Story #1156
Updated by bmbouter over 8 years ago
Pulp currently doesn't support the signature attribute for rpm, srpm, or drpm packages. When an RPM, SRPM, or DRPM is either uploaded or imported via sync, the signature should be extracted from the file and stored. Where to store the attribute? The NonMetadataPackage RpmBase model is the ancestor of RPM, SRPM, RPM and DRPM SRPM so the attribute should signature needs to be stored there. The DRPM model will need to also store the attribute. Also perhaps it could go onto the NonMetadataPackage which is the parent of both RpmBase and DRPM. Suggested change is here: https://github.com/release-engineering/pulp_rpm/commit/f31f90d864fb884710d3da07a1b9644e98f04a53 This will allow further package verification process based on the signature which is story #1991. https://pulp.plan.io/issues/1991