diff --git a/Makefile b/Makefile index e0a1c67..55b1d2f 100644 --- a/Makefile +++ b/Makefile @@ -21,9 +21,9 @@ ci: # will remove the beta 2 key from the trust relationship. The signature storage is a bucket # on GCS and on mirror.openshift.com. rhel: - keydir=$(shell mktemp -d -t keys); \ - cat keys/verifier-public-key-redhat-release > "$$keydir/verifier-public-key-redhat"; \ - cat keys/verifier-public-key-redhat-beta-2 >> "$$keydir/verifier-public-key-redhat"; \ + keydir=$(shell mktemp -d -t keys-XXXXXXXX); \ + #cat keys/verifier-public-key-redhat-release > "$$keydir/verifier-public-key-redhat"; \ + cat keys/verifier-public-key-redhat-beta-2 > "$$keydir/verifier-public-key-redhat"; \ echo "# Release verification against Official Red Hat keys" > \ manifests.rhel/0000_90_cluster-update-keys_configmap.yaml; \ oc create configmap release-verification -n openshift-config-managed \ diff --git a/manifests.rhel/0000_90_cluster-update-keys_configmap.yaml b/manifests.rhel/0000_90_cluster-update-keys_configmap.yaml index 2e27cd1..79a1d80 100644 --- a/manifests.rhel/0000_90_cluster-update-keys_configmap.yaml +++ b/manifests.rhel/0000_90_cluster-update-keys_configmap.yaml @@ -4,39 +4,6 @@ data: store-openshift-official-release: https://storage.googleapis.com/openshift-release/official/signatures/openshift/release store-openshift-official-release-mirror: https://mirror.openshift.com/pub/openshift-v4/signatures/openshift/release verifier-public-key-redhat: |- - pub 4096R/FD431D51 2009-10-22 - Key fingerprint = 567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51 - uid Red Hat, Inc. (release key 2) - - -----BEGIN PGP PUBLIC KEY BLOCK----- - Version: GnuPG v1.4.5 (GNU/Linux) - - mQINBErgSTsBEACh2A4b0O9t+vzC9VrVtL1AKvUWi9OPCjkvR7Xd8DtJxeeMZ5eF - 0HtzIG58qDRybwUe89FZprB1ffuUKzdE+HcL3FbNWSSOXVjZIersdXyH3NvnLLLF - 0DNRB2ix3bXG9Rh/RXpFsNxDp2CEMdUvbYCzE79K1EnUTVh1L0Of023FtPSZXX0c - u7Pb5DI5lX5YeoXO6RoodrIGYJsVBQWnrWw4xNTconUfNPk0EGZtEnzvH2zyPoJh - XGF+Ncu9XwbalnYde10OCvSWAZ5zTCpoLMTvQjWpbCdWXJzCm6G+/hx9upke546H - 5IjtYm4dTIVTnc3wvDiODgBKRzOl9rEOCIgOuGtDxRxcQkjrC+xvg5Vkqn7vBUyW - 9pHedOU+PoF3DGOM+dqv+eNKBvh9YF9ugFAQBkcG7viZgvGEMGGUpzNgN7XnS1gj - /DPo9mZESOYnKceve2tIC87p2hqjrxOHuI7fkZYeNIcAoa83rBltFXaBDYhWAKS1 - PcXS1/7JzP0ky7d0L6Xbu/If5kqWQpKwUInXtySRkuraVfuK3Bpa+X1XecWi24JY - HVtlNX025xx1ewVzGNCTlWn1skQN2OOoQTV4C8/qFpTW6DTWYurd4+fE0OJFJZQF - buhfXYwmRlVOgN5i77NTIJZJQfYFj38c/Iv5vZBPokO6mffrOTv3MHWVgQARAQAB - tDNSZWQgSGF0LCBJbmMuIChyZWxlYXNlIGtleSAyKSA8c2VjdXJpdHlAcmVkaGF0 - LmNvbT6JAjYEEwECACAFAkrgSTsCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAK - CRAZni+R/UMdUWzpD/9s5SFR/ZF3yjY5VLUFLMXIKUztNN3oc45fyLdTI3+UClKC - 2tEruzYjqNHhqAEXa2sN1fMrsuKec61Ll2NfvJjkLKDvgVIh7kM7aslNYVOP6BTf - C/JJ7/ufz3UZmyViH/WDl+AYdgk3JqCIO5w5ryrC9IyBzYv2m0HqYbWfphY3uHw5 - un3ndLJcu8+BGP5F+ONQEGl+DRH58Il9Jp3HwbRa7dvkPgEhfFR+1hI+Btta2C7E - 0/2NKzCxZw7Lx3PBRcU92YKyaEihfy/aQKZCAuyfKiMvsmzs+4poIX7I9NQCJpyE - IGfINoZ7VxqHwRn/d5mw2MZTJjbzSf+Um9YJyA0iEEyD6qjriWQRbuxpQXmlAJbh - 8okZ4gbVFv1F8MzK+4R8VvWJ0XxgtikSo72fHjwha7MAjqFnOq6eo6fEC/75g3NL - Ght5VdpGuHk0vbdENHMC8wS99e5qXGNDued3hlTavDMlEAHl34q2H9nakTGRF5Ki - JUfNh3DVRGhg8cMIti21njiRh7gyFI2OccATY7bBSr79JhuNwelHuxLrCFpY7V25 - OFktl15jZJaMxuQBqYdBgSay2G0U6D1+7VsWufpzd/Abx1/c3oi9ZaJvW22kAggq - dzdA27UUYjWvx42w9menJwh/0jeQcTecIUd0d0rFcw/c1pvgMMl/Q73yzKgKYw== - =zbHE - -----END PGP PUBLIC KEY BLOCK----- 4096R/F21541EB 2009-02-24 Red Hat, Inc. (beta key 2) -----BEGIN PGP PUBLIC KEY BLOCK-----