As a user, I can publish a Yum repository that works with repo_gpgcheck=1
To allow a Yum repository to be used with Yum clients that have repo_gpgcheck=1 configured in /etc/yum.conf:
- Create a new GPG signing key that can be used by Pulp worker processes without a password. (Documentation provides example procedures.)
- Append the public key associated with the new GPG signing key to the gpgkey file specified in the distributor config for the Yum repository in Pulp.
- Set gpg_sign_metadata to True in the distributor config for the Yum repository in Pulp.
Updated by bmbouter over 4 years ago
- Status changed from NEW to POST
- Assignee set to PaulSD
So this feature defaults to off because it's only enabled if the user specifies
As an FYI, we do have an integration test suite called pulp-smash which is run by ichimonji10 in #pulp-dev in case you are interested in writing any tests to use and verify this feature. Whatever you want to do is fine of course. Thanks for contributing this great feature.
Updated by kfiresmith about 4 years ago
Huge thanks for getting this feature in place. For anyone else who comes across this, docs live here: https://docs.pulpproject.org/en/2.15/plugins/pulp_rpm/tech-reference/yum-plugins.html#gpg-signing-key