Home > Interesting > Delivering RPM packages securely and continuously with Jenkins and Hashicorp Vault

Delivering RPM packages securely and continuously with Jenkins and Hashicorp Vault

When you publicly deliver more than eight releases a day—like we do for our software—making sure that users can verify the authenticity of the deliverables becomes a challenge. Over the past few weeks we have modified our Jenkins build pipelines to GPG sign every RPM package we deliver, thus enhancing the level of security we bring to every user.

Why GPG signing RPM packages is important?

Read the full article…

Advertisements
Categories: Interesting Tags:
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: