In puppetlabs-release-pc1-1.1.0-1.el7.noarch there is a strange key : # rpm -qil puppetlabs-release-pc1-1.1.0-1.el7.noarch ... /etc/pki/rpm-gpg/RPM-GPG-KEY-nightly-puppetlabs ....
And the same key is in puppetlabs-release: # rpm -qilp .../puppetlabs-release-22.0-2.noarch.rpm /etc/pki/rpm-gpg/RPM-GPG-KEY-nightly-puppetlabs It was an old bug when migrating to puppet 4 as some components where missing it it and I needed both uppetlabs-release and puppetlabs-release-pc1. At this time they already was a conflict of pgp key that was latter resolved: https://tickets.puppetlabs.com/browse/PUP-4970 > Le 9 sept. 2016 à 01:49, Ryan McKern <[email protected]> a écrit : > > Bottom line on top: Puppet is preparing to roll out a new GPG signing key for > both Open Source and Puppet Enterprise products on Linux platforms because > the current key expires in January 2017. Please update your > puppetlabs-release package or add the new public key to the package manager’s > key ring on any machines which use Puppet’s packages as products shipped > after September 12 2016 will be signed using the new key. > THE “WHAT” AND THE “WHY” > > The current "classic" Puppet Labs GPG public key (UID [email protected], > <https://pgp.mit.edu/pks/lookup?op=vindex&search=0x1054B7A24BD6EC30> long key > ID 0x1054B7A24BD6EC30) will expire on January 05 2017. Rather than extend the > key expiration date any further, Puppet is issuing a new GPG public key (UID > [email protected] > <https://pgp.mit.edu/pks/lookup?op=vindex&search=0x7F438280EF8D349F>, long > key ID 0x7F438280EF8D349F). > > Puppet will begin signing new Linux packages and Puppet Enterprise releases > with the new GPG signing key after September 12 2016. Please update any > puppetlabs-release packages you may have installed as they are made > available; new puppetlabs-release packages contain both the “classic” public > key and the new public key. If you are not using a puppetlabs-release package > to manage Yum or Apt GPG keys, please manually add the new key to the > appropriate keyrings. > THE “HOW” > > Updating the puppetlabs-release package on Red Hat Enterprise Linux platforms > > This information applies to RHEL itself, as well as any distributions that > maintain binary compatibility with it, including but not limited to CentOS, > Scientific Linux, and Oracle Linux. The instructions also apply to Fedora > Linux. To upgrade the puppetlabs-release package, run the command below: > > $ sudo yum update puppetlabs-release-pc1 > Updating the puppetlabs-release package on Debian and Ubuntu platforms: > > We publish and test puppetlabs-release packages for the following versions of > Debian: > Debian 8 “Jessie” (current stable release) > Debian 7 “Wheezy” (previous stable release) > Debian 6 “Squeeze” > > We also publish and test puppetlabs-release packages for the following > versions of Ubuntu: > Ubuntu 16.04 LTS “Xenial Xerus” > Ubuntu 15.10 “Wily Werewolf” > Ubuntu 15.04 “Vivid Vervet” > Ubuntu 14.04 LTS “Trusty Tahr” > Ubuntu 12.04 LTS “Precise Pangolin” > > We also publish and test puppetlabs-release packages for the following > Debian-derived embedded platforms: > Cumulus Linux 2.2 > huaweios > > To upgrade the puppetlabs-release package, run the command below: > > $ sudo apt-get upgrade puppetlabs-release-pc1 > Manually importing the new GPG public key on Red Hat Enterprise Linux > platforms > > If you are not using a puppetlabs-release package to provide the > yum.puppetlabs.com <http://yum.puppetlabs.com/> Yum repository definitions, > you can manually add the new GPG public key to the RPM keyring: > > $ curl --remote-name --location https://yum.puppetlabs.com/RPM-GPG-KEY-puppet > <https://yum.puppetlabs.com/RPM-GPG-KEY-puppet> > $ gpg --keyid-format 0xLONG --with-fingerprint ./RPM-GPG-KEY-puppet > pub 4096R/0x7F438280EF8D349F 2016-08-18 Puppet, Inc. Release Key (Puppet, > Inc. Release Key) <[email protected] <mailto:[email protected]>> > Key fingerprint = 6F6B 1550 9CF8 E59E 6E46 9F32 7F43 8280 EF8D 349F > sub 4096R/0xA2D80E04656674AE 2016-08-18 [expires: 2021-08-17] > $ rpm --import RPM-GPG-KEY-puppet > Manually importing the new GPG public key on Debian and Ubuntu platforms > > If you are not using a puppetlabs-release package to provide the > apt.puppetlabs.com <http://apt.puppetlabs.com/> Apt repository definitions, > you can manually add the new GPG public key to the Apt keyring: > > $ curl --remote-name --location https://apt.puppetlabs.com/DEB-GPG-KEY-puppet > <https://apt.puppetlabs.com/DEB-GPG-KEY-puppet> > $ gpg --keyid-format 0xLONG --with-fingerprint ./DEB-GPG-KEY-puppet > pub 4096R/0x7F438280EF8D349F 2016-08-18 Puppet, Inc. Release Key (Puppet, > Inc. Release Key) <[email protected] <mailto:[email protected]>> > Key fingerprint = 6F6B 1550 9CF8 E59E 6E46 9F32 7F43 8280 EF8D 349F > sub 4096R/0xA2D80E04656674AE 2016-08-18 [expires: 2021-08-17] > $ apt-key add DEB-GPG-KEY-puppet > > -- > > Ryan McKern > Puppet Release Engineering > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CADj7mEcSF-kyyG2HYSha51meYNUn_KJeWLyTf%3DKrBuw34otshA%40mail.gmail.com > > <https://groups.google.com/d/msgid/puppet-users/CADj7mEcSF-kyyG2HYSha51meYNUn_KJeWLyTf%3DKrBuw34otshA%40mail.gmail.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/79418146-C452-472E-9DD7-97C505BF3D7E%40orange.fr. For more options, visit https://groups.google.com/d/optout.
