1 |
On 09 Aug 2015 04:16, Ryan Hill wrote: |
2 |
> On Sun, 9 Aug 2015 05:36:16 +0000 "Robin H. Johnson" wrote: |
3 |
> > On Sat, Aug 08, 2015 at 05:47:14PM +0000, Robin H. Johnson wrote: |
4 |
> > > On Thu, Jul 02, 2015 at 09:39:52PM +0000, Robin H. Johnson wrote: |
5 |
> > > > 2015/08/08 15:00 UTC - Freeze |
6 |
> > > > 2015/08/08 19:00 UTC - Git commits open for developers |
7 |
> > This is going live in a few minutes. There was a lot of delays and snags |
8 |
> > that were hit. QA has a lot of reviewing to do of in-tree patches with |
9 |
> > long-standing CVS keyword damage. gkeys is also not sufficiently baked, |
10 |
> > so we're using some scripting for now instead [1]. |
11 |
> > |
12 |
> > The new setup DOES enforce that commits AND pushes are signed. |
13 |
> > |
14 |
> > I'm only 90% sure that everything works, but I've spent almost the |
15 |
> > entire day on it, and there's more to go tomorrow. |
16 |
> > |
17 |
> > Other old CVS repos are still closed for the moment, they will re-open |
18 |
> > tomorrow. |
19 |
> |
20 |
> So for someone who hasn't been following any of this, is there an idiot's guide |
21 |
> on how make the Gentoo? |
22 |
|
23 |
Robin's set of insns had everything i needed to get going, and i've never |
24 |
done git signing before |
25 |
|
26 |
the only thing to note is that our documentation has generally said you |
27 |
should generate a dedicated key for signing (with a short expiration), |
28 |
but the set of gpg keys in ldap generally have been your long-lived key |
29 |
that you use for e-mail/etc... so if you followed that, your ebuild key |
30 |
won't be in ldap (so add it using the ldap wiki guide), and you'll have |
31 |
to wait for the keys to be synced by infra before you can push. |
32 |
|
33 |
what were you having trouble with ? |
34 |
-mike |