func-e icon indicating copy to clipboard operation
func-e copied to clipboard

Implement linux package signing

Open codefromthecrypt opened this issue 4 years ago • 1 comments

#395 removes linux package signing because it was broken and not noticed because it wasn't tested. Let's try again!

Notably, to know this works. the rpm and deb test scripts should verify signatures always, defaulting to the test ones.

Ex. https://github.com/goreleaser/nfpm/blob/39f5bf392d22c9284f45cb9f5c34c06c4901fef1/testdata/acceptance/rpm.dockerfile#L68-L76 https://github.com/goreleaser/nfpm/blob/39f5bf392d22c9284f45cb9f5c34c06c4901fef1/testdata/acceptance/deb.dockerfile#L67-L78

codefromthecrypt avatar Oct 10 '21 23:10 codefromthecrypt

note: it seems github CLI signs external to nfpm. I don't necessarily care whether signing is done inside nfpm or external to it. However, we should probably do that internal to our makefile as opposed to shell scripts pasted into yaml https://github.com/cli/cli/blob/trunk/.github/workflows/releases.yml

codefromthecrypt avatar Oct 10 '21 23:10 codefromthecrypt