Hi,
I imported a new package called voikko-fi yesterday. I think I hit a
bug in fedpkg, but I'm not sure. The packaging guidelines say "Any
detached signature file (e.g. foo.tar.gz.asc or foo.tar.gz.sig) must
be uploaded to the package lookaside cache alongside the source code,
while the keyring must be committed directly to the package SCM."
I think fedpkg import did this the other way around. The keyring
(called gpgkey-AC5D65F10C8596D7E2DAE2633D309B604AE3942E.gpg) was
uploaded to the lookaside cache. The signature file (called
voikko-fi-2.4.tar.gz.asc) was about to be committed to git. I fixed
things manually as much as I could.
I don't have the shell history available anymore and I may have made
an error somewhere myself. I have not looked at the fedpkg source code
yet, it'd be interesting to know how to test the import again without
breaking anything.
-Ville-Pekka
Show replies by date
I read a bit of code and thus replying to my own message.
It seems rpkg decides whether to upload a file to the lookaside cache
or not based on running "file -b --mime-encoding" on it. For a keyring
file that returns "binary".
See
https://pagure.io/rpkg/blob/master/f/pyrpkg/utils.py#_280
-Ville-Pekka