On 12/14/10 7:57 PM, Allen Hewes wrote: > B) how do you get the signed RPMs on disk (the filesystem) back into > Koji? I think this is the process I have come across in previous > posts from Jesse/Mike. I don't understand what sigul is could be the > issue...
Sigul is calling koji import-sig in order to import the signed header from the signed rpm. Koji can keep any number of signed headers for a package. You can then ask koji to write out a version of rpms with signed headers. This is actually done through the API, there is no command line option for it. (koji list-api to get a list of all the possible API calls) > > C) does step 3 mean that you have taken twice as much space on disk > because know you have two versions (one signed and one unsigned) of > the same NVR build? If you keep the signed one around yes. You don't have to sign every build, or you don't have to keep the signed version around after you publish them somewhere. > D) if I go to Fedora's Koji, I don't see two NVR RPMs per package. I > think I am missing something here w.r.t getting signed RPMs back into > Koji. http://kojipkgs.fedoraproject.org/packages/pungi/2.1.4/1.fc14/data/signed/97a1071f/noarch/ You'll see signed rpms there. The signature content gets put into the <package>/<version>/<release>/data/ directory structure. -- Jesse Keating Fedora -- FreedomĀ² is a feature! identi.ca: http://identi.ca/jkeating -- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
