Hello, I am looking into setting up my own local rpm repository with some specifics "features". I have a setup mirroring the amazon main repo which is done every day through a cronjob running reposync. I would like to have a second local repository to where I would sync manually the content of my local amazon repo.
So QA team could use the local amazon repo and once they validate it, they could push it manually to the production repo. I would like to ensure that the content of the production repo comes from a manual push by the QA team. I was thinking of using a file in the repo that the QA team would have to sign with their private key and then we would use their public key to verify if it was validated. Since I can't do that with all rpms files. I have been googling this to have an idea of best practices but I did not find much.
TLDR: azmn-main -> qa (mirror) -> manual push -> prod Do you have any advice? Cheers.
[link][1 comment]