doc: split and add checks to issue templates according to responsibilities

Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
This commit is contained in:
Levente Polyak 2021-04-29 19:37:44 +02:00
parent 71a5af7f18
commit feab8a68eb
No known key found for this signature in database
GPG Key ID: FC1B547C8D8172C8
2 changed files with 35 additions and 2 deletions

View File

@ -26,11 +26,29 @@ https://www.gnupg.org/gph/en/manual/x135.html
## Checks ## Checks
### New key owner
- [ ] The [workflow for adding a new main - [ ] The [workflow for adding a new main
key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-main-key) key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-main-key)
has been followed has been followed
- [ ] The key pair has been validated according to the [best
practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- [ ] The data in the [Details](#details) section is attached to this issue as - [ ] The data in the [Details](#details) section is attached to this issue as
a clearsigned document a clearsigned document
- [ ] The revocation certificate holder verified the revocation certificate as - [ ] The revocation certificate has been sent in an encrypted message to the
working in a comment to this issue revocation certificate holder
- [ ] The public key has been uploaded to the SKS infrastructure - [ ] The public key has been uploaded to the SKS infrastructure
### Keyring maintainer
- [ ] The key pair has been validated according to the [best
practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- [ ] The data in the [Details](#details) section is correct and signed with a
valid and trusted packager key, which is part of `pacman-key`
### Revocation Certificate Holder
- [ ] The revocation certificate has been [verified
as working](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/verify-a-revocation-certificate)
and confirmed in a comment to this issue
- [ ] The revocation certificate has been backed up in a dedicated encrypted backup storage

View File

@ -33,10 +33,25 @@ needs to do the signature.
## Checks ## Checks
### New key owner
- [ ] The [workflow for adding a new packager - [ ] The [workflow for adding a new packager
key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-packager-key) key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-packager-key)
has been followed has been followed
- [ ] The key pair contains one user ID with a valid `<username>@archlinux.org` email address
used for signing
- [ ] The key pair has been validated according to the [best
practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- [ ] The data in the [Details](#details) section is attached to this issue as - [ ] The data in the [Details](#details) section is attached to this issue as
a clearsigned document a clearsigned document
- [ ] The public key has been uploaded to the SKS infrastructure - [ ] The public key has been uploaded to the SKS infrastructure
- [ ] The public key has been signed by at least three valid main keys - [ ] The public key has been signed by at least three valid main keys
### Keyring maintainer
- [ ] The key pair contains one user ID with a valid `<username>@archlinux.org` email address
used for signing
- [ ] The key pair has been validated according to the [best
practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- [ ] The data in the [Details](#details) section is correct and signed with a
valid and trusted packager key, which is part of `pacman-key`