Is it possible to load *xml.asc in the rpm plugin?
To check the repository with a gpg key
“versions”: [
{
“component”: “core”,
“version”: “3.29.7”,
“package”: “pulpcore”,
“domain_compatible”: true
},
{
“component”: “rpm”,
“version”: “3.22.3”,
“package”: “pulp-rpm”,
“domain_compatible”: true
You can create a signing service and let pulp sign the repository. Publication will contain the signature and the pub.key Metadata Signing — Pulp RPM Support 3.25.0 documentation
1 Like
Thank you. I read about the signing service. how to check the signature of an upstream repository? pulp rpm does not yet have the functionality to perform verification. I thought it would be possible to perform signature verification on clients. The Debian plugin has the ability to use “verbatim publisher”. Is there something similar in rpm plugin?
I don’t think rpm plugin has the ability to perform metadata verification during sync, however you can mirror the repo in a way it also mirrors the metadata including .asc (without changing/regenerating it) and the end client like yum/dnf can verify it with the corresponding gpg key.
You will want mirror_complete sync option Create, Sync and Publish a Repository — Pulp RPM Support 3.25.0 documentation
I tried all the synchronization modes and did not find one suitable
You will want mirror_complete sync option Create, Sync and Publish a Repository — Pulp RPM Support 3.25.0 documentation
Have you tried that?
2 Likes
I tried it yesterday. But your comment made me doubt
. I’ll check it again now
Thank you. It seems I made a mistake yesterday when testing this mode
2 Likes