Story #1984
closed
Allow distribute GPG key for each repo
0%
Description
If I create a repo with the --gpg-key option, it would be nice to be able to publish the key via HTTP in order I could point to it from the YUM repo file using the "gpgkey" property.
Example:
$ cat /etc/yum.repos.d/epel.repo
[epel]
baseurl = http://mypulpserver/pulp/repos/epel/6/$basearch/
gpgcheck = 1
gpgkey = http://mypulpserver/pulp/path/to/the/epel.key
name = EPEL YUM repo
The best would be to have an extra distributor for that which would be added automatically when --gpg-key option is defined during the repo creation. The key could be published in http://server/pulp/keys/<repo-id>.gpg.
Updated by jcline@redhat.com almost 7 years ago
If we decide to implement this I think we should refuse to publish GPG keys over HTTP, only HTTPS
Updated by jiri.tyr@gmail.com almost 7 years ago
jcline@redhat.com wrote:
If we decide to implement this I think we should refuse to publish GPG keys over HTTP, only HTTPS
I would leave this to the user. Any sane user uses HTTPS anyway but I can imagine cases where people don't need HTTPS - for example for internally cloned repositories.
Updated by bmbouter about 4 years ago
- Status changed from NEW to CLOSED - WONTFIX
Updated by bmbouter about 4 years ago
Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.
.