particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/tools/test-case-generators
History
Tomas Hozza f45bdf3fb3 Don't pass GPG keys for GCP repos and don't verify signatures on el9/c9s 
Google repositories use RSA/SHA1 for signing packages. However the SHA1
has been disabled by default on el9/c9s. Since osbuild-composer imports
GPG keys specified in the repository definition unconditionally, this
creates issues when installing rpms signed with the key by osbuild [1].

Remove GPG keys in all el9/c9s GCP repo definitions and disable GPG
signature verification until [2] is resolved.

[1] https://github.com/osbuild/osbuild/issues/991
[2] https://issuetracker.google.com/issues/223626963

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2022-04-14 19:07:31 +01:00
..
distro-arch-imagetype-map.json RHEL-84: add gce-rhui image type 2022-04-14 19:07:31 +01:00
format-request-map.json RHEL-86: add gce-rhui image type 2022-04-14 19:07:31 +01:00
generate-all-test-cases generate-all-test-cases: use make scratch for building RPMs 2021-12-20 14:52:45 +01:00
generate-test-cases tools: handle container env in generate-test-cases 2022-02-27 20:55:03 +00:00
repos.json Don't pass GPG keys for GCP repos and don't verify signatures on el9/c9s 2022-04-14 19:07:31 +01:00