search

GetPageSpeed / nginx-extras

Submit your NGINX module for build in GetPageSpeed extras RPM repository
https://www.getpagespeed.com/nginx-extras
BSD 2-Clause "Simplified" License
10 stars 5 forks source link

Package is not signed #2

Closed Checkumeito closed 5 years ago

Checkumeito commented 5 years ago

Hello,

When I try to upgrade the modules from getpagespeed nginx-extras repo, it seems all the package are not signed.

This is from my /etc/yum.repos.d/getpagespeed-extras.repo

name=GetPageSpeed packages for Enterprise Linux 7 - $basearch
baseurl=https://extras.getpagespeed.com/redhat/7/$basearch/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-GETPAGESPEED

[getpagespeed-extras-noarch]
name=GetPageSpeed packages for Enterprise Linux 7 - noarch
baseurl=https://extras.getpagespeed.com/redhat/7/noarch/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-GETPAGESPEED

[getpagespeed-extras-varnish60]
name=GetPageSpeed packages of Varnish 6.0.x for Enterprise Linux 7 - $basearch
baseurl=https://extras.getpagespeed.com/redhat/7/varnish60/$basearch/
enabled=0
gpgcheck=1
repo_gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-GETPAGESPEED

[getpagespeed-extras-nginx-mod]
name=GetPageSpeed packages with patched NGINX for Enterprise Linux 7
baseurl=https://extras.getpagespeed.com/redhat/7/nginx-mod/$basearch/
enabled=0
gpgcheck=1
repo_gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-GETPAGESPEED

[getpagespeed-extras-mainline]
name=GetPageSpeed packages of mainline NGINX for Enterprise Linux 7 - $basearch
baseurl=https://extras.getpagespeed.com/redhat/7/mainline/$basearch/
enabled=0
gpgcheck=1
repo_gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-GETPAGESPEED

Additionally from your website, from the instruction to add Metadata GPG verification sed -i 's/gpgcheck=.*/gpgcheck=1nrepo_gpgcheck=1/' /etc/yum.repos.d/getpagespeed-extras.repo It seems that you have missed a symbol / it should have been /nrepo_gpgcheck=1 which is a newline, or else it will trigger an error.

dvershinin commented 5 years ago

@Checkumeito can you be specific which module you're trying to install that is not signed?

Checkumeito commented 5 years ago

Presently, I had 5 modules installed: nginx-module-cache-purge nginx-module-geoip2 nginx-module-nbr nginx-module-pagespeed nginx-module-pagespeed-selinux nginx-module-upload nginx-module-webp

I tried to upgrade the nginx-module-upload and nginx-module-cache-purge but yum said they were not signed. I tried to upgrade with yum --nogpgcheck and they all went through. I think the package were not signed properly on your repo.

dvershinin commented 5 years ago

Hi @Checkumeito

Verified the issue to exist. RPM signing is automatic on the build server, but it's timing out when many packages are built at once. All packages were now resigned, if the issue persists you can clear caches (yum clean all).

Thanks for bringing to attention about repo_gpgcheck. Updated the page.