From 8f6ee1bb97f29943829655501c730a506f221b18 Mon Sep 17 00:00:00 2001
From: Rick Elrod <rick@elrod.me>
Date: Sep 30 2020 22:47:54 +0000
Subject: add f33 gpg key, auto-gen fedora.gpg, obsolete f30 key


Signed-off-by: Rick Elrod <rick@elrod.me>

---

diff --git a/Dockerfile b/Dockerfile
index d2c30e4..814af99 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,6 +19,7 @@ RUN dnf -y install \
     python-dateutil \
     python-dogpile-cache \
     python-requests \
+    python-gnupg \
     python-fedfind && \
       dnf clean all
 
diff --git a/sites/getfedora.org/main.py b/sites/getfedora.org/main.py
index f902d4d..e0ef87b 100644
--- a/sites/getfedora.org/main.py
+++ b/sites/getfedora.org/main.py
@@ -10,6 +10,7 @@ import os
 import sys
 import yaml
 
+from util.gpg_checker import check_gpg_keys, generate_gpg_bundle
 from util.link_checker import check_download_link, check_checksum_link
 from util.releases_json_checker import check_releases_json
 from util.iot_compose import iot_compose_links
@@ -269,7 +270,13 @@ def magazine_json():
 
 @app.route('/static/fedora.gpg')
 def gpgkey():
-    return send_from_directory('static', 'fedora.gpg')
+    # This will generate the fedora.gpg bundle or error if a file is missing
+    # from static/keys (used to generate the bundle) and cause the build to
+    # fail (which is what we want).
+    bundle = generate_gpg_bundle()
+    # We need to specify text/plain or the minification will think it's html and
+    # strip out important newlines.
+    return bundle, 200, {'Content-Type': 'text/plain; charset=utf-8'}
 
 @freezer.register_generator
 def index():
@@ -295,6 +302,10 @@ if __name__ == '__main__':
     checksum_all = [check_checksum_link(link) for link in checksum_links]
     releases_json = check_releases_json()
 
-    if not all(dl_all) or not all(checksum_all) or not releases_json:
+    print("")
+    print("GPG keys:")
+    gpg_key_check = check_gpg_keys()
+
+    if not all(dl_all) or not all(checksum_all + [releases_json, gpg_key_check]):
         print('Failing.')
         sys.exit(1)
diff --git a/sites/getfedora.org/release.yaml b/sites/getfedora.org/release.yaml
index d9f0db6..30c1354 100644
--- a/sites/getfedora.org/release.yaml
+++ b/sites/getfedora.org/release.yaml
@@ -104,9 +104,6 @@ gpg_keys:
     - name: Fedora 31
       id: 4096R/3C3359C4 2019-02-18
       fingerprint: 7D22 D586 7F2A 4236 474B F7B8 50CB 390B 3C33 59C4
-    - name: Fedora 30
