-
Notifications
You must be signed in to change notification settings - Fork 812
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign our RPMs #144
Comments
rpm --addsign on Ubuntu 10.04 won't work, seemingly because librpmsign0 is not available until 11.10. Given the dependencies on libc6 (>= 2.4), this is unlikely to work on our 10.04 boxes. |
Verified on 12.04, rpm --addsign works. |
Done manually this time. Requires to rejigger our package production pipeline to get full automation. |
Actually signature is marked as bad. |
This has come up recently in regards to our hosted meld3 rpm. DataDog/chef-datadog#89 |
One ref here: http://systembash.com/content/simple-guide-to-signing-rpms-with-fpm/ |
We could definitely do it now that we are building the agent on ubuntu 14.04. We'll need to change or scripts to distribute the public key. Let's do that for 5.1.0. |
Too many pitfalls to tackle for now. See: http://technosorcery.net/blog/2010/10/10/pitfalls-with-rpm-and-gpg/ Adding some prerequisite tasks to our operations backlog so we can do the RPM signing cleanly. cc: @miketheman |
I think we need to sign on a Fedora box to be on the safe side. I did have issues early on, trying to sign it on Ubuntu 10.04. |
@elafarge do you know what's the status ? Is it still maintained for the 5.5.0 agent release ? |
@yannmh Yep, signing is currently enabled. We just need to put the "real" key on CircleCI and we're done. |
Oh and I don't have that key :/ |
Going out with our 5.5.0 release. |
Our DEBs are signed with http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0x226AE980C7A7DA52. Do the same for RPMs.
The text was updated successfully, but these errors were encountered: