[Tails-dev] Please review'n'merge feature/Sign_jenkins_build…

Nachricht löschen

Nachricht beantworten
Autor: bertagaz
Datum:  
To: tails-dev
Betreff: [Tails-dev] Please review'n'merge feature/Sign_jenkins_builds_artifacts
Hi,

The "feature/Sign_jenkins_builds_artifacts" branch add the ability to our
build-tails script to automatically sign the build result when run in a
jenkins environment.

It has been merged into the experimental branch of lizard's Tails repo,
and tested on jenkins.tails.boum.org. The result can be checked on
nightly.tails.boum.org.

Ticket : #6267 - Add checksum signing ability to the Tails build script
Commit : 31be69f

Please merge this branch in experimental, devel, stable, testing and
feature/wheezy if happy with it.


This change goes together with two changes in our puppet modules:

A new one has been created to deploy the gnupg keyring in our autobuilder
VM on lizard, and has been reviewed already by intrigeri.

Another change in our puppet setup is related to our rotation script,
which needed to be aware that it needs to take care of two new files
(*.iso.shasum and *.iso.shasum.asc). This last change can be checked in
our main puppet git repo for lizard

Ticket : #6268 - Adapt the Jenkins artifacts rotation script
Commit : fdecb95 and 6eef9d6

If happy with them, the reviewer can also push the new signing key on the
keyserver. It has already been signed by our main signing key.
If not, I can take care of that.

Thanks

bert.