Bug 1390839

Summary: repoman signing doesn't re-sign packages with given key if already signed
Product: [Community] Repoman Reporter: Sandro Bonazzola <sbonazzo>
Component: CoreAssignee: Sandro Bonazzola <sbonazzo>
Status: CLOSED CURRENTRELEASE QA Contact: Eyal Edri <eedri>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.0   
Target Milestone: 2.0   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-14 05:07:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Integration RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Sandro Bonazzola 2016-11-02 04:31:59 UTC 
Description of problem:
adding rpms built in copr or fedora to ovirt repository using repoman cause the package to be imported with the original signing key instead of the given one.

This causes yum install errors on missing gpg key for copr builds using gpg signing.

Repoman should check if the rpms are signed with the given keny and re-sign if not matching.