condorcore-keyring/README.md

# archlinux-keyring

The archlinux-keyring project holds PGP packet material and tooling
(`keyringctl`) to create the distribution keyring for Arch Linux.
The keyring is used by pacman to establish the web of trust for the packagers
of the distribution.

The PGP packets describing the main signing keys can be found below the
[keyring/main](keyring/main) directory, while those of the packagers are located below the
[keyring/packager](keyring/packager) directory.

## Requirements

The following packages need to be installed to be able to create a PGP keyring
from the provided data structure and to install it:

* make
* python
* sequoia-sq

## Usage

Import of a new packager key

```bash
./keyringctl import <username>.asc
# alternatively override the username otherwise derived from the filename
./keyringctl import --name <username> <file>
```

Updates to existing packager keys

```bash
# username is automatically derived from the fingerprint
./keyringctl import <file_or_directory>...
```

Import of a new main key

```bash
# same options as packager key except mandatory --main
./keyringctl import --main <username>.asc
```

## Installation

To install archlinux-keyring system-wide use the included `Makefile`:

```bash
make install
```

## Contribute

Read our [contributing guide](CONTRIBUTING.md) to learn more about guidelines and
how to provide fixes or improvements for the code base.

## Releases

[Releases of
archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/tags)
are created by its current maintainer [Christian
Hesse](https://gitlab.archlinux.org/eworm). Tags are signed using the PGP key
with the ID `02FD1C7A934E614545849F19A6234074498E9CEE`.

To verify a tag, first import the relevant PGP key:

```bash
gpg --auto-key-locate wkd --search-keys eworm@archlinux.org
```

Afterwards a tag can be verified from a clone of this repository:

```bash
git verify-tag <tag>
```

## License

Archlinux-keyring is licensed under the terms of the **GPL-3.0-or-later** (see
[LICENSE](LICENSE)).
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`# archlinux-keyring`
Add README Include a readme with steps how to add/remove/update a key in the keyring and how to release a new keyring version. Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-03-22 04:15:59 -06:00
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`The archlinux-keyring project holds PGP packet material and tooling`
			(`keyringctl`) to create the distribution keyring for Arch Linux.
			`The keyring is used by pacman to establish the web of trust for the packagers`
			`of the distribution.`
Add README Include a readme with steps how to add/remove/update a key in the keyring and how to release a new keyring version. Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-03-22 04:15:59 -06:00
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`The PGP packets describing the main signing keys can be found below the`
feature(keyringctl): move main/packager folders to isolated keyring dir This helps to structure the layout of the repository better by having one root folder that contains the actual decomposed keyring structure. 2021-10-19 18:41:04 -05:00			`[keyring/main](keyring/main) directory, while those of the packagers are located below the`
			`[keyring/packager](keyring/packager) directory.`
Add README Include a readme with steps how to add/remove/update a key in the keyring and how to release a new keyring version. Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-03-22 04:15:59 -06:00
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`## Requirements`
Add README Include a readme with steps how to add/remove/update a key in the keyring and how to release a new keyring version. Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-03-22 04:15:59 -06:00
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`The following packages need to be installed to be able to create a PGP keyring`
			`from the provided data structure and to install it:`
README: Document the revocation of a packager key Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-10-03 13:17:40 -05:00
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			`* make`
			`* python`
			`* sequoia-sq`
README: Document the revocation of a packager key Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-10-03 13:17:40 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`## Usage`
Add README Include a readme with steps how to add/remove/update a key in the keyring and how to release a new keyring version. Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> 2018-03-22 04:15:59 -06:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`Import of a new packager key`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
			```bash
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`./keyringctl import <username>.asc`
			`# alternatively override the username otherwise derived from the filename`
			`./keyringctl import --name <username> <file>`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00			```

fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`Updates to existing packager keys`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			```bash
			`# username is automatically derived from the fingerprint`
feature(keyringctl): support importing multiple paths Lets pass in a list of path's and reduce them to one set of path iterables. This allows us to specify multiple source files/directories 2021-10-20 13:15:42 -05:00			`./keyringctl import <file_or_directory>...`
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			```
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`Import of a new main key`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			```bash
			`# same options as packager key except mandatory --main`
			`./keyringctl import --main <username>.asc`
			```
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`## Installation`

			To install archlinux-keyring system-wide use the included `Makefile`:

			```bash
			`make install`
			```

			`## Contribute`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-10-20 13:13:48 -05:00			`Read our [contributing guide](CONTRIBUTING.md) to learn more about guidelines and`
			`how to provide fixes or improvements for the code base.`
README: Add new default sections and cleanup README.md: Add a short purpose introduction. Add requirements, installation, contribution, releases and license sections. 2021-10-16 12:22:38 -05:00
			`## Releases`

			`[Releases of`
			`archlinux-keyring](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/tags)`
			`are created by its current maintainer [Christian`
			`Hesse](https://gitlab.archlinux.org/eworm). Tags are signed using the PGP key`
			with the ID `02FD1C7A934E614545849F19A6234074498E9CEE`.

			`To verify a tag, first import the relevant PGP key:`

			```bash
			`gpg --auto-key-locate wkd --search-keys eworm@archlinux.org`
			```

			`Afterwards a tag can be verified from a clone of this repository:`

			```bash
			`git verify-tag <tag>`
			```

			`## License`

			`Archlinux-keyring is licensed under the terms of the GPL-3.0-or-later (see`
			`[LICENSE](LICENSE)).`