5bffca5037
With this patch, you can specify a command for
signing of koji builds. For example:
signing_key_password_file = '~/file_with_password_for_key_fedora-24'
signing_key_id = '81b46521'
signing_command = '~/git/releng/scripts/sigulsign_unsigned.py -vv --password=%(signing_key_password)s fedora-24'
'signing_key_password_file' is a path to a file which contains
a password that will be formatted into 'signing_command' string
via '%(signing_key_password)s' string format syntax (if used).
Because pungi config is usualy stored in git and part of compose
logs we don't want password to be included directly in the config.
Note: If '-' is used instead of a filename, then you will be asked
for the password interactivelly right after pungi starts.
'signing_key_id' is ID of the key that will be used for the signing.
This ID will be used when crafting koji paths to signed files
(kojipkgs.fedoraproject.org/packages/NAME/VER/REL/data/signed/KEYID/..).
'signing_command' a command that will be run with a build as a single
argument. This command mustn't require any user interaction.
If you need to pass a password for a signing key to the command,
do this via command line option of the command with use of string
formatting syntax '%(signing_key_password)s' (see details
about 'signing_key_password_file').
Signed-off-by: Tomáš Mlčoch <tmlcoch@redhat.com>
|
||
|---|---|---|
| .. | ||
| data | ||
| __init__.py | ||
| test_arch.py | ||
| test_buildinstall.py | ||
| test_compose.py | ||
| test_compose.sh | ||
| test_imagebuildphase.py | ||
| test_imagechecksumphase.py | ||
| test_koji_wrapper.py | ||
| test_liveimagesphase.py | ||
| test_livemediaphase.py | ||
| test_lorax_wrapper.py | ||
| test_notifier.py | ||
| test_pathmatch.py | ||
| test_util.py | ||