-      id: 4096R/CFC659B9 2018-08-11
-      fingerprint: F1D8 EC98 F241 AAF2 0DF6 9420 EF3C 111F CFC6 59B9
     - name: Fedora IOT
       id: 4096R/DBBDCF7C 2018-11-13
       fingerprint: C2A3 FA9D C67F 68B9 8BB5 43F4 7BB9 0722 DBBD CF7C
@@ -231,6 +228,9 @@ gpg_keys:
     - name: Fedora 29
       id: 4096R/429476B4 2018-02-17
       fingerprint: 5A03 B4DD 8254 ECA0 2FDA 1637 A20A A56B 4294 76B4
+    - name: Fedora 30
+      id: 4096R/CFC659B9 2018-08-11
+      fingerprint: F1D8 EC98 F241 AAF2 0DF6 9420 EF3C 111F CFC6 59B9
     - name: EPEL 5
       id: "1024D/217521F6 2007-03-02 [expires: 2017-02-27]"
       fingerprint: B940 BE07 7D71 0A28 7D7F 2DD1 119C C036 2175 21F6
diff --git a/sites/getfedora.org/static/fedora.gpg b/sites/getfedora.org/static/fedora.gpg
deleted file mode 100644
index 684a758..0000000
--- a/sites/getfedora.org/static/fedora.gpg
+++ /dev/null
@@ -1,172 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBFturGcBEACv0xBo91V2n0uEC2vh69ywCiSyvUgN/AQH8EZpCVtM7NyjKgKm
-bbY4G3R0M3ir1xXmvUDvK0493/qOiFrjkplvzXFTGpPTi0ypqGgxc5d0ohRA1M75
-L+0AIlXoOgHQ358/c4uO8X0JAA1NYxCkAW1KSJgFJ3RjukrfqSHWthS1d4o8fhHy
-KJKEnirE5hHqB50dafXrBfgZdaOs3C6ppRIePFe2o4vUEapMTCHFw0woQR8Ah4/R
-n7Z9G9Ln+0Cinmy0nbIDiZJ+pgLAXCOWBfDUzcOjDGKvcpoZharA07c0q1/5ojzO
-4F0Fh4g/BUmtrASwHfcIbjHyCSr1j/3Iz883iy07gJY5Yhiuaqmp0o0f9fgHkG53
-2xCU1owmACqaIBNQMukvXRDtB2GJMuKa/asTZDP6R5re+iXs7+s9ohcRRAKGyAyc
-YKIQKcaA+6M8T7/G+TPHZX6HJWqJJiYB+EC2ERblpvq9TPlLguEWcmvjbVc31nyq
-SDoO3ncFWKFmVsbQPTbP+pKUmlLfJwtb5XqxNR5GEXSwVv4I7IqBmJz1MmRafnBZ
-g0FJUtH668GnldO20XbnSVBr820F5SISMXVwCXDXEvGwwiB8Lt8PvqzXnGIFDAu3
-DlQI5sxSqpPVWSyw08ppKT2Tpmy8adiBotLfaCFl2VTHwOae48X2dMPBvQARAQAB
-tDFGZWRvcmEgKDMwKSA8ZmVkb3JhLTMwLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
-cmc+iQI4BBMBAgAiBQJbbqxnAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
-CRDvPBEfz8ZZudTnD/9170LL3nyTVUCFmBjT9wZ4gYnpwtKVPa/pKnxbbS+Bmmac
-g9TrT9pZbqOHrNJLiZ3Zx1Hp+8uxr3Lo6kbYwImLhkOEDrf4aP17HfQ6VYFbQZI8
-f79OFxWJ7si9+3gfzeh9UYFEqOQfzIjLWFyfnas0OnV/P+RMQ1Zr+vPRqO7AR2va
-N9wg+Xl7157dhXPCGYnGMNSoxCbpRs0JNlzvJMuAea5nTTznRaJZtK/xKsqLn51D
-K07k9MHVFXakOH8QtMCUglbwfTfIpO5YRq5imxlWbqsYWVQy1WGJFyW6hWC0+RcJ
-Ox5zGtOfi4/dN+xJ+ibnbyvy/il7Qm+vyFhCYqIPyS5m2UVJUuao3eApE38k78/o
-8aQOTnFQZ+U1Sw+6woFTxjqRQBXlQm2+7Bt3bqGATg4sXXWPbmwdL87Ic+mxn/ml
-SMfQux/5k6iAu1kQhwkO2YJn9eII6HIPkW+2m5N1JsUyJQe4cbtZE5Yh3TRA0dm7
-+zoBRfCXkOW4krchbgww/ptVmzMMP7GINJdROrJnsGl5FVeid9qHzV7aZycWSma7
