toolkit/iso/empanadas/empanadas/templates
2022-09-11 19:01:01 -07:00
..
icicle add fedora major version for future use 2022-08-28 23:21:54 -07:00
kube Implement a feature to assist in generating various images 2022-06-28 09:33:13 -04:00
minimal/9 fix up script 2022-07-13 20:01:23 -07:00
buildExtraImage.tmpl.sh Add unversioned linking and checksums 2022-08-05 01:24:49 -07:00
buildImage.tmpl.sh 755 is sufficient enough 2022-07-25 03:30:52 -07:00
buildLiveImage.tmpl.sh dir is actually stage 2022-09-11 19:01:01 -07:00
extraisobuild.tmpl.sh Bump to 0.2.0 2022-07-04 11:32:10 -07:00
isobuild.tmpl.sh Bump to 0.2.0 2022-07-04 11:32:10 -07:00
isomock.tmpl.cfg Lets write some poetry 2022-06-17 15:06:45 -04:00
ISOREADME.tmpl clarify the readme 2022-08-08 16:18:54 -07:00
liveisobuild.tmpl.sh seems to work with selinux on 2022-07-11 08:58:13 -07:00
README.tmpl add delete old packages option 2022-08-03 23:07:47 -07:00
repoconfig.tmpl Add needed features (0.4.0) 2022-07-28 16:00:40 -07:00
reposync-src.tmpl deploy gpg key with sig 2022-07-25 16:46:53 -07:00
reposync.tmpl add sig syncs 2022-07-25 18:03:07 -07:00
xorriso.tmpl.txt powerpc is PPC, everything else is LINUX 2022-07-30 09:48:48 -07:00

These set of repositories (or "compose") is for {{ fullname }} and was generated
using Empanadas {{ version }} from the SIG/Core Toolkit.

As this is not a traditional compose (via pungi), there will be things that you
might be expecting and do not see, or not expecting and do see. While we
attempted to recreate a lot of those elements, it's not perfect and we don't
expect that it ever will be. With that being said, in the future, we do plan on
having more metadata and providing client libraries that can ingest this type of
metadata that we produce for easy consumption, on top of extending what our
metadata provides.

# Notes #

## Unversioned ISO Files ##

There are unversioned ISO files in the isos and live directories per
architecture. This is to allow libvirt users an easy way to download an ISO for
a given release of their choosing easily. It also allows users as a whole to
always have a pre-determined path to download the latest ISO of a given release
by just relying on it being in the URL itself rather than in the ISO name. Note
that these unversioned ISO files may or may not advertised on the main site.

## Checksums ##

CHECKSUM Validation: https://github.com/rocky-linux/checksums
                     https://git.resf.org/rocky-linux/checksums (mirror)

Traditionally, we would "sign" the checksum files with the current GPG key of a
major release. However, due to how the new build system operates and for
ensuring strong security within the new build ecosystem as it pertains the
signing keys, this is no longer a viable approach. It was determined by SIG/Core
(or Release Engineering) to instead provide verified signed commits using our
keys with RESF/Rocky Linux email domain names to a proper git repository. Our
signing keys are attached to our GitHub and RESF Git Service profiles.

If you are looking for "verification" of the ISO checksums and were expecting a
`CHECKSUM.sig`, it is highly recommended to visit the link above instead.

To verify our signature, click on "commits" and click the green "Verified"
button where you will see a GPG key ID. You can then search for this ID at the
any of the following:

https://keys.openpgp.org/
https://keyserver.ubuntu.com