Commit Graph

20 Commits

Author SHA1 Message Date
David Runge
68dbb8014a
Switch advertized key for dvzrv
Switch advertized key from C7E7849466FE2358343588377258734B41C31549 to
991F6E3F0765CF6295888586139B09DA5BF0D338, as the latter superseded the
former.
2023-05-29 13:33:14 +02:00
David Runge
470f854942
Add additional build dependencies pkgconf and systemd
README.md:
As we are dynamically deriving the target systemd system unit dir, we
require pkgconf and systemd during build time.
2022-07-29 14:37:20 +02:00
Levente Polyak
c1e08e6a61
readme: add list of all keyring maintainers that could issue releases
This declares a list of all legitimate keys.
2022-04-24 22:21:35 +02:00
Christian Hesse
8f08f113b9
README: fix formatting
Gitlab gets this right, but let's fix it for other markdown
implementations.
2022-01-11 13:19:24 +01:00
Levente Polyak
d0ea790c6a
fix(make): use proper dependency tracking for the build output
Declare the whole keyring data as well as the code as input dependency
for the build target. This way we can properly depend on the build
target for installation without forcing rebuilding on every invocation.

A rebuild will be triggered if either the keyring or the source code
creating the build output changes.

The directories are added to the source dependencies on purpose to
guarantee that changes like deleted files will result in a rebuild.

The mtime of the build directory is force updated on every run to allow
make to track the output artifacts mtime compared against the
dependencies.
2021-11-30 22:54:17 +01:00
Levente Polyak
a9e63edfa8
feature(keyringctl): adding ci command to verify newly added certs
Currently only newly added certificates will be checked against the
expectations as existing keys are not all fully compatible with those
assumptions.  New certificates are determined by using
$CI_MERGE_REQUEST_DIFF_BASE_SHA as the base,
2021-11-30 22:54:12 +01:00
Levente Polyak
9733fbafd8
feature(keyringctl): add verify command to check certificate expectation
This command checks certain expectations using sq and hokey, prints the
results to stdout and potentially exists non successfully.
2021-11-30 22:54:12 +01:00
Levente Polyak
5249453726
feature(keyringctl): support passing fingerprint as source
This helps make the CLI more useful by listing, exporting or inspecting
a specific fingerprint.
2021-11-30 22:54:11 +01:00
Levente Polyak
82254e0a36
feature(keyringctl): add inspect command to pretty print certificates
This command prints a new and pretty representation of the certificate
data to visualize the keyring and its signatures.
2021-11-30 22:54:11 +01:00
Levente Polyak
0168ce1db0
feature(keyringctl): add simple command to list all certificates 2021-11-30 22:54:11 +01:00
Levente Polyak
f6e3a4e94b
feature(keyringctl): use build command to create final artifacts
This allows an easy to use cli which invokes the export function to get
the keyring and uses the ownertrust and revoke functions to write all
artifacts into a target directory.
2021-11-30 22:54:10 +01:00
Levente Polyak
86747ecab7
feature(keyringctl): use the export command purely to export keyrings
This gives more control over the export command that may be useful to
export a single packager to import it into gpg. This will also give more
flexibility to chain this function to the future verify stage.

By default the command exports the whole keyring directory.
2021-11-30 22:54:10 +01:00
Levente Polyak
bc8c51749c
chore(doc): improve import usage section exmaples 2021-11-30 22:54:10 +01:00
Levente Polyak
74f317344f
feature(keyringctl): support importing multiple paths
Lets pass in a list of path's and reduce them to one set of path
iterables. This allows us to specify multiple source files/directories
2021-11-30 22:54:10 +01:00
Levente Polyak
1b1aa7f738
fix(doc): improve splitting topics across README.md and CONTRIBUTING.md 2021-11-30 22:54:09 +01:00
Levente Polyak
b91e8b983c
feature(keyringctl): move main/packager folders to isolated keyring dir
This helps to structure the layout of the repository better by having
one root folder that contains the actual decomposed keyring structure.
2021-11-30 22:54:09 +01:00
Levente Polyak
48e9bb67cb
chore(keyringctl): use singular for packager directory as well
So far we have used singular for all directories, lets keep that for the
packager directory as well.
2021-11-30 22:54:09 +01:00
David Runge
819e1adc37
README: Add new default sections and cleanup
README.md:
Add a short purpose introduction.
Add requirements, installation, contribution, releases and license
sections.
2021-11-30 22:54:07 +01:00
Jelle van der Waa
8b5b62910f README: Document the revocation of a packager key
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
2018-10-04 16:02:28 +02:00
Jelle van der Waa
182dab9197 Add README
Include a readme with steps how to add/remove/update a key in the
keyring and how to release a new keyring version.

Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
2018-06-26 20:55:52 +02:00