-CxBYB1J8HCbty5NjtD6XMYRrMLxXugvX6Q4NPPH+2NKjzX4SIDejS6JjgrP3KA3O
-pMuo7ZHMfveBngv8yP+ZD/1sS6l+dfExvdaJdOdgFCnp4p3gPbw5+Lv70HrMjJkC
-DQRcat0DARAA1IRnwnz9Yo4oIAblW0f6QQ0ljAt01m3wvKbe34WZGK4pc31lDH07
-IpD8pkq4knDjVz+gzcmea+7YKyFXVayb0SKiBUTtJrn6fR8n1igzv/wrcqezkM2M
-OjVbYTv2lqchXyaY+rOImbGBqn/YAclfG6wQfL/IxLArVTo9QVN2zGy5DLESPflo
-i4w2Mr6KajQULiHvKIMUsaWHW1M+vo8c374UaAc1nYyE3f/xo3fdJJKwTjFpDi06
-jtd9zg9VjE9PBuTbkOCoY2LFb0mwaX3ZE3Dbj/IAT/S8QkA3PntXgIWfeYN6pFy3
-ihCvY/hfsLhvzqxAMQbLHAsV0VAd/EB+ghXt1MRqEjJwYvoxIYnLnaPiLaRTsu6z
-2mMkYeD5ruEB3AvN2zY6fDSOs0x6wZlbj6pMTJ9OxjAEGr/XswV4+rpqk1+HFHbC
-VGryayd7u609JYQXYhq0Pcz2y9O7tip/jlzwAt3Skn+xvE78DQHa8vXrBkqYt/Gm
-tZskGFWbwJbCAZGzd329cLwyROXM1Yc8EO+1dreuo8XoNKPf9jmVR9wqMw9mY79v
-Cx7lv450B7bENH1MkGEZh8TRFZFtdBhjO30MMc6cRRUtTv9lxJ3zLu8gR2bIC0qI
-31HLdBYS4RDf4PyCDV/WQla8yufw3tuwjY2BNXIGA/5U5kNEso3ylcMAEQEAAbQx
-RmVkb3JhICgzMSkgPGZlZG9yYS0zMS1wcmltYXJ5QGZlZG9yYXByb2plY3Qub3Jn
-PokCPgQTAQIAKAIbDwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlxq5E0FCRLP
-D/0ACgkQUMs5CzwzWcQZgw//dCBcAHxXEKuRDZe/6NgmEPZNmnUx21eUaCDlgv6P
-SOf27Z9cvFg4TzlDZrIG1Kkas+rK5VaZYPi5KSI+uz1SwwcKVWwiQvKNX87XdjK8
-lanb7uetllYVKKyCPolu536g9Mr+eZx/W/yUdapaFGvC6XisPOCYL8RecFX8kYnd
-VoyNAwZNrWhUeMQn1OU29utn23RY+YgfcbJD+6DXktvfknw45Z8m7ZRaKq/VAJ2N
-br4QT5Bpo+OUiZKXz/i/pBmF1WlHdvTP6vz7eOl9Sg76+mdJfG0lBJN833DXY7hI
-bRwakstVDzwIpBl9UOcBnbu0e/pr/wEanyOjguOIqaDjDStQIruvrJWz2KYcF4oI
-Us/cmLhtBHVre2pHykdEdOCrno+C1y1nMU0eJfFw804WIDz9IPs9F0CawJFYYkq8
-yAngtytRj0olLTQMUky/qlloML0MgDzaD1fzmJmPsFMVJygmaRFj5C+/ZYegjGyc
-f85azjM0bpks2jpylvQDpYr4h+EY/PTpg4nwRLENAnsHRzfZcuoOGRSSRmFyeR02
-+Y3QbrUwt7Q37x/Ge3bVynQuIqiQiMY+vfF5/FI1Xn2UNp27+Xl3GS3x7b2zQU07
-9b7wVeBu2ohymEUo+x5sYSwWQvGP55hQHpjqDmA6UeXlJj5kmxWsqC30bBV5ghy7
-O3OZAg0EXVFWqwEQANYwGpi/8bWvg/DKI9AJ+Dl9cUZdXUUJnfaoyL2AtRO/UJfu
-tjIfgieP3eiJz6W3WRDSRAKQg07BBzM6SbpcOQR6SYyseScmkUvCtMrgBLbxtgXZ
-GMsz5An90ZcMw9iw/S2Qu+jFoev1ZNGrz0D4CY41xQBAgwmDcnFcABp8GLZSzNRQ
-Q8hTfkzK58W3Z493WT/qFUA7xLZVPvZPFdJjsdrhfYnSkbNupDoOrcBXOiCyegiL
-T0Dt9i61hk9VUAQZFSpq+XS2HwvK5lKEBJnfwJ0AcEy9ZXhtVmCF3/ANXl6/ctdQ
-TSiK0sCo1J6IMneCspY3q/Sp1TSXdhrrSy6AAF3fFoT5E57yQMLLdaYBo7nVDzzR
-kDaJc5MkU5uqQFM/2P35l5D4o0TxIGiIfUTJsq0FTwebKBm+7xkLVMpTIvmDAZQm
-3y96uDLkHDdDtq/nbSw0YPdwhavh8EBVjB0GhlPxFyydTU8/rs2Y4YVzBIUn8umI
-4wKlnUgG+M4LsrIoRljb/reSNbveYHs4c53XwEe0ZWQDdAB1WVxK6V7/PrxU4DLp
-uKETqZ3E/bwPgg2y2zzDrKvgb7doQg3y7SpFCrrpGLmY5dPKV74425218aDdT2WC
-JyDPqhWTXtFPSNX24vorjWwZnWwf/rJNdApqB0BivfDWLHYvjomDML7/7pJLABEB
