Open olifre opened 4 years ago
olifre
commented
4 years ago Actually, it seems we now have another special case.
Newer 3.0 releases seem to be signed with RPM-GPG-KEY-ZABBIX-A14FE591.
However, RPM-GPG-KEY-ZABBIX-A14FE591 and zabbix-official-repo.key appear to be identical, the latter just has an additional ELG part.
olifre
commented
4 years ago This now also affects 3.0 releases for RHEL 7. For those suffering from similar issues, I use the following hack right now:
if $facts['os']['family'] == 'RedHat' {
exec { "import Zabbix gpg key for recent builds":
path => '/bin:/usr/bin:/sbin:/usr/sbin',
command => 'rpm --import https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591',
unless => 'rpm -q gpg-pubkey-a14fe591-578876fd',
before => Class['zabbix::agent'],
}
}
minorOffense
commented
1 year ago It's actually this now for 6.4 at least https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD
minorOffense
commented
1 year ago So the code would be this...
# @see https://github.com/voxpupuli/puppet-zabbix/issues/631
if $facts['os']['family'] == 'RedHat' {
exec { "import Zabbix gpg key for recent builds":
path => '/bin:/usr/bin:/sbin:/usr/sbin',
command => 'rpm --import https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD',
unless => 'rpm -q gpg-pubkey-08efa7dd-62c42363',
before => [
Class['zabbix::agent'],
]
}
}
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
Try to install Zabbix agent 3.0 on RHEL 8, i.e.:
What are you seeing
GPG key verification fails. These packages appear not to be signed with:
https://repo.zabbix.com/RPM-GPG-KEY-ZABBIXanymore, but withhttps://repo.zabbix.com/zabbix-official-repo.keyinstead.What behaviour did you expect instead
Installation to work.