Open olifre opened 4 years ago
Actually, it seems we now have another special case.
Newer 3.0 releases seem to be signed with RPM-GPG-KEY-ZABBIX-A14FE591
.
However, RPM-GPG-KEY-ZABBIX-A14FE591
and zabbix-official-repo.key
appear to be identical, the latter just has an additional ELG part.
This now also affects 3.0 releases for RHEL 7. For those suffering from similar issues, I use the following hack right now:
if $facts['os']['family'] == 'RedHat' {
exec { "import Zabbix gpg key for recent builds":
path => '/bin:/usr/bin:/sbin:/usr/sbin',
command => 'rpm --import https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591',
unless => 'rpm -q gpg-pubkey-a14fe591-578876fd',
before => Class['zabbix::agent'],
}
}
It's actually this now for 6.4 at least https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD
So the code would be this...
# @see https://github.com/voxpupuli/puppet-zabbix/issues/631
if $facts['os']['family'] == 'RedHat' {
exec { "import Zabbix gpg key for recent builds":
path => '/bin:/usr/bin:/sbin:/usr/sbin',
command => 'rpm --import https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD',
unless => 'rpm -q gpg-pubkey-08efa7dd-62c42363',
before => [
Class['zabbix::agent'],
]
}
}
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
Try to install Zabbix agent 3.0 on RHEL 8, i.e.:
What are you seeing
GPG key verification fails. These packages appear not to be signed with:
https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX
anymore, but withhttps://repo.zabbix.com/zabbix-official-repo.key
instead.What behaviour did you expect instead
Installation to work.