Greetings to all,
I have looked through the documentation, along with the output of hammer --help, but I am not seeing of a way for us to sign RPM packages automatically somehow on upload to Katello.
It would be cool to use the Hammer CLI, the Katello UI or the Katello API to sign packages when we upload them to a custom, in house repo we use.
This would be a nice to have feature if it doesn’t already exist. We understand that the Content Credentials for the GPG keys are used to verify the integrity of the package when a client goes to install them via YUM. Hoping there is a way to use GPG Keys in Content Credentials to sign packages as they are uploaded to Katello.
Foreman and Proxy versions:
Distribution and version:
Other relevant data:
Right now we use Koji to create custom RPM’s, sign them and then we have a sync job to pull from Koji into Katello. We are looking to replace Koji and integrate the creation of RPM’s with a Bamboo job and are hoping to leverage Katello in that Pipeline.