[Pulp-list] parameter --gpg-key from rpm repo create

Jeremy Cline jcline at redhat.com
Tue Sep 13 13:40:12 UTC 2016

On 09/09/2016 07:44 AM, Cristian Falcas wrote:
> Hello,
> What is the purpose of the "--gpg-key" parameter from create repo command?
> It is used to verify the upstream rpms or to sign the rpms after they are
> imported in pulp?

Hi Cristian,

`--gpg-key` looks like it should be the full path to the public portion
of the GPG key pair that signed the RPMs. It's then provided to the
consumer using the consumer feature of Pulp. It's not, as far as I know,
published over HTTPS.

The key looks like it's stored as a file on the consumer and yum's usual
GPG signature checking is used.

Jeremy Cline
XMPP: jeremy at jcline.org
IRC:  jcline

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20160913/6061df62/attachment.sig>

More information about the Pulp-list mailing list