pulp
Check package signature before signing it
Is your feature request related to a problem? Please describe. We plan to start using package signing in Pulp but I think some of our users will still prefer to sign their own packages before uploading them to Pulp.
Describe the solution you'd like Ideally, Pulp would check if the package is signed with the repo's package key before attempting to sign it. If it already is signed correctly, it would just use the package instead of signing it.
Currently sign_and_create doesn't "know" an uploaded file is an RPM until after it's signed it. We'd need to teach the current signing-path how to dig the incoming-RPM's fingerprint out of the binary and check. At that point - general-create already handles "don't sign me".
