search

Scalingo / apt-buildpack

BSD 3-Clause "New" or "Revised" License
1 stars 3 forks source link

Support for signed repos #9

Open Frzk opened 5 months ago

Frzk commented 5 months ago

The buildpack currently allows to add a repo, but there's no easy way to add a signed repo. Since these are more and more widespread, it would be nice to support them too.

EtienneM commented 1 day ago

There is currently a workaround for this. One can add trusted=yes when adding a repository in order to automatically trust he repository. For example:

:repo:deb [trusted=yes] https://cli.github.com/packages stable main

This still leads to a warning in the deployment logs:

W: GPG error: https://cli.github.com/packages stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059

But the repository is still usable.

EtienneM commented 1 day ago

In case we actually want to support the public key, here is a comment from someone who implemented it in a fork: https://github.com/heroku/heroku-buildpack-apt/issues/98#issuecomment-1589200325

Frzk commented 1 day ago

:exploding_head: :exploding_head: :exploding_head: I've never heard about such an option. We should really document it (at least).