Implement linux package signing #396
Labels
Comments
codefromthecrypt
changed the title
|
note: it seems github CLI signs external to nfpm. I don't necessarily care whether signing is done inside nfpm or external to it. However, we should probably do that internal to our makefile as opposed to shell scripts pasted into yaml https://github.com/cli/cli/blob/trunk/.github/workflows/releases.yml |
codefromthecrypt
added
good first issue
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
#395 removes linux package signing because it was broken and not noticed because it wasn't tested. Let's try again!
Notably, to know this works. the rpm and deb test scripts should verify signatures always, defaulting to the test ones.
Ex.
https://github.com/goreleaser/nfpm/blob/39f5bf392d22c9284f45cb9f5c34c06c4901fef1/testdata/acceptance/rpm.dockerfile#L68-L76
https://github.com/goreleaser/nfpm/blob/39f5bf392d22c9284f45cb9f5c34c06c4901fef1/testdata/acceptance/deb.dockerfile#L67-L78
The text was updated successfully, but these errors were encountered: