Draft
Conversation
tgamblin
requested changes
Jun 15, 2021
|
|
||
| Spack has the ability to create, download, install, and bootstrap | ||
| dependencies from binary packages. Spack signs binary packages with | ||
| gpg, and the ``spack gpg trust`` or ``spack buildcache keys -it`` |
Member
There was a problem hiding this comment.
GPG should be all caps and defined on first use on the page, e.g. "GNU Privacy Guard (GPG)"
| author_profile: false | ||
| --- | ||
|
|
||
| Spack has the ability to create, download, install, and bootstrap |
Member
There was a problem hiding this comment.
What does bootstrap mean here? I think we should leave that word out until it's defined in paragraph 2
| verification capabilities. In those cases, Spack will bootstrap from a | ||
| very limited selection of binaries with sha256 checksums associated in | ||
| Spack. These bootstrapping binaries will also be associated with a | ||
| binary installation policy. |
Member
There was a problem hiding this comment.
"binary installation policy" isn't defined yet -- we should probably lead with some motivation and that definition. Why is trusting binaries special (vs sources), what are Spack's policies -- basically the idea that a signature or a set of binaries are created using some process, and we want users to understand the process and trust it (or not)
| decisions, here we describe each of the policies available in Spack | ||
| and what it means. | ||
|
|
||
| ## Binary Trust Policies |
Member
There was a problem hiding this comment.
top level is #, then ##, then ###, etc.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is the first draft of a page that Spack will link to when prompting users for which binaries to trust.