The public PGP key file is named KEYS available under the staging directory. If you generate a new key to sign the artifacts, you need to update the file of public key in the staging directory for further use to verify the artifacts. Checkout the staging directory via subversion, modify the file KEYS by appending your local public key, and commit it back to the staging directory. Please refer to the svn commands to checkout, and commit.
You can export your public PGP key by running the following command:
$ pgp --export <key_id>
The parameter <key_id> can be either the key id or the email address you used to generate the key. For detailed information on PGP keys, please visit how to create and manage PGP keys.
Under the home directory of openwhisk release tool, you can find the local SVN directory openwhisk_release/