[arch-general] Package signing on soyuz
Lukas Jirkovsky
l.jirkovsky at gmail.com
Wed Jan 18 19:21:29 UTC 2017
On 17 January 2017 at 08:42, Jerome Leclanche <jerome at leclan.ch> wrote:
> What is the current intended way to sign packages on the pkgbuild.com server?
I don't think there's any.
> I spent the past day setting up agent forwarding
> (https://wiki.gnupg.org/AgentForwarding) for it. Had a lot of trouble
> setting it up due to systemd being seemingly overzealous about the
> gpg-agent socket. I have it working now, for myself, but wondering if
> anyone else is using it or if everybody is just signing locally.
>
> J. Leclanche
I use only the ssh agent forwarding ("ForwardAgent yes" in
.ssh/config). On pkgbuild.com I build packages using the *-*-build as
always. When a package is built, I use a script [1] that downloads the
binary packages, signs them and uploads the signatures back to
pkgbuild.com. That way I can use communitypkg on pkgbuild.com to
upload everything.
[1] https://bitbucket.org/stativ/scripts/src/tip/shell/download-and-sign.sh?at=default&fileviewer=file-view-default
Lukas
More information about the arch-general
mailing list