-AAG0MUZlZG9yYSAoMzIpIDxmZWRvcmEtMzItcHJpbWFyeUBmZWRvcmFwcm9qZWN0
-Lm9yZz6JAjgEEwECACIFAl1RVqsCGw8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA
-AAoJEGwTAm0SyUTQt0AP/Ap0Ay1/Ovs7bLTr+w4+etvcPf1jYNdsHzLSISZF0Evb
-0Grlu3HCYCRrsllElUXE+w5WpnooBGNLT+gIGYlzSMJEA0UK0zhSNUdNKzGsl+4+
-R6W+uU0T21xHo4JGm6P89mBRrf2KJ8X8VNR8OCHhD3XGJCgup8HE4nOtq9Aegr1X
-Osw1M67onqXjN4bNj+hyPoOlP7l91Q7/ceAYU2I1g8LoZXN6IDcABVHSwLIYQ26q
-p2DBTFXcEiG3TkzlZx2/GDVT3HkjfKOQtDD6J29fil69OIKH3/S77iDzRxP/bULG
-x3Hv4NUdp7BdsXztBAhw4CKeDRLlATruva49XGZbL/npMpSoOjI/xI2xXraVPaO6
-2yMt683FSTLTXWDnDdtzrVR5p4quu6sV1Gz5HAFWRea2qb+LqDRlNZnJYY7qAl34
-dYCpjU1iKrj5wy80tq2YDaw6gKxE2YT2rqMz8RJWBofyFKnwZwu7O33+vg9lkaXk
-K9R6V06IPbbW7yvO4eYuzh2yDAkn2mAtPRxQCw6lsw8jQmkYg9DZIbrIrsuY7ocU
-7FsCTPsgZS3SDLUzM9PIG+cH5aAPUj4hBdewluE/n5353eY6eqx3qgMz+CsoHOuG
-hR6g1p1z27OOoqU6uat0hHcHPfxJKJaV17l+7rE+ol2YZlE2Ne1zImVtI9UMiWjH
-mQINBEvSKUIBEADLGnUj24ZVKW7liFN/JA5CgtzlNnKs7sBg7fVbNWryiE3URbn1
-JXvrdwHtkKyY96/ifZ1Ld3lE2gOF61bGZ2CWwJNee76Sp9Z+isP8RQXbG5jwj/4B
-M9HK7phktqFVJ8VbY2jfTjcfxRvGM8YBwXF8hx0CDZURAjvf1xRSQJ7iAo58qcHn
-XtxOAvQmAbR9z6Q/h/D+Y/PhoIJp1OV4VNHCbCs9M7HUVBpgC53PDcTUQuwcgeY6
-pQgo9eT1eLNSZVrJ5Bctivl1UcD6P6CIGkkeT2gNhqindRPngUXGXW7Qzoefe+fV
-QqJSm7Tq2q9oqVZ46J964waCRItRySpuW5dxZO34WM6wsw2BP2MlACbH4l3luqtp
-Xo3Bvfnk+HAFH3HcMuwdaulxv7zYKXCfNoSfgrpEfo2Ex4Im/I3WdtwME/Gbnwdq
-3VJzgAxLVFhczDHwNkjmIdPAlNJ9/ixRjip4dgZtW8VcBCrNoL+LhDrIfjvnLdRu
-vBHy9P3sCF7FZycaHlMWP6RiLtHnEMGcbZ8QpQHi2dReU1wyr9QgguGU+jqSXYar
-1yEcsdRGasppNIZ8+Qawbm/a4doT10TEtPArhSoHlwbvqTDYjtfV92lC/2iwgO6g
-YgG9XrO4V8dV39Ffm7oLFfvTbg5mv4Q/E6AWo/gkjmtxkculbyAvjFtYAQARAQAB
-tCFFUEVMICg2KSA8ZXBlbEBmZWRvcmFwcm9qZWN0Lm9yZz6JAjYEEwECACAFAkvS
-KUICGw8GCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRA7Sd8qBgi4lR/GD/wLGPv9
-qO39eyb9NlrwfKdUEo1tHxKdrhNz+XYrO4yVDTBZRPSuvL2yaoeSIhQOKhNPfEgT
-9mdsbsgcfmoHxmGVcn+lbheWsSvcgrXuz0gLt8TGGKGGROAoLXpuUsb1HNtKEOwP
-Q4z1uQ2nOz5hLRyDOV0I2LwYV8BjGIjBKUMFEUxFTsL7XOZkrAg/WbTH2PW3hrfS
-WtcRA7EYonI3B80d39ffws7SmyKbS5PmZjqOPuTvV2F0tMhKIhncBwoojWZPExft
-HpKhzKVh8fdDO/3P1y1Fk3Cin8UbCO9MWMFNR27fVzCANlEPljsHA+3Ez4F7uboF
-p0OOEov4Yyi4BEbgqZnthTG4ub9nyiupIZ3ckPHr3nVcDUGcL6lQD/nkmNVIeLYP
-x1uHPOSlWfuojAYgzRH6LL7Idg4FHHBA0to7FW8dQXFIOyNiJFAOT2j8P5+tVdq8
-wB0PDSH8yRpn4HdJ9RYquau4OkjluxOWf0uRaS//SUcCZh+1/KBEOmcvBHYRZA5J
-l/nakCgxGb2paQOzqqpOcHKvlyLuzO5uybMXaipLExTGJXBlXrbbASfXa/yGYSAG
-iVrGz9CE6676dMlm8F+s3XXE13QZrXmjloc6jwOljnfAkjTGXjiB7OULESed96MR
