My company sells a software product, which intended to be consumed by (large) enterprise customers. These customers usually using RedHat operating system (RHEL 7\8).
These customers usually have a strict security policies, such as a firewall rules preventing them to download anything from "unconfirmed" sources. Making them to change anything in these rules is a real pain in the *** (anyone who ever worked with enterprises knows what I'm talking about).
So my goal is somehow to distribute my software in some well known and widely accepted way which will cause a minimal possible traction with IT / INFOSEC departments of customer companies.
I was thinking that a first step would be to package my software as a RPM package. However, it is not clear to me where to (and how) to upload that package, so it will became "natively" available for enterprise RedHat users.
What would be the "native" way to distribute software to RedHat enterprise customers?
You can look into one of these:
create a YUM/DNF repo (possibly a private repo) that they can connect to and ship your rpms through that repo (this is the most common way of shipping software to users)
give them instructions to set up their own local YUM/DNF repo and they can add whatever RPMs (that you give them) to the repo
create signed RPMs and ship them to the customers directly. They will have to confirm that your gpg key is trusted and they can verify that the RPM is unmodified. Here they will be using the rpm command directly to install the packages, not doing it through yum
just give them plain RPMs and the md5sum of those packages so they can verify manually that the RPM you've given them has not been tampered with
Installing RPMs from a repo takes care of install/upgrade dependencies automatically, but if you ship the "raw" RPM the customer would have to install dependencies manually.