Ühel kenal päeval, L, 30.06.2018 kell 15:33, kirjutas Rich Freeman: > On Sat, Jun 30, 2018 at 12:50 PM Nikos Chantziaras <rea...@gmail.com> > wrote: > > > > On 30/06/18 19:15, Rich Freeman wrote: > > > > > > If you are using git syncing I believe that portage will verify > > > that > > > the top commit (which is the only one that really matters) is > > > using a > > > trusted key if you put the following line in repos.conf for the > > > repository: > > > sync-git-verify-commit-signature = true > > > > > > Obviously this only works with repositories signed by one of the > > > Gentoo keys. > > > > When using git to sync portage, aren't you supposed to use: > > > > git://anongit.gentoo.org/repo/sync/gentoo.git > > > > anyway instead of GitHub? > > > > A few comments there: > > 1. That particular repository isn't ideal since it lacks metadata. > You'll benefit from the better performance of git vs rsync, but > you'll > lose out regenerating the cache. It is of course the right place to > pull for patches/etc. > 2. The gentoo-mirror stable branch that benefits from CI+metadata > isn't available on Gentoo infra as far as I'm aware.
That repo/sync/gentoo.git is EXACTLY that. Same thing as gentoo-mirror on GH. Has metadata cache and is pushed only to if CI passes. I think the underlying setup just pushes to both gentoo-mirror and there now. Note the /sync/ in path, it's not the main tree devs push to. Mart
signature.asc
Description: This is a digitally signed message part