-XtfLk0W5Ab9pd7tKDR6QHI7rgHXfCopRnZ2VVZkCDQRSrmiEARAAtVKYV8DKggGq
-z1B/2bDhbJWm3k1TtqQ5OWJzven/q4GQe8QKwTknkJOwfdIqkifOf3O9jgJ+Dl2L
-0+t4Hwnl6SbOTO3pl5D7DUFlko7vfZVvgKkjZo2FoZkZS0RpdDju4CMI+++nSF73
-DDRZc0j49NDdsQKozG45Z1dp9mmwBOYKulaaj7xV1cn61Wv7mpaIA1Zn+odreEXa
-Yn6vKkx7BxVN8aQs/k+v3RlihkONmUH02i5wzI06ALJmNAMnr5CG1+omVbcxr2p2
-KT3FluF9EQz3KanxTWZOuN8SOJbGfmNhK/WLuUv/MdJcvrZpiKJGhNMMG3VLu+NG
-E2YwnrK6GFokYOc7kNsXysSaFeRPhIfrWMBgyZ+h31oUYJ7nUUcL7ieOc7WFbSrp
-SsPEEKXdkk1q3EEAyWkVppzKKF/zwE04wgRMQfXZM9/A67r5OyJBzLbCKpZADkDH
-bF9Xd06L+gRNlw4yBtMxcS3biRm1cHP+qyHPeU9OeY9+hM9B648XaUxjjh8UajCu
-ZvX5RW2scbQ50u8O+1qs1ux4xaw9FXk8dr544xqnIRxEKXw6RTs2/C0xYYGInckT
-VH5UGN+VizsyzVfqVd3kNyYNdVBcHpUjS6n0H7hURnPs3MJDYx4ecj75vaHUdQSH
-6ierChjxm7TzV6OxETEcqVskc9M4tLcAEQEAAbQoRmVkb3JhIEVQRUwgKDcpIDxl
-cGVsQGZlZG9yYXByb2plY3Qub3JnPokCOAQTAQIAIgUCUq5ohAIbDwYLCQgHAwIG
-FQgCCQoLBBYCAwECHgECF4AACgkQai+uojUsZOXHxg/+LKaqbE47QzO6qcrSixyq
-7mbb7loqreUX70/cMPRlFBTGeGWRl+J1F4OPaosQy2slkfHXRv7OZMjotwtLl/+o
-p82mMkYPgYe9G66ilCteBdQa6z4tvXminxvhrjBbV3QRtmuzrT5sN8ripqvRKb+g
-dJj+hOSknb0kUqiVrRnAOsEUv8A81yRDR6ea3vSLJtwmMnactBi0QOcKOHzwebi3
-VISxFA74diiv/3zI42t6NC/kjc/DdGg2cp+QMQlPUQdxB3E3nBYKMubpkY/fQWa3
-m0dTTvuIAa4ryH3bw+HyTXzQR18IUh/QAhgjbx511Yx0BfYh1gKSpESHofBa9p+X
-bXyRBe0hF/Bm1+xW7FqNvZFzK1YDahzcg53wAVaD7m4EHbSWSZFWQJGh6zLvAMrc
-E+tkOHjapiSNWlm2UDSOY1mKnOkSrgiuvxffarYRU/YCTte/skbi+lL9v74M1UdU
-RncFSysJVIxjwI2H5aQkMFjAAEsYr/bj8mDx3BK0q20RtMIyHwEd77rNTkjsd8WR
-2aVxX5kE7Az+81UTi81ffEdycBQMSeP8anjjeLwjxVOjrE95VkPMO4peaIWPecJr
-o36+pZPPZBMyXTk83J+wwW1K7t9wkDBimdxL7UY7AuxQ2y9Ne6sUvmVQPxxpMn4r
-uHKYFfFVJ26peXgGftS5eg+ZAg0EXPfO+wEQAMk4ghaWUa53Gem8meTFDPYK2hYj
-uCh1WehyWt2XzeRWOpJCn7Z2DG4bmZSIANR9gdpFDPErDx5+5CfDHNT2RnvSeALG
-2ZtBYaZSZ9JOGJqk7PTTTXz56jkwVpt3a92IajXL7nWbaxEOk3yp0JqpeSjrlzIy
-4teuiMkci69ED/HuKo6tF/JrzHc7ELg8SCXmmAOc/ylUrSUtidwMRAI3voP25uFl
-BaEhIX/Mkj57zTpXvWHN/Iv8y3eZCb+WL6VEpTblSyT11Zp/g0f/Bkcwg8CRUni4
-Pgf+5Lj3CpafKJNgZPuFRuJ5wXtyuEsKaVHO8lHyaRE/r/hP8Xe00M9Zl4M0QNUV
-SRMUc1Tr+Hb47f3ww1j986HIpo0reecTSDpAnV04ffWVccBGWkU61a3dWZlTQmdY
-t5h29qngR9/2pNZkmEjsKrRabwOAtSleA2WSaq68Ts/ZbkQCvYTkCopCgNt/D8aJ
-Z1G8dYp40YxEucYjdC6hfdSkCVcPu/XdV1nE3J2+l7Klt/8B9HKsdEqGRSPdxTWl
-iQzcM1kTvsLklR7r/SfFu3gRNRkFOAuBgkY/xzs9uRWc7oj8qAvWPD7sxboDPw7H
-5FdkvIYxWZtb9MxzyFol8osyhSjdNWTyc+JSGg4LT+QjuP2KUWsHEFTl1S0XghMB
-ZzzGcbqMmz8iy9GlABEBAAG0KEZlZG9yYSBFUEVMICg4KSA8ZXBlbEBmZWRvcmFw
-cm9qZWN0Lm9yZz6JAjgEEwECACIFAlz3zvsCGw8GCwkIBwMCBhUIAgkKCwQWAgMB
