From e720df320b0400168bed64b71f179bf28b9a9db0 Mon Sep 17 00:00:00 2001
From: Tomas Kopecek <tkopecek@redhat.com>
Date: Thu, 24 Mar 2022 12:57:10 +0100
Subject: [PATCH] doc: clarify rpm imports

Related: https://pagure.io/koji/issue/3281
---
 docs/source/server_bootstrap.rst |  8 +++++++-
 docs/source/signing.rst          | 12 ++++++++++--
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/docs/source/server_bootstrap.rst b/docs/source/server_bootstrap.rst
index a39c3168..a1534706 100644
--- a/docs/source/server_bootstrap.rst
+++ b/docs/source/server_bootstrap.rst
@@ -12,7 +12,7 @@ Koji repo administration daemon (``kojira``) is properly configured and
 running, and at least one Koji builder (``kojid``) is properly
 configured and running. All koji cli commands assume that the user is a
 Koji *admin*. If you need help with these tasks, see the
-`ServerHowTo <Koji/ServerHowTo>`__ .
+:doc:`ServerHowTo <server_howto>`.
 
 -  Download all source rpms and binary rpms for the arches you're
    interested in
@@ -29,6 +29,12 @@ the need to upload them to the hub and **very significantly** increasing
 import speed. When using ``--link``, you must run as root. It is
 **highly** recommended that you use ``--link``.
 
+If an imported rpm contains an rpm signature, the import does not automatically
+write out a signed copy for that signature. The primary copy will be the signed
+rpm, and the signature will be noted. If a signed copy is desired (e.g. for
+generating :doc:`distrepos <exporting_repositories>`), you can use the koji
+write-signed-rpm command.
+
 -  Import all binary rpms using the same method as above
 
 -  Create a new tag
diff --git a/docs/source/signing.rst b/docs/source/signing.rst
index 5bbcd961..bcf2a7d4 100644
--- a/docs/source/signing.rst
+++ b/docs/source/signing.rst
@@ -74,8 +74,8 @@ A lower-level command that shows the signature on an RPM file (the
 Learn more about RPM signatures and digests in `RPM's reference manual
 <https://rpm-software-management.github.io/rpm/manual/signatures_digests.html>`_.
 
-Uploding signed RPMs to Koji
-----------------------------
+Uploading signed RPMs to Koji
+-----------------------------
 
 Koji does not sign RPMs. Instead, Koji imports RPMs that are signed with a separate key.
 
@@ -95,6 +95,14 @@ The ``koji import-sig`` command uploads the signed RPM headers to the Koji
 Hub, which stores the headers on disk alongside the main unsigned RPM.
 It also writes out a full signed RPM.
 
+Another variant is to import whole signed rpms (e.g. during :doc:`bootstrapping
+<server_bootstrap>` via ``koji import`` command.) If such an imported rpm
+contains an rpm signature, the import does not automatically write out a signed
+copy for that signature (in contrast with ``import-sig``). The primary copy will
+be the signed rpm, and the signature will be noted. If a signed copy is desired
+(e.g. for generating :doc:`distrepos <exporting_repositories>`), you can use the
+koji write-signed-rpm command.
+
 Downloading a signed RPM from Koji
 ----------------------------------