fix(ci): use gpg-agent loopback instead of custom rpmsign command#4
Merged
fix(ci): use gpg-agent loopback instead of custom rpmsign command#4
Conversation
The custom %__gpg_sign_cmd macro corrupted RPM signature headers, causing "error opening package" on install. Replace with gpg-agent loopback pinentry config and let rpmsign use its default signing command. Add rpm -K verification step to catch signing failures early.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
%__gpg_sign_cmdmacro from fix(ci): sign individual RPM packages to pass gpgcheck #3 corrupted RPM signature headers, changing the error from "package not signed" to "error opening package"gpg-agentloopback pinentry configuration, lettingrpmsignuse its default signing commandrpm -Kverification step after signing to catch failures before publishingChanges
~/.gnupg/gpg-agent.confwithallow-loopback-pinentryand restart agent~/.rpmmacrosto only%_gpg_name(removed broken%__gpg_sign_cmd)rpm -K