Sign Packages
Update https://gitlab.com/gitlab-org/omnibus-gitlab now that we have merged omnibus!7 (merged)
This adds:
- Signing of RPMs (
rpm --addsign) - Signing of DEBs (
debsigsformat) - Necessary changes to get the GnuPG keys in place for signing.
Relations:
- Related to #2537 (closed)
- Related to #1054 (closed)
- Replaces !922 (closed)
- Replaces !1718 (closed)
- Replaces !1752 (closed)
- Implements omnibus!7 (merged)
TODO
-
Merge this -
Implement new keypair -
Generate new keypair -
Upload to appropriate bucket -
Change/add values for GPG_PASSPHRASEandSECRET_AWS_* -
Upload pubkeys to PackageCloud repositories -
Write documentation for users to enable the checking of package signatures
-
-
Activate in production branches
Edited by Jason Plum