lbr38
commented
1 month ago Can you give me the source URL, the release version and the architecture(s) you're trying to mirror please?
I'll see what I can do.
Closed JamesXNelson closed 1 month ago
lbr38
commented
1 month ago Can you give me the source URL, the release version and the architecture(s) you're trying to mirror please?
I'll see what I can do.
lbr38
commented
1 month ago Currently adding and testing two new settings that should help you handle rpm with invalid signature:
With three possible options:
This is working fine with adoptium repo. Should be available in the next release.
JamesXNelson
commented
1 month ago wow! you rock!!
Sorry I didn't get you those urls.
I'll make sure to pull this and try it out when we do the next scheduled mirroring.
JamesXNelson
commented
1 month ago for deb (the Release vs InRelease) bits:
https://packages.adoptium.net/artifactory/api/gpg/key/public
https://packages.adoptium.net/artifactory/deb jammy main
lbr38
commented
1 month ago Hello
Please update your docker image to the latest version 4.1.0
You will be able to skip rpms with missing/invalid signature by using the When package signature is missing and When package signature is invalid settings from the SETTINGS tab.
Let me know if it's all good.
Thanks!
lbr38
commented
1 month ago I guess this is OK
Closing
While mirroring temurin jdk from adoptium, we hit issues w/ some rpms that reliably failed signature checks.
Rather than break the whole mirror, it would be nice to have a checkbox to simply skip any files that failed their checks.
Obviously better to get upstream to not publish junk, but we live in an imperfect world. ^-^