The goal of this repo is to have a central place of all public keys for Sidero Labs employees. These keys will be used as we continue our supply chain security efforts.
To add your key:
- Ensure you are in Engineering org in GitHub. If not, contact @andrewrynhard, @smira, @rsmitty to get added.
- Clone https://github.com/siderolabs/signing-keys
- Find your key:
gpg -k
- Export your public key:
gpg --armor --export <id> > <GitHub username>.pgp
- git add .pgp, git commit -S.
- git push.
Note: If it fails due to someone else adding their key: git fetch, git rebase origin/main, then push again.