From 01b6196883d0e44b9f8f17c7f4f28df27ab5ac14 Mon Sep 17 00:00:00 2001
From: Levente Polyak <anthraxx@archlinux.org>
Date: Thu, 9 Jun 2022 21:02:56 +0200
Subject: [PATCH] export-pkgbuild-keys: use TEMPDIR while exporting key

This avoids the possibility to pollute the keys directory with temporary
files if the script is aborted in between.

Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
---
 export-pkgbuild-keys.in | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/export-pkgbuild-keys.in b/export-pkgbuild-keys.in
index b5b1240..c10e4d1 100644
--- a/export-pkgbuild-keys.in
+++ b/export-pkgbuild-keys.in
@@ -45,16 +45,19 @@ if (( ${#validpgpkeys[@]} == 0 )); then
 	exit 0
 fi
 
+trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
+TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
+
 mkdir -p keys/pgp
 error=0
 
 for key in "${validpgpkeys[@]}"; do
-	gpg --output "keys/pgp/$key.asc.tmp" --armor --export --export-options export-minimal "$key" 2>/dev/null
+	gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
 
 	# gpg does not give a non-zero return value if it fails to export...
-	if [[ -f keys/pgp/$key.asc.tmp ]]; then
+	if [[ -f $TEMPDIR/$key.asc ]]; then
 		msg2 "Exported $key"
-		mv "keys/pgp/$key.asc.tmp" "keys/pgp/$key.asc"
+		mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
 	else
 		if [[ -f keys/pgp/$key.asc ]]; then
 			warning "Failed to update key: $key"