keys: add key for @sxa#2551
Conversation
Signed-off-by: Stewart X Addison <sxa@ibm.com>
MikeMcC399
left a comment
There was a problem hiding this comment.
Congratulations on your new appointment and your additional "hat"!
Changes in keys aren't tested in CI immediately, so I went through the following test:
git clone https://github.com/nodejs/docker-node
cd docker-node
git remote add sxa https://github.com/sxa/docker-node
git fetch sxa
git switch sxa_keys
./update.sh
cd 26/trixie
docker build --progress plain -t test-sxa .#8 2.299 + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 655F3B5C1FB3FA8D1A0CA6BDE4A7D232B936D2FD
#8 2.534 gpg: key E4A7D232B936D2FD: public key "Stewart X Addison <sxa@ibm.com>" imported
#8 2.538 gpg: Total number processed: 1
#8 2.538 gpg: imported: 1
#8 2.538 + gpg --batch --fingerprint 655F3B5C1FB3FA8D1A0CA6BDE4A7D232B936D2FD
#8 2.542 pub ed25519 2026-06-29 [SC] [expires: 2028-06-28]
#8 2.542 655F 3B5C 1FB3 FA8D 1A0C A6BD E4A7 D232 B936 D2FD
#8 2.542 uid [ unknown] Stewart X Addison <sxa@ibm.com>
#8 2.542 sub cv25519 2026-06-29 [E] [expires: 2028-06-28]I don't see any issues there and I see that the key is also available in https://keyserver.ubuntu.com as well.
|
You'd need to run |
Testing locally is fine. I did run Changing Dockerfiles in the repo for minor changes like this has been a bit awkward in the past because it triggers PR creation, causing noise. |
Hum but wouldn't that mean that any release signed with @sxa key would fail until the Dockerfiles are updated? |
The Dockerfiles get automatically updated when there's a release, because a release automatically runs |
Final checklist point in nodejs/Release#733
Description
Motivation and Context
Testing Details
Example Output(if appropriate)
Types of changes
Checklist