Story #5945
closedAs an administrator I can provide a script that signs files
0%
Description
As a pulp administrator, I can create a SigningService by providing a script that implements the following interface:
script-name <file-name>
The script can produce any number of files in the current working directory and then output a JSON structure that has a key for every file generated and the value for each is the sha256 sum of the file. e.g.
$ /var/lib/pulp/mysigningscript.sh repomd.xml
{"repomd.xml.asc": "ce72f1c9f90c6ca85a88352b677ed8cc85d4ba81b4887be39afb01ad9c4fd8f8", "repomd.xml.gpg": "e36e08b23107745247855b1a06d6d8ae27883fb56d7d7a282d93393db801cfe0"}
Related issues
Updated by bmbouter almost 5 years ago
- Sprint/Milestone set to 3.1.0
- Sprint Candidate changed from No to Yes
Updated by daviddavis almost 5 years ago
- Tracker changed from Issue to Story
- % Done set to 0
Updated by mihai.ibanescu@gmail.com almost 5 years ago
There is a reason the interface implemented for metadata signing in pulp2 is modifying the file in place.
Sometimes, the plugin writer may not know what types of signatures (detached or not) are needed.
As an extreme (and maybe hypothetical) example, let's look at a yum repository (repomd, really).
yum expects a clear-text signature. zypper expects a detached signature.
At the time the plugin developer writes the plugin, it may not be aware that the repo may even be used for zypper.
So, the plugin should typically only care that a call to make a signature was made. The instance of the signing service, as implemented by the pulp administrator, will decide whether it's a detached or clear-text signature.
Updated by dkliban@redhat.com almost 5 years ago
- Description updated (diff)
Mihai, thanks for the input. That makes sense to me. I've updated the description to reflect your idea.
Updated by bmbouter almost 5 years ago
- Sprint/Milestone deleted (
3.1.0) - Sprint deleted (
Sprint 64)
Updated by bmbouter almost 5 years ago
- Description updated (diff)
- Status changed from NEW to CLOSED - DUPLICATE
- Sprint Candidate set to No
Updated by bmbouter almost 5 years ago
- Is duplicate of Story #5943: Add a SigningService model, viewset, and serializer added