I've created a source package for I library I'm working on. I use debuild
to build it and then I can successfully upload it with dput
.
Now I want to set it up so that I can do this automatically from Jenkins. The main issue I'm running into is signing the .dsc and .changes files. What I'm trying to do is sign the packages with gpg
rather than having debuild
do it. This way I can sign the files automatically with the gpg option --passphrase-fd 0
.
So I use debuild
with the options -uc
and -us
and then clearsign the files with gpg
. But when I do this it creates a separate .dsc.asc
and source.changes.asc
. When I then try to upload with dput
I get the error
Checking signature on .changes
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
This would seem to suggest that I should list the .asc
file as an argument to dput
but I can't get this to work.