Blog Entries

06. 10. 2023 Lorenzo Candeago Development, DevOps

How to Test Beta Repos for RedHat 8.9 in a Container

We wanted to test the new RedHat 8.9 beta releases, but RedHat doesn’t currently provide a beta container. How can we do it anyway? Please note that this procedure is not officially supported by RedHat. As a first step, we want to retrieve the package redhat-release from the rhel 8.9 beta ISO, in the directory…

Read More
02. 04. 2021 Andrea Avancini NetEye

Signing NetEye RPMs

When you have to publicly release software like we do with NetEye every two months, it’s fundamental that users can verify that software: in our case that the RPMs that we build come from us and not from someone who pretends to be us, that they have not been tampered with, and that they do…

Read More
02. 04. 2021 Alessandro Valentini NetEye

RPM Package Verification

Why it’s important to use signed packages RPM signing is an often underestimated feature: you use official repositories, why shouldn’t you trust them? Those repositories are also probably protected with TLS encryption, so you feel safe against man-in-the-middle attacks. But you may not be as safe as you think you are. Have you heard about that time when the repository…

Read More
23. 12. 2020 Thomas Forrer Development, NetEye

Adopting Pulp 2: A Migration Journey #2

In the previous chapter of this blog post series, we discussed how Würth Phoenix has recently adopted Pulp as its main repository management platform. To briefly recap, Pulp is a free and open-source platform for managing repositories of software packages and artifacts and making them available to a larger audience. The types of packages and…

Read More

Archive