feat(CLDX-82): add checksum signing step #593
Conversation
|
Hi @swickersh. Thanks for your PR. I'm waiting for a konflux-ci member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
swickersh
force-pushed
the
checksum_signing
branch
3 times, most recently
from
2d71182
to
4254c0e
Compare
swickersh
force-pushed
the
checksum_signing
branch
from
4254c0e
to
40b1b32
Compare
Yes, I don't see any reason to not go ahead and get it reviewed/merged. |
swickersh
force-pushed
the
checksum_signing
branch
from
40b1b32
to
7c65f77
Compare
This commit adds a step to the sign-binaries task to generate the sha256 sums of all the signed binaries and collect them in a single file (sha256sum.txt). It then transfers the file to a remote host to be signed with Red Hat's GPG key. The detached signatures are returned and released alongside binaries in subsequent tasks to the RH Developer Portal. Signed-off-by: Scott Wickersham <[email protected]>
swickersh
force-pushed
the
checksum_signing
branch
from
7c65f77
to
8915d1b
Compare
This commit adds a step to the sign-binaries task to generate the sha256 sums of all the signed binaries and collect them in a single file (sha256sum.txt).
It then transfers the file to a remote host to be signed with Red Hat's GPG key. The detached signatures are returned and released alongside binaries in subsequent tasks to the RH Developer Portal.