-Ah4BAheAAAoJECHqRasvhtahZqAP/jGctbCzfgYHJUNCSOmuTR9fsjKGmb9TsGwg
-cqykcsv5jjq8AAZj/28y90TR9yv0STZmnvMTVFaZILPPNSBMboEWhMbUfgWGj/tn
-wFcr+PJujBdJl+pedM5+FIVqXAN3CVIm99g1X0xvK9vE3yplFTXPs8RZmsjMUMNO
-gVGTRHvXMemc9M0gnn9hdPA2pT07EgjyExCPi58XXXTjQAlBntuvevN6uXIE4H4l
-3XNI9WsA+l4zImmlYUdIMAhYrrH5qbXdUgide2oH8LPgYEcsUrl3b8hiylXDjtKi
-WPyOIUS2cCrr7UCrlYfeIHhsTZ7rPTQNIX3d+vA7JY3taY8ihzZCw1EmGB8kL6Kw
-ZADDCrzEBscQF67IwbwZmPPGiGDQfhs5IS6NUtOMfXFsAbgOeFY7/VVctf4tcQvJ
-w7xlBNyOP/gBAq6jjC8w+u/0DXr2gRMb5XBCU13vhUE8YK+GfPAZc1tMr8ofX5ZE
-fRhJv7jV+UHc0qExJTp0YjRIa0jENIeFVU2bHb/peJP1T/OetmwbkrDychtsXP70
-wZRRaAkyx3VmX1HyDPtX1+mfsvvLkuEnwc4Iyxj9nv/sdSz638DUwjiDtDmDlS5J
-l2CLTPG6SJa4KQt4CIA/jLvMorg6Mnrjg0NxYIdrfrOfBWaTPeLEvxDRq5HXk6qr
-YGNH9/KimQINBFvrElgBEACjNft3anFHNzwHW6dzxGinWEzFin3xBUjhre7e23Dg
-DRIceDtePOqXGnIN5yGGH4VZrEGHfjTPoCcrRSpM75ryPLa3Pi0UHXRso/OkO2ta
-+VaQRlwU2WAYqd3g/eck+x7MZHuKKyfyxDSUywuJumWhIqeJLyG/J9e1riHwaxYw
-tLDvHCAtK4osoJ6GZDx95Rr4El/N5CtZBlIzRQUJMo695MIxeKA6RmlQVp8mGPQm
-20Hveo0kBsLYFJxTW4D+KnwpQr2mJLsEQnCgKcr8TF5hDowz8+o3wdUrfteiVfkd
-X64kXJm85jaR/K0ubnv96iTxoeh2Wf2jNAn3EjKhPzEeYFI2gCm2tzwUEzSuOjtr
-x7FqDp7/iJRANmKQJ9KzhCT5JLkeS5do8d196xiI79Zlx8ISQRvCNuu1Or7idwvI
-gHy/+BCyPUARv430YvXU4d01FVKTlNrbRsq91SVojek4UXkAk9oh4d3Y/AQF1DLs
-4nK1vBukwWIKwcfVA/RidSqXofx6pahTPvguTkAARhMEJPLtbQBzD5kqkdgdP/6s
-7ziTwGkGO8iF0TvkCwMXWXHl1B/m6b3h/wWOIFNfAZ0FxZmmD5UhytjVjhdI7jiy
-Zf6JjNupVCVx1eqMGZfm3jkZqzWOB9wrVrb6rtI25ZuoRQJ/idnXkxZmq4m1MCZb
-CQARAQABtDVGZWRvcmEgKGlvdCAyMDE5KSA8ZmVkb3JhLWlvdC0yMDE5QGZlZG9y
-YXByb2plY3Qub3JnPokCPgQTAQIAKAUCW+sSWAIbDwUJEw5BKAYLCQgHAwIGFQgC
-CQoLBBYCAwECHgECF4AACgkQe7kHItu9z3xs8Q/9HqL76vo5xZjl78USwgX7t2f8
-Aa6sqD6OIV4V9KPCaNeqP8OF6LqYFxkv3GX3FMHGPHVKOBLQ6LvuGozcnnpZ3ypq
-6ChAy2L4W7ytFggpluArxSN5jmHoOXO51wPDPCSjd4rRi1+XnMDiA3VIk0vTcGHU
-K13JgvzuUrIbFYhVwwCn8Rt0GvCWVLyvKRbykN3xgFmromREKdDCUymYS/u4hXw5
-xQt2AE9IgX9puLlGH5AdbJumMipcaI9erH/KVoBvtAHA5ozkL0PDocRaWA/W+i8r
-XEeI8TJBA7Q/Xb/L12aIOCzeyEKGP911iR3/99UGMgfswKvF4WT4KdAV2VZoPizu
-0Am2MUYhoexdnHY6GtU1UKcWt2hW7HmGBCZVdVpUF3W/gebe+ahLPT9UhqNTin2v
-w7MxMKy2uWPZri76R165F3TP434dZLNfkNa1rdtQrRaD1Be9/hAQthYWKoCFowbM
-LAr1BgzkUs97arxBTzqkr9GTCy5CX+nObIbwkrFYugRfA4bSzNFSpCo71cudqNwK
-JEw65lF90+T5ma7lM6ZwijH1A9pYeGQS0eUOrV/0VTsxXQOyS6Mcfper+dkOpypZ
-dSnJGzid9HPUSUdjI94wtRYInrcD09v5OnJcoxUDVVjVhH4FIqKVYstucn/LB67n
-nn+55uTOKdm729ex0UI=
-=FHrh
------END PGP PUBLIC KEY BLOCK-----
