mrutkows closed pull request #184: Add the explanation to the PGP key configuration URL: https://github.com/apache/incubator-openwhisk-release/pull/184
This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/docs/sign_artifacts.md b/docs/sign_artifacts.md index 2d7758c..620b929 100644 --- a/docs/sign_artifacts.md +++ b/docs/sign_artifacts.md @@ -24,7 +24,7 @@ Each package needs to be accompanied by cryptographic signatures according to Ap ## Generate the PGP key pair You can either follow the [online PGP instruction](https://support.symantec.com/en_US/article.HOWTO41935.html) to generate the PGP key for your environment, or use our script to -generate for you. First, you need to config _pgp_key_gen.conf_ under the folder _tools_. Make sure you have the proper +generate for you. First, you need to config [_pgp_key_gen.conf_](../tools/pgp_key_gen.conf) under the folder _tools_. Make sure you have the proper Name-Real, Name-Comment, Name-Email, and Passphrase for your key. You do not need to change Key-Type, Key-Length, and Expire-Date. Run the following script under the folder _tools_: @@ -32,6 +32,16 @@ Expire-Date. Run the following script under the folder _tools_: $ ./generate_pgp_key.sh ``` +The configuration to generate PGP key pair needs to be associated with an identity. We use the following fields to define the identity: + +* **Name-Real:** the field to specify the name of the key with the default value OpenWhisk Release Bot. +* **Name-Comment:** the field to specify the description of the key. +* **Name-Email:** the field to specify the email address of the key. +* **Passphrase:** the field to specify the passphrase of the key. +* **Key-Type:** the field to specify the type of the key. The default value is RSA. +* **Key-Length:** the field to specify the length of the key. The default value is 4096. +* **Expire-Date:** the field to specify the expiration date of the key. The default value is 0, meaning the key will never expire. + ## Sign the artifacts: All the artifacts can be signed by running the following script under _tools_: diff --git a/tools/install_dependencies.sh b/tools/install_dependencies.sh index 74489b3..eeab195 100755 --- a/tools/install_dependencies.sh +++ b/tools/install_dependencies.sh @@ -23,6 +23,7 @@ if [ $sysOS == "Darwin" ];then echo "This is MacOS." brew install jq brew install gpg + brew install wget elif [ $sysOS == "Linux" ];then echo "This is Linux." if [ -f /etc/lsb-release -o -d /etc/lsb-release.d ]; then @@ -32,7 +33,7 @@ elif [ $sysOS == "Linux" ];then fi if [ $DISTRO == "Ubuntu" ];then echo "This is Ubuntu." - sudo apt-get install jq gnupg expect + sudo apt-get install jq gnupg expect wget fi else echo "Other OS: $sysOS. Please manually install jq library." ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services