This will enable artifact signing for apex uploads
sources gpg_import_key.sh which:
-installs gpg2
-imports key
-grabs proper key based on $NODE_NAME
only tries to sign if the key is correctly imported
otherwise it will skip signing and just do the upload
Keys have only been created for lf intel and ericsson labs
Keys are only unique per company
Master pubkey has not been sent to the key server
Or brought into the web of trust.
Lets see that this works as I expected rather than
having to go through the pain of revoking these keys.
Change-Id: Ifa4bc4e11407c53f8174f6c64945949bf66d6535
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Code Review / releng.git / commit