gcp-pkgbuild icon indicating copy to clipboard operation
gcp-pkgbuild copied to clipboard

Published 20 hours ago verified publisher icon kolide

sign packages

Open groob opened this issue 6 years ago • 0 comments

Reference: https://mackyle.github.io/xar/howtosign.html#howto Example: https://hub.docker.com/r/bruienne/pkgsign/

Using an encrypted key: https://cloud.google.com/container-builder/docs/securing-builds/use-encrypted-secrets-credentials

For this step I would encrypt the Apple Developer Certificate and place it in a storage bucket, and the use the gsutil builder to pull it into repo and decrypt with kms before signing.

groob avatar Dec 26 '17 02:12 groob