Sign RPM and DEB packages
requested to merge 1197-the-packages-for-gitlab-ci-multi-runner-on-gitlab-com-are-unsigned into master
What does this MR do?
This MR introduces package signing for DEB and RPM.
How does this work?
It's heavily inspired by how we sign on omnibus; the private key (password protected) is stored on S3.
Signing is based on the presence of some variables, those variables should be available only on protected branches.
$GPG_KEY
trigger package signing.
-
$GPG_KEY
: holds base64 of key -
$GPG_PASSPHRASE
: the private key passphrase
Why was this MR needed?
Are there points in the code the reviewer needs to double check?
Does this MR meet the acceptance criteria?
-
Documentation created/updated - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Branch has no merge conflicts with master
(if you do - rebase it please)
What are the relevant issue numbers?
Closes #1197 (closed)
Edited by Kamil Trzciński