Repository signing for 7.0 repositories seems to be inconsistent
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Fix Committed
|
High
|
Dmitry Burmistrov |
Bug Description
According to the following GPG output, we have inconsistent signing for 7.0 repositories. We need to triage this and figure out whether the proper keys are imported into apt keyring during the provisioning. If the keys are imported, we need to figure out how to adjust our current repo to have properly signed release files.
$ gpg --verify mos7.0/Release.gpg mos7.0/Release
gpg: Signature made Mon 23 Nov 2015 07:07:26 PM UTC using RSA key ID 3E301371
gpg: Good signature from "Mirantis Release (Signing key for Mirantis.com) <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 59BD 71B8 B76F 5BD3 683B DC48 CA2B 2048 3E30 1371
$ gpg --verify mos7.0-
gpg: Signature made Mon 23 Nov 2015 07:07:26 PM UTC using RSA key ID 3E301371
gpg: Good signature from "Mirantis Release (Signing key for Mirantis.com) <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 59BD 71B8 B76F 5BD3 683B DC48 CA2B 2048 3E30 1371
$ gpg --verify mos7.0-
gpg: Signature made Mon 23 Nov 2015 07:07:26 PM UTC using RSA key ID 3E301371
gpg: Good signature from "Mirantis Release (Signing key for Mirantis.com) <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 59BD 71B8 B76F 5BD3 683B DC48 CA2B 2048 3E30 1371
$ gpg --verify mos7.0-
gpg: Signature made Mon 23 Nov 2015 07:07:26 PM UTC using RSA key ID 3E301371
gpg: Good signature from "Mirantis Release (Signing key for Mirantis.com) <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 59BD 71B8 B76F 5BD3 683B DC48 CA2B 2048 3E30 1371
Changed in fuel: | |
assignee: | nobody → Fuel build team (fuel-build) |
Changed in fuel: | |
assignee: | Fuel build team (fuel-build) → Dmitry Burmistrov (dburmistrov) |
tags: | removed: area-ci |
Changed in fuel: | |
importance: | Medium → High |
tags: | removed: area-python |
decrease priority to medium, because gpg check dont support during deploy of nodes. related bug https:/ /bugs.launchpad .net/fuel/ +bug/1500842