RFE: allow urls for rpm-sign's --keyfile

ceph / merfi

Finds and signs files with different signing tools (gpg, rpm-sign)

MIT License

3 stars 3 forks source link

RFE: allow urls for rpm-sign's --keyfile #49

Open ktdreyer opened 7 years ago

ktdreyer commented 7 years ago

@ahills suggested today that we allow merfi rpm-sign --keyfile to optionally pull a pubkey directly over an HTTP(S) URL. Currently the public key file has to be a file on local disk.

ahills commented 7 years ago

Another option to consider: using the - pseudofilename to read from stdin. Then I could, e.g.,

$ curl https://secure.org/pubkey.txt | merfi rpm-sign --key secure_org --keyfile -

This way, merfi doesn't need to handle SSL complexity, among other concerns.