c8y3
commented
2 years ago If my understanding of this piece of code is correct (https://github.com/apache/maven-gpg-plugin/blob/master/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java) the change of gpg behavior started with gpg 2.1. So, probably the RPMSigner should still need to use the expect script with older versions of gpg.
Automatic signature (without user input) of the rpm fails with gpg 2.2.19. If my understanding is correct, it seems that the script (coded in the RPMSigner) that uses "expect" to automatically input the passphrase is not working as expected. Maybe because recent versions of gpg use gpp-agent and the pinentry program is different from before.
Instead of using expect, would it be possible to evolve the RPMSigner so that it calls rpm --addsign with the following additional argument: --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase $PIN"?
This issue seems related to the following discussion: https://unix.stackexchange.com/questions/328601/rpmsign-with-cli-password-prompt.
Thank you.