peridot

History

Mustafa Gezen 6e77412823 Import RPM key to verify signature and stop blocking on failure Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM. We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that.	2022-11-05 18:32:58 +01:00
..
v1	Import RPM key to verify signature and stop blocking on failure	2022-11-05 18:32:58 +01:00
BUILD.bazel	Initial commit	2022-07-07 22:13:21 +02:00

Import RPM key to verify signature and stop blocking on failure

Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM.

We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that.

2022-11-05 18:32:58 +01:00

Import RPM key to verify signature and stop blocking on failure

2022-11-05 18:32:58 +01:00

BUILD.bazel

Initial commit

2022-07-07 22:13:21 +02:00