Signed NuGet Packages

asbjorn.ulsberg's Avatar

asbjorn.ulsberg

12 Oct, 2017 09:52 AM

As NuGet is planning to implement package signing it would be awesome to have this feature integrated in Octopus Deploy so packages with a signature can be verified before installation.

This is especially important in PCI-DSS environments where we want to ensure the integrity of the packages in an automated way instead of requiring a lot of manual labour as it does today.

Do you have support for signed packages on your roadmap? If not, please consider this a feature request. :)

  1. Support Staff 1 Posted by Shane Gill on 13 Oct, 2017 04:00 AM

    Shane Gill's Avatar

    Hi,

    Thanks for the suggestion, I agree that it would be awesome if Octopus Deploy verified package signatures. It's not officially on our roadmap but I expect it is something we will do.

    There is an existing suggestion for signed packages, although in a slightly different context: https://octopusdeploy.uservoice.com/forums/170787/suggestions/5624130

    Cheers,
    Shane

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac