Tito automates RPM release/build from git metadata; protect repo integrity and signing process.
¶ Source and Release Controls
- Enforce protected branches/tags for release refs.
- Require signed commits/tags for release candidates.
- Restrict who can trigger release jobs.
- Build in isolated CI with controlled toolchains.
- Sign RPMs and repository metadata.
- Keep release logs and checksums for audit.