Include:Abuild-keygen
For abuild a public/private rsa key pair is needed. abuild-keygen does the generation of those keys for you.
abuild-keygen -a -i
abuild-keygen options
- -a Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
- -i Install public key into /etc/apk/keys using sudo
- -h Show this help
- -n Non-interactive. Use defaults
- -q Quiet mode
Creating keys manually
In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use abuild-keygen
.
Since the public key needs to be unique for each developer, the email address should be used as name for the public key.
Create the private key:
openssl genrsa -out emailaddress.priv 2048
Create the public key:
openssl rsa -in emailaddress.priv -pubout -out /etc/apk/keys/emailaddress
The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developer's public keys should be in /etc/apk/keys on all Alpine boxes.