Actually Quirin and I have also seen the difference, and we discussed, we should implement a combination, where you can specify on the repo-level but override the signing service with each publication. It is a little more work for a lot more convenience, imho. And of course it might be nice to see it handled as similarly as possible in both plugins.
On Thu, 19 Mar 2020 23:13:23 -0400 Dennis Kliban <dkli...@redhat.com> wrote: > RPM plugin allows users to define a signing service per repository. > All publications created from repository versions of that repository > are signed with that signing service. > > The Debian plugin requires the user to specify the signing service > each time a publication is created. The signing service foreign key > is stored with each publication. > > Even though the implementation in Debian requires the user to provide > the service href each time a publication is created, it seems like a > stronger model. The signing service associated with a repository can > change thus making it challenging to keep track of which signing > service was used to create a publication. > > We should change the behavior in the RPM plugin before we release this > feature.
pgpwvfzIiEFIi.pgp
Description: OpenPGP digital signature
_______________________________________________ Pulp-dev mailing list Pulp-dev@redhat.com https://www.redhat.com/mailman/listinfo/pulp-dev
