From 89148e8214803ea78c20ae666e8a967dd0eb9acf Mon Sep 17 00:00:00 2001
From: root <holta@users.noreply.github.com>
Date: Sun, 16 Jul 2023 18:38:54 -0400
Subject: [PATCH] Clarify bogus PGP signing of Gitea binary downloads

---
 roles/gitea/tasks/install.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml
index 592e148f3..957da4822 100644
--- a/roles/gitea/tasks/install.yml
+++ b/roles/gitea/tasks/install.yml
@@ -61,7 +61,7 @@
     dest: "{{ gitea_checksum_path }}"
     timeout: "{{ download_timeout }}"
 
-- name: Verify Gitea binary with GPG signature
+- name: Verify Gitea binary with GPG signature ("BAD signature" FALSE ALARMS continue as of 2023-07-16, despite their claims at https://docs.gitea.com/installation/install-from-binary#verify-gpg-signature)
   shell: |
     gpg --keyserver keys.openpgp.org --recv {{ gitea_gpg_key }}
     gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }}