Closed marytal closed 4 months ago
@marytal The problem here is that amazonlinux:2023
comes with the gnupg2-minimal
package installed (this is also what it tries installing when you run yum install gnupg
). gpgv
comes in the full gnupg2
package. If you run sudo yum install --allowerasing gnupg2
on the container, you should end up with the required binaries.
As a quick follow-up, keep in mind that you can also install via package manager by following the installation instructions on the RedHat/CentOS tab of our CLI installation docs.
Also, to elaborate a bit on why we changed from gpg
to gpgv
in #449 – the reason for that is newer versions of gnupg
are defaulting to using keyboxd
for key storage. When keyboxd
is enabled, the --no-default-keyring
and --keyring
flags are ignored by the gpg
command. This broke signature verification in our installer. The standard gnupg
package that we have as a dependency requirement when using the install script comes with gpgv
, which is a small binary designed specifically for doing signature verifications and isn't impacted by keyboxd
being in use. This allows us to continue verifying in the same way we were before (i.e., without us having to import our public key into the machine's keyring and then remove it after – leaving the potential that the key might end up permanently installed on the machine if the script were interrupted). In this situation, it (unfortunately) looks like AmazonLinux has mapped gnupg
to gnupg2-minimal
rather than gnupg2
, which results in their container coming without gpgv
by default.
Thanks for your help! :)
Describe the bug Running install script:
RUN curl -Ls --tlsv1.2 --proto "=https" --retry 3 https://cli.doppler.com/install.sh | sh
in DockerfileTo Reproduce Run the above install script in a Dockerfile with gnupg installed on the docker image:
Expected behavior Install successfully
Actual behavior
RUN command -v gpg
works fine butRUN command -v gpgv
doesn't work. It appears that we cannot install gpgv independently (see here) so it should work when gnupg is installed.Fails with error: "ERROR: Unable to find gpg binary for signature verification"
Started failing when this was merged: https://github.com/DopplerHQ/cli/pull/449
Screenshots N/A
Desktop (please complete the following information):
Dockerfile linux/amd64 amazonlinux:2023
CLI Version: N/A
Additional context N/A
Any help appreciated!