rocky-linux/peridot
4
0
Fork 0
mirror of https://github.com/rocky-linux/peridot.git synced 2024-06-01 19:20:14 +00:00
Code Issues Projects Releases Activity
280 Commits 5 Branches 0 Tags 18 MiB
main
Commit Graph

13 Commits

Author SHA1 Message Date
Mustafa Gezen
ad0f7a5305
Major upgrades 
Upgrade to Go 1.20.5, Hydra v2 SDK, rules-go v0.44.2 (with proper resolves), protobuf v25.3 and mass upgrade of Go dependencies.
 2024-03-17 08:06:08 +01:00
Mustafa Gezen
6e77412823
Import RPM key to verify signature and stop blocking on failure 
Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM.

We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that.
 2022-11-05 18:32:58 +01:00
Mustafa Gezen
6e213b3263
Sync-01 - 10/30/2022 2022-10-30 02:59:43 +01:00
Mustafa Gezen
226c0f4c30
Change interceptor handling and add prometheus metrics to all services 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-31 20:06:02 +02:00
Mustafa Gezen
1ffd01550a
Remove unused function (deleteGpgKey) 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:13:52 +02:00
Mustafa Gezen
663d0bc99f
Increase signing heartbeat timeout to 10 minutes 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:13:52 +02:00
Mustafa Gezen
e810946c70
Switch to sync.Map for keywarming 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:13:52 +02:00
Mustafa Gezen
70c45775cb
Remove verification step from keykeeper 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:13:52 +02:00
Mustafa Gezen
0a712673a7
Fix merge conflict upstream/resf 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:13:29 +02:00
Mustafa Gezen
8ef874b5ae
Re-use instead of reloading pre-warmed key 
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
 2022-08-17 02:12:29 +02:00
Mustafa Gezen
064292e798
Fix keykeeper error return 2022-07-29 23:43:47 +02:00
Mustafa Gezen
1703798d0e
Verify signature regardless of signing status 
We get "corrupted"/non-correctly signed RPMs from time to time and added a mechanism to verify signatures and resign if invalid. Unfortunately sometimes rpm --addsign can return a zero exit code regardless of actual error status. Because of this we should always verify signature after signing, this way if it's invalid, we can resign it.
 2022-07-27 22:32:36 +02:00
Mustafa Gezen
ce632b9498
Initial commit 2022-07-07 22:13:21 +02:00