search

clemlabprojects / ambari

Fork of Apache Ambari maintained by Clemlab Company
https://www.clemlab.com
Apache License 2.0
44 stars 19 forks source link

Error: GPG check FAILED #100

Open zorel opened 19 hours ago

zorel commented 19 hours ago

Hi.

Trying to install ambari2.7.9 on Oracle Linux 9, I fell into what looks like https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9:

Ambari Clemlab's release                                                                                                                                                                        10 kB/s | 1.7 kB     00:00
Importing GPG key 0x1403D1C5:
 Userid     : "Jenkins Clemlabs <jenkins@clemlabs.com>"
 Fingerprint: 5F48 50CD 7183 69E3 1E8F 630C 449E 83E8 1403 D1C5
 From       : https://clemlabs.s3.eu-west-3.amazonaws.com/RPM-GPG-KEY-Jenkins
Is this ok [y/N]: y
warning: Signature not supported. Hash algorithm SHA1 not available.
Key import failed (code 2). Failing package is: ambari-agent-2.7.9.0-110.x86_64
 GPG Keys are configured as: https://clemlabs.s3.eu-west-3.amazonaws.com/RPM-GPG-KEY-Jenkins
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'yum clean packages'.
Error: GPG check FAILED

Using this repo:

[ambari-clemlabs-2.7.9.0.0-110]
name=Ambari Clemlab's release
baseurl=https://clemlabs.s3.eu-west-3.amazonaws.com/centos9/ambari-release/2.7.9.0.0-110/rpms/
enabled=1
gpgkey=https://clemlabs.s3.eu-west-3.amazonaws.com/RPM-GPG-KEY-Jenkins
gpgcheck=1
lucasbak commented 19 hours ago

Hi @zorel

Indeed all later builds have been updated with SHA 256 GPG signature on rhel8 and rhel9

You can try 2.7.9.0.0-117

[ambari-clemlabs-2.7.9.0.0-117]
name=Ambari Clemlab's release
baseurl=https://clemlabs.s3.eu-west-3.amazonaws.com/centos9/ambari-release/2.7.9.0.0-117/rpms/
enabled=1
gpgkey=https://clemlabs.s3.eu-west-3.amazonaws.com/RPM-GPG-KEY-SHA256-Jenkins
gpgcheck=1

We are going to update the documentation

Regards,

Clemlab Team

simon4477 commented 17 hours ago

@lucasbak Does the SHA256 applies to Centos only or Ubuntu too? Should I use RPM-GPG-KEY-Jenkins or RPM-GPG-KEY-SHA256-Jenkins for Ubuntu 22.04?

lucasbak commented 16 hours ago

Hi @simon4477

During yesterday check we did not see any issue for Ubuntu operating system

However we will pass all operating system on the same sha256 hog key in the future

Regards