Combined with the existing functionality of RPM signing, this addition allows GitLab to provide signed packages for all supported distributions using DEB or RPM.
These packages are produced by the GitLab CI process, as found in the
prior to their delivery to https://packages.gitlab.com to provide assurance that the packages are not altered prior
to delivery to our community.
Information on how to verify GitLab package signatures can be found in Package Signatures.
Information on how GitLab manages GPG keys for package signing can be found in the runbooks.