-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Understand the details of Fedora Infra signing process #87
Comments
@bgilbert @ajeddeloh - might also be worth presenting on fero architecture during this meeting. |
We met today to discuss this.. Here are some rough notes: Signing Server InfrastructureFedora Signing Server Infra/Software
CL Signing Server Infra/Software
|
I believe the outcome of this meeting is that it seems like we should be able to use the existing robosignatory automatic signing mechanism by publishing fedmsgs to request signing occur. Any new issues we find we will create new issues to discuss what's needed for them. |
We've had a few discussions recently about "signing" artifacts and metadata and if what infrastructure we can rely on for this. Fedora has an automated process that uses the robosignatory software to achieve this goal. We'd like to understand the architecture of how robosignatory is set up and the requirements it has. This should help us figure out if there are any new features we need and if this is something that can be done in collaboration with Fedora Infrastructure or not.
This should involve getting together with @puiterwijk and @nirik from fedora infrastructure and asking them to for an overview of the architecture and software.
Note also that CL has "signing server" software too that was recently written I believe: https://github.com/coreos/fero
The text was updated successfully, but these errors were encountered: