Feat: add gpg sign to packages #1

New Issue

Closed

opened 2025-07-27 22:02:51 +08:00 by ytshih · 1 comment

ytshih commented 2025-07-27 22:02:51 +08:00

Owner

Copy Link

rt

https://wiki.archlinux.org/title/Pacman/Package_signing#Adding_unofficial_keys

gpg --full-gen-key
gpg --export --armor --output my_public_key.asc YOUR_KEY_ID

sudo pacman-key --add my_public_key.asc
sudo pacman-key --lsign-key YOUR_KEY_ID # locally sign this key

makepkg --sign
repo-add --verify --sign /path/to/your_repo/your_repo.db.tar.gz /path/to/your_package.pkg.tar.zst

rt https://wiki.archlinux.org/title/Pacman/Package_signing#Adding_unofficial_keys ```bash gpg --full-gen-key gpg --export --armor --output my_public_key.asc YOUR_KEY_ID sudo pacman-key --add my_public_key.asc sudo pacman-key --lsign-key YOUR_KEY_ID # locally sign this key makepkg --sign repo-add --verify --sign /path/to/your_repo/your_repo.db.tar.gz /path/to/your_package.pkg.tar.zst ```

ytshih commented 2025-07-28 04:13:08 +08:00

Author

Owner

Copy Link

done

done

ytshih closed this issue 2025-07-28 04:13:10 +08:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

ytshih

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Action/archbuild#1