fix(ci): import public key for checksig and force dist tag override
All checks were successful
poll-upstream / check (push) Successful in 1s
All checks were successful
poll-upstream / check (push) Successful in 1s
Import the GPG public key into rpm's keyring so rpm --checksig can verify signatures. Also use --undefine dist before --define to ensure the CLI value overrides the system macro on the build host. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -100,6 +100,7 @@ jobs:
|
|||||||
rpmbuild -bb rpm/mistralrs.spec \
|
rpmbuild -bb rpm/mistralrs.spec \
|
||||||
--define "mistralrs_version ${version}" \
|
--define "mistralrs_version ${version}" \
|
||||||
--define "mistralrs_flavour ${{ matrix.name }}" \
|
--define "mistralrs_flavour ${{ matrix.name }}" \
|
||||||
|
--undefine dist \
|
||||||
--define "dist .fc${{ matrix.fedora_version }}"
|
--define "dist .fc${{ matrix.fedora_version }}"
|
||||||
env:
|
env:
|
||||||
TAG: ${{ inputs.tag }}
|
TAG: ${{ inputs.tag }}
|
||||||
|
|||||||
@@ -5,6 +5,9 @@ RPM_DIR="${1:?usage: $0 <rpm-directory>}"
|
|||||||
: "${FEDORA_VERSION:?}"
|
: "${FEDORA_VERSION:?}"
|
||||||
REMOTE_DIR="/var/www/rpm/fedora/${FEDORA_VERSION}/x86_64"
|
REMOTE_DIR="/var/www/rpm/fedora/${FEDORA_VERSION}/x86_64"
|
||||||
|
|
||||||
|
# import the public key into rpm's keyring for verification
|
||||||
|
gpg --export --armor "$(rpm --eval '%{_gpg_name}')" | rpm --import /dev/stdin
|
||||||
|
|
||||||
# sign each rpm with the imported gpg key
|
# sign each rpm with the imported gpg key
|
||||||
for rpm in "${RPM_DIR}"/*.rpm; do
|
for rpm in "${RPM_DIR}"/*.rpm; do
|
||||||
echo "signing ${rpm}..."
|
echo "signing ${rpm}..."
|
||||||
|
|||||||
Reference in New Issue
Block a user