View Issue Details

IDProjectCategoryView StatusLast Update
0014483Buildsyscommunity buildsyspublic2018-05-21 10:49
Status acknowledgedResolutionopen 
Summary0014483: Please GPG sign repository metadata for CBS repositories
DescriptionI've been trying to get the CentOS SIG repositories enabled in the
openSUSE Build Service.

Last week, I started working with Adrian Schröter (who manages the CentOS configurations on the openSUSE Build Service and is one of the OBS developers and administrators) on getting this done, and the issue right now is that there's
no way to securely validate the repodata.

OBS supports two ways:

1. Validating repodata from a mirror using the copy on the master
server fetched through HTTPS.

2. Validating repodata through GPG-signed repodata (signed repomd.xml)

While the base repositories do the latter, none of the repositories
produced through CBS do, and _nothing_ currently does the former.

Based on discussions with Arrfab on #centos-devel, it seems like it'd make sense to do GPG signing of repodata for all CBS repos automatically.

Can we please have this soon, so that everything can be wired up?
Additional InformationReference ML topic:

openSUSE ticket:
TagsNo tags attached.


2018-02-26 12:46

administrator   ~0031322

I have this scoped up, hoping to have this live mid March's time frame.


2018-02-26 14:27

administrator   ~0031323

Per's @kbsingh note, acknowledged now


2018-03-25 04:47

reporter   ~0031502

Any progress on this? It's nearly the end of March, and I'm wondering on the progress on this issue...


2018-04-11 14:17

reporter   ~0031601

Ping... Any progress? It's nearly mid-April now...


2018-04-27 13:50

reporter   ~0031685

Ping... It's nearly the end of April, any progress?


2018-05-10 06:56

reporter   ~0031739

Ping... It looks like CentOS 7.5 is now released, and GPG signed repodata is still not available...?


2018-05-21 10:49

reporter   ~0031881

So it looks like it's up for CentOS 7, but not yet CentOS 6...?

Issue History

Date Modified Username Field Change
2018-02-12 14:43 ngompa New Issue
2018-02-24 18:00 arrfab Note Added: 0031314
2018-02-26 10:26 TrevorH Relationship added has duplicate 0014530
2018-02-26 10:27 TrevorH Relationship added has duplicate 0014531
2018-02-26 12:32 arrfab Relationship deleted has duplicate 0014530
2018-02-26 12:33 wolfy Relationship deleted has duplicate 0014531
2018-02-26 12:46 Note Added: 0031322
2018-02-26 14:27 arrfab Status new => acknowledged
2018-02-26 14:27 arrfab Note Added: 0031323
2018-03-25 04:47 ngompa Note Added: 0031502
2018-04-11 14:17 ngompa Note Added: 0031601
2018-04-27 13:50 ngompa Note Added: 0031685
2018-05-10 06:56 ngompa Note Added: 0031739
2018-05-21 10:49 ngompa Note Added: 0031881