recv_gpg_keys: refactor the script to use .SRCINFO and keys/pgp/

Use .SRCINFO instead of PKGBUILD to list the keys used to validate
packages.

Import keys from $PKG/keys/pgp/*.asc, and always perform such imports to
enable updating keys when the files get updated.

recv_gpg_keys.sh

@@ -1,27 +1,28 @@
-#!/bin/bash
+#!/usr/bin/env bash
 # Receive every gpg keys used by packages
+set -eu
+cd "$(dirname -- "$0")"
 
+# Import all keys from the packages
+gpg --import ./*/keys/pgp/*.asc
+
+# Import all keys from the cache
+gpg --import _pgp_cache/*.asc
+
+# Download missing keys from a keyserver
 # GnuPG key server to use
 GPG_KEYSRV="${GPG_KEYSRV:-hkp://keys.gnupg.net}"
 
-cd "$(dirname -- "$0")" || exit $?
 for DIR in $(find . -maxdepth 2 -name PKGBUILD -printf '%h\n' | sort)
 do
-    validpgpkeys=()
-    if ! source "$DIR/PKGBUILD" ; then
-        echo >&2 "Failed to source $DIR/PKGBUILD"
-        exit 1
-    fi
     PKG="${DIR#./}"
-    for GPGKEY in "${validpgpkeys[@]}" ; do
+    sed -n 's/^\s*validpgpkeys = //p' < "$DIR/.SRCINFO" | \
+    while IFS= read -r GPGKEY ; do
         if gpg --list-keys "$GPGKEY" > /dev/null 2>&1 ; then
-            echo "$PKG: key $GPGKEY already received."
-        elif [ -e "_pgp_cache/$GPGKEY.asc" ] ; then
-            echo "$PKG: importing key from local cache"
-            gpg --import "_pgp_cache/$GPGKEY.asc" || exit $?
+            echo "$PKG: key $GPGKEY found."
         else
             echo "$PKG: receiving key..."
-            gpg --keyserver "$GPG_KEYSRV" --recv-keys "$GPGKEY" || exit $?
+            gpg --keyserver "$GPG_KEYSRV" --recv-keys "$GPGKEY"
         fi
     done
 done