diff --git a/sites/getfedora.org/static/keys/9570FF31.txt b/sites/getfedora.org/static/keys/9570FF31.txt
new file mode 100644
index 0000000..ac8572f
--- /dev/null
+++ b/sites/getfedora.org/static/keys/9570FF31.txt
@@ -0,0 +1,28 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF4wBvsBEADQmcGbVUbDRUoXADReRmOOEMeydHghtKC9uRs9YNpGYZIB+bie
+bGYZmflQayfh/wEpO2W/IZfGpHPL42V7SbyvqMjwNls/fnXsCtf4LRofNK8Qd9fN
+kYargc9R7BEz/mwXKMiRQVx+DzkmqGWy2gq4iD0/mCyf5FdJCE40fOWoIGJXaOI1
+Tz1vWqKwLS5T0dfmi9U4Tp/XsKOZGvN8oi5h0KmqFk7LEZr1MXarhi2Va86sgxsF
+QcZEKfu5tgD0r00vXzikoSjn3qA5JW5FW07F1pGP4bF5f9J3CZbQyOjTSWMmmfTm
+2d2BURWzaDiJN9twY2yjzkoOMuPdXXvovg7KxLcQerKT+FbKbq8DySJX2rnOA77k
+UG4c9BGf/L1uBkAT8dpHLk6Uf5BfmypxUkydSWT1xfTDnw1MqxO0MsLlAHOR3J7c
+oW9kLcOLuCQn1hBEwfZv7VSWBkGXSmKfp0LLIxAFgRtv+Dh+rcMMRdJgKr1V3FU+
+rZ1+ZAfYiBpQJFPjv70vx+rGEgS801D3PJxBZUEy4Ic4ZYaKNhK9x9PRQuWcIBuW
+6eTe/6lKWZeyxCumLLdiS75mF2oTcBaWeoc3QxrPRV15eDKeYJMbhnUai/7lSrhs
+EWCkKR1RivgF4slYmtNE5ZPGZ/d61zjwn2xi4xNJVs8q9WRPMpHp0vCyMwARAQAB
+tDFGZWRvcmEgKDMzKSA8ZmVkb3JhLTMzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQI4BBMBAgAiBQJeMAb7AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
+CRBJ/XdJlXD/MZm2D/9kriL43vd3+0DNMeA82n2v9mSR2PQqKny39xNlYPyy/1yZ
+P/KXoa4NYSCA971LSd7lv4n/h5bEKgGHxZfttfOzOnWMVSSTfjRyM/df/NNzTUEV
+7ORA5GW18g8PEtS7uRxVBf3cLvWu5q+8jmqES5HqTAdGVcuIFQeBXFN8Gy1Jinuz
+AH8rJSdkUeZ0cehWbERq80BWM9dhad5dW+/+Gv0foFBvP15viwhWqajr8V0B8es+
+2/tHI0k86FAujV5i0rrXl5UOoLilO57QQNDZH/qW9GsHwVI+2yecLstpUNLq+EZC
+GqTZCYoxYRpl0gAMbDLztSL/8Bc0tJrCRG3tavJotFYlgUK60XnXlQzRkh9rgsfT
+EXbQifWdQMMogzjCJr0hzJ+V1d0iozdUxB2ZEgTjukOvatkB77DY1FPZRkSFIQs+
+fdcjazDIBLIxwJu5QwvTNW8lOLnJ46g4sf1WJoUdNTbR0BaC7HHj1inVWi0p7IuN
+66EPGzJOSjLK+vW+J0ncPDEgLCV74RF/0nR5fVTdrmiopPrzFuguHf9S9gYI3Zun
+Yl8FJUu4kRO6JPPTicUXWX+8XZmE94aK14RCJL23nOSi8T1eW8JLW43dCBRO8QUE
+Aso1t2pypm/1zZexJdOV8yGME3g5l2W6PLgpz58DBECgqc/kda+VWgEAp7rO2A==
+=EPL3
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/sites/getfedora.org/util/gpg_checker.py b/sites/getfedora.org/util/gpg_checker.py
new file mode 100644
index 0000000..ec51da9
--- /dev/null
+++ b/sites/getfedora.org/util/gpg_checker.py
@@ -0,0 +1,85 @@
+import glob
+import gnupg
+import os.path
+import tempfile
+import yaml
+
+def generate_gpg_bundle():
+    '''Generate a fedora.gpg bundle with active keys.'''
+    yaml_file = os.path.join(os.path.dirname(__file__), '..', 'release.yaml')
+    with open(yaml_file) as data:
+        yaml_data = yaml.safe_load(data)
