Plugins » Katello

Hi Kent,

I just tried out GPGKeys on my development environment and they appear to be working well. It is possible that our procedures are different or the issue you are experiencing has been resolved since 3.2.1.1 was released.

The procedure that I followed (using the UI) was the following:
- created gpgkey
- created product
- associated gpgkey with product
- created repo in that product
- observed (Content -> Products) - key is associated with product and repository
- observed (Content -> GPGKeys) - key is lists product and repository
- created a content view, added the repo and published
- created an activation key, associated content view, added subscription for product
- registered a client using the activation key
- yum clean all && yum repolist
- attempted to install a package from the repo
- observed download attempt to pull in my GPG key, see below for example

[root@rhel7-client1 ~]# yum install bear
Loaded plugins: package_upload, product-id, search-disabled-repos, subscription-manager, tracer_upload
Default_Organization_gpgkeyed_keyedzoo                                                 | 2.1 kB  00:00:00     
Resolving Dependencies
--> Running transaction check
---> Package bear.noarch 0:4.1-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================
 Package         Arch              Version            Repository                                         Size
==============================================================================================================
Installing:
 bear            noarch            4.1-1              Default_Organization_gpgkeyed_keyedzoo            2.8 k

Transaction Summary
==============================================================================================================
Install  1 Package

Total download size: 2.8 k
Installed size: 42  
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7Server/Default_Organization_gpgkeyed_keyedzoo/packages/bear-4.1-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID f78fb195: NOKEY
Public key for bear-4.1-1.noarch.rpm is not installed
bear-4.1-1.noarch.rpm                                                                  | 2.8 kB  00:00:00     
Retrieving key from https://centos7-devel.example.com/katello/api/repositories/110/gpg_key_content
Importing GPG key 0xDEB62A91:
 Userid     : "Brad Buckingham (test) <bbuckingham@redhat.com>" 
 Fingerprint: 8067 1ceb 433a 69e6 fde2 4a99 0041 0d3a deb6 2a91
 From       : https://centos7-devel.example.com/katello/api/repositories/110/gpg_key_content
Is this ok [y/N]: N

Didn't install any keys

I attempted the same scenario, but associating the gpg key with the repository versus the product and observed the same behavior. Is there anything different you see in our procedures?

Would you be interested in upgrading to the latest katello 3.3 to see if the issue is resolved there?

Hi Brad,

Thanks for looking into this. After I initially posted I crashed my Katello installation and created a new server with more space for more repos, so I can't reproduce the GPG key issue.

On the new Katello server I now have no issues with the GPG keys. My steps are similar to your steps. The only difference I can think of is that on the old server I didn't promote the content views, I only published them. Don't know if that should make any difference for the GPG key functionality. When looking at the activation keys they now show everything as it should be.

I have no idea why this didn't work but I think we can close this issue.