Signing metadata requires a lot of manual interaction and knowledge of the customer. This was the reason why we never implemented it for SUMA as the benefit was very low.
Now with the change in the zypp stack to not allow installing unsigned RPMs without user interaction or completly disabling GPG checks the benefit of such a feature increased.
I plan to implement this without any GUI support.
- the customer need to create an own GPG key pair
- the customer need to enable this feature in the config and configure the keyid and the password
- during metadata generation the taskomatic task check, if metadata signing is configured and only then sign them
- if metadata signing is configured, we need to change the GPG check options of the repos.
Looking for hackers with the skills:
This project is part of:
Hack Week 17
Comments
Be the first to comment!
Similar Projects
Saline (state deployment control and monitoring tool for SUSE Manager/Uyuni) by vizhestkov
[comment]: # (Please use the project descriptio...
Improve Development Environment on Uyuni by mbussolotto
Description
Currently create a dev environm...
Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil
Join the Gitter channel! [https://gitter.im/uy...
Improve Development Environment on Uyuni by mbussolotto
Description
Currently create a dev environm...
Automated Test Report reviewer by oscar-barrios
Description
In SUMA/Uyuni team we spend a...
Edge Image Builder and mkosi for Uyuni by oholecek
Description
One part of [Uyuni system man...
Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil
Join the Gitter channel! [https://gitter.im/uy...
Saltboot ability to deploy OEM images by oholecek
Description
[Saltboot](https://github.com...