You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "mck (JIRA)" <ji...@apache.org> on 2019/01/08 22:40:00 UTC
[jira] [Commented] (CASSANDRA-14968) Investigate GPG signing of deb
and rpm repositories via bintray
[ https://issues.apache.org/jira/browse/CASSANDRA-14968?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16737603#comment-16737603 ]
mck commented on CASSANDRA-14968:
---------------------------------
I don't think ASF permits/encourages shared (or even uploaded?) private keys? This needs to be checked.
> Investigate GPG signing of deb and rpm repositories via bintray
> ---------------------------------------------------------------
>
> Key: CASSANDRA-14968
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14968
> Project: Cassandra
> Issue Type: Bug
> Reporter: Michael Shuler
> Priority: Major
> Labels: packaging
>
> Currently, the release manager uploads debian packages and built/signed metadata to a generic bintray repository. Perhaps we could utilize the GPG signing feature of the repository, post-upload, via the bintray GPG signing feature.
> https://www.jfrog.com/confluence/display/BT/Managing+Uploaded+Content#ManagingUploadedContent-GPGSigning
> Depends on CASSANDRA-14967
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org