Hi Kent,
I just tried out GPGKeys on my development environment and they appear to be working well. It is possible that our procedures are different or the issue you are experiencing has been resolved since 3.2.1.1 was released.
The procedure that I followed (using the UI) was the following:
- created gpgkey
- created product
- associated gpgkey with product
- created repo in that product
- observed (Content -> Products) - key is associated with product and repository
- observed (Content -> GPGKeys) - key is lists product and repository
- created a content view, added the repo and published
- created an activation key, associated content view, added subscription for product
- registered a client using the activation key
- yum clean all && yum repolist
- attempted to install a package from the repo
- observed download attempt to pull in my GPG key, see below for example
[root@rhel7-client1 ~]# yum install bear
Loaded plugins: package_upload, product-id, search-disabled-repos, subscription-manager, tracer_upload
Default_Organization_gpgkeyed_keyedzoo | 2.1 kB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package bear.noarch 0:4.1-1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================================================
Package Arch Version Repository Size
==============================================================================================================
Installing:
bear noarch 4.1-1 Default_Organization_gpgkeyed_keyedzoo 2.8 k
Transaction Summary
==============================================================================================================
Install 1 Package
Total download size: 2.8 k
Installed size: 42
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7Server/Default_Organization_gpgkeyed_keyedzoo/packages/bear-4.1-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID f78fb195: NOKEY
Public key for bear-4.1-1.noarch.rpm is not installed
bear-4.1-1.noarch.rpm | 2.8 kB 00:00:00
Retrieving key from https://centos7-devel.example.com/katello/api/repositories/110/gpg_key_content
Importing GPG key 0xDEB62A91:
Userid : "Brad Buckingham (test) <bbuckingham@redhat.com>"
Fingerprint: 8067 1ceb 433a 69e6 fde2 4a99 0041 0d3a deb6 2a91
From : https://centos7-devel.example.com/katello/api/repositories/110/gpg_key_content
Is this ok [y/N]: N
Didn't install any keys
I attempted the same scenario, but associating the gpg key with the repository versus the product and observed the same behavior. Is there anything different you see in our procedures?
Would you be interested in upgrading to the latest katello 3.3 to see if the issue is resolved there?