On 03/04/2017 18:23, Siddiqui, Shahzeb wrote:
Can we add the –rpm-sign feature to EasyBuild. It would also need a
means to import gpg key. Similar to github token, if there is a flag
–gpg-key you can set the key and rpmsign will take care of the rest.
Yea, --package-tool-option would work fine so long as it has a some
way to address the issue. You can merge the release and few other
options in this option
It could be like
package-tool-options = {gpg-key: ‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx’,
release: ‘1’ }
Support for using eb --package-tool-options="--rpm-sign 'xxx' " is
implemented in https://github.com/hpcugent/easybuild-framework/pull/2187 .
This doesn't include support for something like --gpg-key though, I'm
not sure if something like that would make sense, i.e. if it's EasyBuild
responsibility to keep a GPG key safe...
K.
*From:*[email protected]
[mailto:[email protected]] *On Behalf Of *Kenneth Hoste
*Sent:* Monday, April 3, 2017 12:10 PM
*To:* [email protected]
*Subject:* Re: [easybuild] GPG signing RPM in EasyBuild
Hi Shahzeb,
On 03/04/2017 17:24, Siddiqui, Shahzeb wrote:
Hello,
I want to find out if its possible to add a GPG signature to RPM
via FPM. If so, I would like to utilize this feature.
Not yet, it would require support for pass --rpm-sign to the fpm
command, cfr. https://github.com/jordansissel/fpm/pull/311
<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jordansissel_fpm_pull_311&d=DwMD-g&c=UE1eNsedaKncO0Yl_u8bfw&r=RMJdCm7m5fiPWhajwKUnEW5yn4eK2YdUWW-MLVShghg&m=US9RgPiNDPNpBR31rvQcvec4fCJ-TiXMpRgT4PYhYk4&s=zYl-9-X547OnK6I8DGUuE6vd71BULB7VLFvg5c8b3cQ&e=>
.
As a more general solution, it would probably make sense to support a
more general configuration setting like --package-tool-options, or
something like that...
regards,
Kenneth
