For repository without repodata/repomd.xml.key file and specify GPG key path using gpgkey option, the pathname of the GPG key is repeated and therefore can't be imported automatically. for example:
# zypper addrepo https://sing-box.app/sing-box.repo
Adding repository 'sing-box' ...........................................................................[done]
Repository 'sing-box' successfully added
URI : https://rpm.sagernet.org/
Enabled : Yes
GPG Check : Yes
Autorefresh : No
Priority : 99 (default priority)
Repository priorities in effect: (See 'zypper lr -P' for details)
80 (raised priority) : 1 repository
90 (raised priority) : 1 repository
99 (default priority) : 9 repositories
# zypper --gpg-auto-import-keys refresh sing-box
Looking for gpg key ID 2A2B2F0C in cache /var/cache/zypp/pubkeys.
Looking for gpg key ID 2A2B2F0C in repository sing-box.
gpgkey=https://sing-box.app/gpg.key
Warning: File 'repomd.xml' from repository 'sing-box' is signed with an unknown key '6D9152172A2B2F0C'.
Note: Signing data enables the recipient to verify that no modifications occurred after the data
were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
and in extreme cases even to a system compromise.
Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the
whole repo.
Warning: We can't verify that no one meddled with this file, so it might not be trustworthy
anymore! You should not continue unless you know it's safe.
File 'repomd.xml' from repository 'sing-box' is signed with an unknown key '6D9152172A2B2F0C'.
Continue? [yes/no] (no):
Related log entries in /var/log/zypper.log, mitmproxy also show the same result:
For repository without
repodata/repomd.xml.key
file and specify GPG key path usinggpgkey
option, the pathname of the GPG key is repeated and therefore can't be imported automatically. for example:Related log entries in
/var/log/zypper.log
, mitmproxy also show the same result: