[GitHub] [incubator-pekko] mdedetrich commented on pull request #188: [DRAFT] Some rudimentary version of how releasing could work

["mdedetrich (via GitHub)" <gi...@apache.org>]

mdedetrich commented on PR #188:
URL: https://github.com/apache/incubator-pekko/pull/188#issuecomment-1431753183

   > GPG keys are provided from the outside of the container by providing access to the host gpg-agent. Alternatively, we could provide keys similarly as sbt-ci-release does it by actually providing the secret as an environment value. Both options don't seem super compelling. The use of gpg-agent at least provides the possibility to also use smartcards/yubikeys for signing automatically.
   
   This is more of a long term idea, but I always imagined using sbt-pgp directly rather than sbt-ci-release since sbt-pgp just wraps over gpg so there is no reason why it should have the same problems as sbt-ci-release. In fact I think in general sbt-ci-release is not really needed for pekko projects, the only functionality we use from it is sbt-dynver considering there is broad agreement on how to do a proper release which is not going to be via pushing a git tag.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@pekko.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@pekko.apache.org
For additional commands, e-mail: notifications-help@pekko.apache.org