Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install script signature verification fails in Alpine 3.20 container #32

Closed
abstractionfactory opened this issue Sep 17, 2024 · 0 comments · Fixed by #33
Closed

Install script signature verification fails in Alpine 3.20 container #32

abstractionfactory opened this issue Sep 17, 2024 · 0 comments · Fixed by #33
Assignees
@abstractionfactory
Labels
bug Something isn't working

Comments

@abstractionfactory
Copy link
Contributor

abstractionfactory commented Sep 17, 2024
edited
Loading

When using the standalone installation method in an Alpine 3.20 container, the installation fails with:

/ # ./install-opentofu.sh --install-method standalone --install-path / --symlink-path -
OpenTofu Installer

Installing OpenTofu using the standalone installation method...
Determining latest OpenTofu version...
Downloading OpenTofu version 1.8.2...
Performing checksum verification...
Checksum for tofu_1.8.2_linux_amd64.zip is 3c0cf737e6b6a4520c26c5bbd90f6b432b9741dbc9214fd5eeb8b68606ac4915, as expected.
Performing signature verification...
Downloading signature file...
Downloading GPG key...
Dearmoring GPG key...
Verifying GPG key fingerprint...
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: Signature made Wed Sep  4 18:32:13 2024 UTC
gpg:                using RSA key E3E6E43D84CB852EADB0051D0C0AF313E5FD9F80
gpg: Can't check signature: No public key
Signature verification failed.

The GPG version in this container is 2.4.5 and the GPG key verification doesn't seem to work as indicated by listing keys returning with an empty output:

gpg --no-default-keyring --keyring /tmp/tmp.goCibg/opentofu.asc.gpg --list-keys

Related to opentofu/opentofu#1931
@abstractionfactory abstractionfactory added the bug Something isn't working label Sep 17, 2024
@abstractionfactory abstractionfactory self-assigned this Sep 17, 2024
@abstractionfactory abstractionfactory linked a pull request Sep 17, 2024 that will close this issue
Fixes #32: installation fails on blank Alpine #33
Merged
abstractionfactory added a commit that referenced this issue Sep 17, 2024
@abstractionfactory
Merge pull request #33 from opentofu/blank-alpine-gpg-fix
1716b2e 
Fixes #32: installation fails on blank Alpine
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abstractionfactory abstractionfactory

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #32: installation fails on blank Alpine opentofu/get.opentofu.org
1 participant
@abstractionfactory