RFE: better UX for key/keyfile

[ktdreyer]

Right now users have to specify something like:

merfi rpm-sign --key beta2 Ceph-1.3.1-Ubuntu-x86_64-20151104.t.0 --keyfile /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta

This requires the user to know the exact signing key name (eg "beta2"), and the path to the corresponding public key file.

it would be even easier if a user could just specify a keypair, like:

merfi rpm-sign --keypair beta Ceph-1.3.1-Ubuntu-x86_64-20151104.t.0

And maybe keypairs could be defined in $HOME/.merfi.conf?

[alfredodeza]

agreed, we really need a conf file, because we also need that stuff for defining strategies for signing e.g. rpm-sign flags, special gpg flags for signing rpms/debs

[ktdreyer]

I looked into using ConfigParser for this feature, but I think we'll want something that is more hierarchical like YAML.

So $HOME/.merfi.yml would look like this:

keypairs:
  beta:
    key: beta2
    keyfile: /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
  gold:
    key: redhatrelease2
    keyfile: /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

This gives us flexibility to add anything else later on.

[rhartman93]

json could produce a similar result, not sure on the pros and cons of yaml vs json but just a thought

[alfredodeza]

I think we can just do Python. I agree that ConfigParser would be really bad for this use case. I don't mind YAML either.

[ktdreyer]

We don't need this any more for merfi. I've opened a separate ticket to have the Ubuntu compose tool call merfi directly. https://github.com/red-hat-storage/rhcephcompose/issues/10