+
+    gpg_home = tempfile.mkdtemp()
+    gpg = gnupg.GPG(gnupghome=gpg_home)
+    current = yaml_data.get('gpg_keys', {}).get('current', [])
+    current_ids = []
+
+    for key in current:
+        key_id = key.get('id')
+        if not key_id or '/' not in key_id:
+            raise Exception('invalid id field for GPG key in release.yaml')
+        key_id = key_id.split('/', 1)[1].split(' ')[0]
+        if len(key_id) != 8:
+            raise Exception('invalid id field for GPG key in release.yaml')
+        current_ids.append(key_id)
+        path = os.path.join(
+            os.path.dirname(__file__),
+            '..',
+            'static',
+            'keys',
+            key_id + '.txt')
+        try:
+            with open(path, 'r') as f:
+                gpg.import_keys(f.read())
+        except Exception as e:
+            print('Could not open key file {0}: {1}'.format(path, e))
+            raise
+
+    armor = gpg.export_keys(current_ids, armor=True)
+    return armor
+
+def check_gpg_keys():
+    '''
+    Basic sanity check to ensure:
+    1) Each key listed in release.yaml is in static/keys
+    2) The bundle has the release key in it.
+    '''
+    yaml_file = os.path.join(os.path.dirname(__file__), '..', 'release.yaml')
+    with open(yaml_file) as data:
+        yaml_data = yaml.safe_load(data)
+
+    dir_keys = glob.glob(
+        '{0}/*.txt'.format(
+            os.path.join(os.path.dirname(__file__), '..', 'static', 'keys')))
+
+    gpg_home = tempfile.mkdtemp()
+    gpg = gnupg.GPG(gnupghome=gpg_home)
+
+    for key in dir_keys:
+        with open(key, 'r') as f:
+            gpg.import_keys(f.read())
+
+    current = yaml_data.get('gpg_keys', {}).get('current', [])
+    # We should add these at some point a few are missing.
+    #obsolete = yaml_data.get('gpg_keys', {}).get('obsolete', [])
+    obsolete = []
+    missing = []
+
+    for key in current + obsolete:
+        fp = key.get('fingerprint').replace(' ', '').replace('\t', '')
+        matches = [ik for ik in gpg.list_keys() if ik.get('fingerprint') == fp]
+
+        if len(matches) == 0:
+            missing.append(key)
+
+    if missing:
+        for key in missing:
+            print(
+                '[Static GPG Key Missing] {0} ({1})'.format(
+                    key.get('name'),
+                    key.get('id')))
+        return False
+
+    print('GPG keys look good.')
+    return True