The documentation says the following about this attribute:
# The name of the signing key. When verifying a package, the signature
# is matched to the public key store in /etc/apk/keys/<key_name>.rsa.pub.
# If unset, it defaults to the maintainer email address.
However, this is incorrect. As evident from the code, nfpm will add the .rsa.pub extension in case of unset key_name only. apk, on its side, also doesn't add this extension when looking for the key. So this results in key lookup error in apk.
I believe we should add the .rsa.pub extension in the mentioned piece of code unconditionally, matching both the documentation and the already existing behavior in case of unset key_name.
What happened?
The documentation says the following about this attribute:
However, this is incorrect. As evident from the code, nfpm will add the
.rsa.pub
extension in case of unset key_name only.apk
, on its side, also doesn't add this extension when looking for the key. So this results in key lookup error in apk.I believe we should add the
.rsa.pub
extension in the mentioned piece of code unconditionally, matching both the documentation and the already existing behavior in case of unsetkey_name
.How can we reproduce this?
prepare the signed apk package with config like
omitting the
.rsa.pub
extension inkey_name
. Try installing this package withapk add
.nfpm version
Search
Code of Conduct
Additional context
No response