GPG Error for provider version 1.8.3

[rfc1149]

Describe the bug

When running a terraform init to pull down the latest version (1.8.3) it fails with a GPG verification error. If I pin the version to 1.8.2, it works as expected

Expected behavior

Terraform init succeeds

Current behavior

When running a terraform init:

Initializing provider plugins...
- Checking for available provider plugins...

Error verifying GPG signature for provider "panos"
Terraform was unable to verify the GPG signature of the downloaded provider
files using the keys downloaded from the Terraform Registry. This may mean that
the publisher of the provider removed the key it was signed with, or that the
distributed files were changed after this version was released.

Warning: registry.terraform.io: For users on Terraform 0.13 or greater, this provider has moved to PaloAltoNetworks/panos. Please update your source in required_providers.

Error: unable to verify signature

Possible solution

Steps to reproduce

1. set your provider block to use 1.8.3: provider "panos" { version = "1.8.2" }
2. Run terraform init

Context

I'm currently able to work around by pinning to 1.8.2 without issue, and i don't need the enhancement in 1.8.3 so it works for me right now. I'd like to see this fixed though so i can remove the pin and automatically pull the latest version.

Your Environment

Running terraform version 0.12.29. This happens both in a local environment (macos) and in a terraform enterprise environment.

[shinmog]

This is a Terraform side issue. HashiCorp has a security event recently and is recommending that users update their versions of Terraform as they've had to change their GPG keys.

You can find more information here:

https://discuss.hashicorp.com/t/terraform-updates-for-hcsec-2021-12/23570

[rfc1149]

Ah, perfect, upgrading to 0.12.31 solved it. Thanks @shinmog!