From 4ba65710c2c37f817436e2267cfa9c8cf8a2b507 Mon Sep 17 00:00:00 2001 From: Ken Dreyer Date: Mon, 18 May 2020 15:42:37 -0600 Subject: [PATCH] doc: explain sigkey behavior Explain how Pungi operates on the sigkeys list, and what happens when there is only one item in the list. Signed-off-by: Ken Dreyer --- doc/configuration.rst | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/doc/configuration.rst b/doc/configuration.rst index c8ec12d2..d9cccf16 100644 --- a/doc/configuration.rst +++ b/doc/configuration.rst @@ -467,8 +467,13 @@ Options ------- **sigkeys** - ([*str* or None]) -- priority list of sigkeys; if the list includes an - empty string or *None*, unsigned packages will be allowed + ([*str* or None]) -- priority list of signing key IDs. These key IDs match + the key IDs for the builds in Koji. Pungi will choose signed packages + according to the order of the key IDs that you specify here. Use one + single key in this list to ensure that all RPMs are signed by one key. If + the list includes an empty string or *None*, Pungi will allow unsigned + packages. If the list only includes *None*, Pungi will use all unsigned + packages. **pkgset_source** [mandatory] (*str*) -- "koji" (any koji instance) or "repos" (arbitrary yum repositories)