[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] Using --gpg-key in pulp-admin rpm repo create command

On 04/25/2013 01:24 AM, Shaymardanov Rushan wrote:
We are trying to use pulp to upload and publish our application packed
to RPM using maven rpm plugin. I don't understand how to use --gpg-key
option in rpm repo create command.
Does it signs packages uploaded to repository using this key?
Is it possible to download public part of key using published
repository or I should publish it somewhere else?

I've created repository and provided gpg secret key as argument to
this option. Then I uploaded RPM package using rpm repo uploads rpm
command. But when I trying to install this package, I get "package not
signed" error from yum.

Note that I don't (and don't want) to use pulp consumer on target
server, I just want to install packages using HTTP.

What is the right way to sign rpm packages uploaded to pulp repository
and publish public key for yum can check sign?

The signing happens before the package is uploaded to Pulp. That GPG key option is for consumers bound to the repo. Pulp will make that key available to the consumers so that when it goes to use the Pulp repo, it can verify the GPG signatures of the RPMs it's installing.

Rushan Shaymardanov

Pulp-list mailing list
Pulp-list redhat com

Jay Dobies
Freenode: jdob @ #pulp

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]