Open Frzk opened 5 months ago
There is currently a workaround for this. One can add trusted=yes
when adding a repository in order to automatically trust he repository. For example:
:repo:deb [trusted=yes] https://cli.github.com/packages stable main
This still leads to a warning in the deployment logs:
W: GPG error: https://cli.github.com/packages stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059
But the repository is still usable.
In case we actually want to support the public key, here is a comment from someone who implemented it in a fork: https://github.com/heroku/heroku-buildpack-apt/issues/98#issuecomment-1589200325
:exploding_head: :exploding_head: :exploding_head: I've never heard about such an option. We should really document it (at least).
The buildpack currently allows to add a repo, but there's no easy way to add a signed repo. Since these are more and more widespread, it would be nice to support them too.