Sign rpm packages

duritong opened this issue 6 years ago · 4 comments

duritong commented 6 years ago

Would be awesome if you would also sign the RPM packages with your key: https://blog.packagecloud.io/eng/2014/11/24/howto-gpg-sign-verify-rpm-packages-yum-repositories/

szepeviktor commented 6 years ago

You may send a PR: https://github.com/wp-cli/wp-cli-bundle/blob/master/utils/wp-cli-updaterpm.sh

schlessera commented 6 years ago

Not easily done right now as our automated systems don't yet include a secure why of providing a key for signing.

Related: wp-cli/wp-cli#4659

szepeviktor commented 6 years ago

automated systems don't yet include a secure way

Travis CI has secrets.

I think we use it here: https://github.com/wp-cli/wp-cli-bundle/blob/master/ci/deploy.sh#L24

bf-aagero commented 10 months ago

Has this issue been solved yet?