Could you explain the reasoning for a 'public.key' file?
In the case of the AptReleaseSigningService we built for pulp_deb we saw zero need for this file and consequently did not add it in. (It would not be hard to add it just to satisfy the interface, it just would not serve any useful purpose.) Since we are on the topic of signing services, a colleague has had a PR relating to them just sitting their waiting for a review for quite a while now ;-): https://github.com/pulp/pulpcore/pull/659 It would be great if you (or somebody else) could have a look at it. I believe it is mostly ready, but probably needs the eyes of an experienced pulp core developer to look over it and suggest style consistency changes and where and whether to add documentation. ;-) Quirin ________________________________ From: [email protected] <[email protected]> on behalf of Dennis Kliban <[email protected]> Sent: 04 May 2020 22:50:54 To: Pulp-dev <[email protected]> Subject: [Pulp-dev] signing service interface The Plugin API of Signing Services in Pulp 3 is too vague. I came to this conclusion while working with @lieter on an RPM plugin feature that allows users to download a repo config file from a distribution[0]. As a result, we decided to document that the signing service needs to produce a public key file named 'public.key'[1]. We should revisit the design of the signing service API to ensure that we enforce this naming convention. [0] https://pulp.plan.io/issues/5356 [1] https://github.com/pulp/pulp_rpm/pull/1687/files#diff-c91893c1f4e7afe73e414d1a76162463R30
_______________________________________________ Pulp-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-dev
