search

swiftlang / swiftly

A Swift toolchain installer and manager, written in Swift.
https://swiftlang.github.io/swiftly/
Apache License 2.0
486 stars 28 forks source link

swiftly install latest failed on Ubuntu #169

Open wangzhizhou opened 1 month ago

wangzhizhou commented 1 month ago

image

Nobody1707 commented 1 month ago

The same issue happens on OpenSUSE Tumbleweed.

❯ swiftly install 6.0
Fetching the latest stable Swift 6.0 release...
Refreshing Swift PGP keys...
Installing Swift 6.0.0
                             Downloading Swift 6.0.0
100% [=============================================================]
Downloaded 773.3 MiB of 773.3 MiB
Downloading toolchain signature...
Verifying toolchain signature...
gpg: Signature made Mon 16 Sep 2024 04:14:14 PM CDT
gpg:                using RSA key EF80A866B47A981F
gpg: Can't check signature: No public key
Error: Toolchain signature verification failed: Error(message: "gpg exited with non-zero status: 2")
adam-fowler commented 1 month ago

@cmcgee1024 This is the same error I received. I got around this by running the install script again

cmcgee1024 commented 1 month ago

@Nobody1707 and @wangzhizhou, does manually adding the swift.org keys help to work around the problem?

curl --silent --retry 3 --location --fail https://swift.org/keys/all-keys.asc | gpg --import -

This is what the swiftly install script does to import the swift.org keys. It's just that there are new keys for the 6.x toolchains.

Nobody1707 commented 1 month ago

Yes, it updated successfully after manually adding the keys.

100% [=============================================================]
Downloaded 773.3 MiB of 773.3 MiB
Downloading toolchain signature...
Verifying toolchain signature...
gpg: Signature made Mon 16 Sep 2024 04:14:14 PM CDT
gpg:                using RSA key EF80A866B47A981F
gpg: Good signature from "Swift 6.x Release Signing Key <swift-infrastructure@forums.swift.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 52BB 7E3D E28A 71BE 22EC  05FF EF80 A866 B47A 981F
Extracting toolchain...
Swift 6.0.0 installed successfully!
Uninstalling Swift 5.10.0...done
Successfully updated Swift 5.10.0 ⟶ Swift 6.0.0

Should I be worried about the warning?

cmcgee1024 commented 1 month ago

Thanks @Nobody1707 for confirming that the workaround is working.

In terms of the warning, this is expected. You can see a note about it in the Linux toolchain download instructions here on the swift website: https://www.swift.org/install/linux/tarball/