wiki:how-to/puppet/sign-release

Version 4 (modified by Ross, 6 years ago) (diff)

--

Sign a Puppet Release

MF/PL's servers are configured centrally using a git repository with puppet configuration files.

Each server, on an hourly cron job that runs on the top of the hour, pulls in the latest version of the git repository, checks for a tag signed by a member of the support team, and if it finds one, it pulls in the changes.

To see what the last tag was.

git tag

To sign a tag, run the following command locally, replace x.xx with the next tag id:

git tag -s mfpl-puppet-x.xx

To sign the next tag. In the commit message, I simply put the tag that I've created.

Ensure your tag is pushed:

git push --tags origin master

Wait for the top of the hour.