Story #1156
Updated by ipanova@redhat.com over 8 years ago
Pulp currently doesn't support the signature attribute for rpm, srpm, or drpm packages. When an RPM, SRPM, or DRPM is either uploaded or imported via sync, the signature should be extracted from the file and stored.
Where to store the attribute?
The NonMetadataPackage model is the ancestor of RPM, SRPM, and DRPM so the attribute should be stored there.
Suggested change is here: https://github.com/release-engineering/pulp_rpm/commit/f31f90d864fb884710d3da07a1b9644e98f04a53
This will allow further package verification process based on the signature which is story #1991. https://pulp.plan.io/issues/1991
We don't need all signature information header, but just the signing key, so more appropriate name for the attribute would be 'signing_key'