mirror of
https://github.com/rocky-linux/peridot.git
synced 2024-06-03 03:40:15 +00:00
6e77412823
Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM. We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that. |
||
|---|---|---|
| .. | ||
| store | ||
| BUILD.bazel | ||
| key.go | ||
| keywarming.go | ||
| server.go | ||
| sign.go | ||