New package gpg signature acceptance test (was Latest FC13 kernel rejected as unsigned)
Bill Nottingham
notting at redhat.com
Fri Apr 9 19:26:54 UTC 2010
James Laska (jlaska at redhat.com) said:
> > The process flow is:
> >
> > 1. package is built in koji
> > <any delay from maintainer>
> > 2. update is submitted in bodhi
> > <delay until next push>
> > 3. package is signed
> > <then nearly instantaneously>
> > 4. package is pushed
>
> When you say "package is pushed", do you mean pushed to the requested
> repo (updates vs updates-testing)?
Correct.
> From a user-perspective, having to use --skip-broken seems just as bad
> as using --nogpgcheck. But if I understand correctly, given the
> workflow above we don't have a mechanism to enforce this in the QA
> space?
We can enforce it in the mash configuration that's used by bodhi and/or
the branched compose process.
Bill
More information about the test
mailing list