCED_SECRET_KEYRING" >"${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
-           cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
-           false
+           # already imported keys cause gpg1 to fail for some reason… ignore this error
+           if ! grep -q 'already in secret keyring' "${GPGHOMEDIR}/gpgoutput.log"; then
+               cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
+               false
+           fi
        fi
     else
        # and then, there are older versions of gpg which panic and implode