Project

Profile

Help

Story #7820

closed

Task #9105: [EPIC] Signing and signature verification

As a user, Pulp is able to verify package signatures, and reject unsigned or invalidly-signed packages

Added by mped over 3 years ago. Updated over 2 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Q4-2021

Description

Ticket moved to GitHub: "pulp/pulp_rpm/2258":https://github.com/pulp/pulp_rpm/issues/2258


In Pulp2 when carrying out a synchronisation it is possible to add the flag --require-signature, to ensure that synched packages are signed, please can this feature be added to Pulp3.

Additionally please can support for allowed-keys also be included.

Thanks

Matt


Related issues

Has duplicate RPM Support - Story #8523: When syncing content from a remote, GPG signatures are checkedCLOSED - DUPLICATE

Actions

Also available in: Atom PDF