I am checking out WMF 5, April 2015 release and testing some basic installation / uninstallation of packages.
To get in line with best security practices I’ve set our environment up as All-Signed and have a certificate authority up for our domain that can sign scripts.
My question is how do I make this mesh with PackageMangement? If I am understanding this correctly chocolatey (for example) uses ps1 scripts to execute the installation of packages from that repo. Is it possible to auto-sign scripts from certain package sources? Or is there a method to do that on a case by case basis?