Request for x509 certificate/ kmod signing key for ppa:john-cabaj/gcp-tdx

As far as I can see, the only things that has so far been signed in that PPA are very boring things like SHA256SUMS files, and nothing has actually caused a kmod key/cert to be generated for that PPA. This is probably because the kernel build didn't put anything interesting in the tarball that it submits for signing. From the build log:

install -d /<<PKGBUILDDIR>>/debian/linux-image-unsigned-6.2.0-3004-signing/6.2.0-3004.20/control
{ echo "tarball"; } >/<<PKGBUILDDIR>>/debian/linux-image-unsigned-6.2.0-3004-signing/6.2.0-3004.20/control/options
cd /<<PKGBUILDDIR>>/debian/linux-image-unsigned-6.2.0-3004-signing && tar czvf ../../../linux-gcp_6.2.0-3004.20_amd64.tar.gz .
./
./6.2.0-3004.20/
./6.2.0-3004.20/control/
./6.2.0-3004.20/control/options
dpkg-distaddfile linux-gcp_6.2.0-3004.20_amd64.tar.gz raw-signing -

John will need to fix that (I don't know exactly how - consult the kernel team for help if you need to). After that, get back to us and we can tell you what key has been generated.

Thank you

One must upload generate package, by doing clean in signed/Debian/ancillary/ subpackage and upload that.

As only generate will produce signing tarball.

The generate packages have been published to the PPA in question. The signing tarball was generated, but it’s not clear where the certificate is as only a single file (options) was contained in the tarball.

Resolved by @john-cabaj now with the generate package now containing the required .crt @ https://ppa.launchpadcontent.net/john-cabaj/gcp-tdx/ubuntu/dists/jammy/main/signed/linux-generate-gcp-6.2-amd64/6.2.0-3004.20~22.04.1/

```
$ tar -xvf signed.tar.gz
6.2.0-3004.20~22.04.1/
6.2.0-3004.20~22.04.1/boot/
6.2.0-3004.20~22.04.1/boot/vmlinuz-6.2.0-3004-gcp.efi.signed
6.2.0-3004.20~22.04.1/boot/vmlinuz-6.2.0-3004-gcp.efi
6.2.0-3004.20~22.04.1/control/
6.2.0-3004.20~22.04.1/control/uefi.crt
6.2.0-3004.20~22.04.1/control/options
```