Project

General

Profile

Actions

Bug #18894

open

Technique Package repository keys (RPM/APT) - The key's content contains multiple pubkeys

Added by Alexander Brunhirl almost 4 years ago. Updated almost 4 years ago.

Status:
New
Priority:
N/A
Assignee:
-
Category:
-
Target version:
-
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Priority:
70
Name check:
To do
Fix check:
To do
Regression:

Description

Hi,

I tried to import the Google GPG keys for Kubernetes [1].
Unfortunatly for the first GPG key [2] which uses the default Technique "Package repository keys (RPM/APT)" creates an error "The key's content contains multiple pubkeys!". The second GPG key [3] which does not contain any additional public key is imported without any issues.

rudder:~ # sudo rudder agent run -q
Rudder agent 6.1.3.release
Node uuid: 45f243a9-d781-4c54-a5c5-f00c482371a1
ok: Rudder agent policies were updated.
Start execution with config [20210211-111248-1aecf0]

M| State         Technique                 Component                 Key                Message
E| repaired      repoGpgKeyManagement      Repository GPG Key Manag| F09C394C3E1BA8D5   The GPG Key was imported successfully
E| error         repoGpgKeyManagement      Repository GPG Key Manag| 48419E688DD52AC0   The key's content contains multiple pubkeys!

## Summary #####################################################################
Not all components were displayed because we are not in full compliance mode. Please run with -g to force full compliance mode.
   => 2 components in Enforce mode
      -> 1 repaired
      -> 1 error
Execution time: 32.89s
################################################################################
Reports sent.
rudder:~ #
rudder:~ # gpg --keyid-format=long rpm-package-key.gpg
pub  2048R/F09C394C3E1BA8D5 2015-06-24 Google Cloud Packages RPM Signing Key <gc-team@google.com>
rudder:~ # gpg --keyid-format=long ./yum-key.gpg
pub  2048R/3746C208A7317B0F 2015-04-03 Google Cloud Packages Automatic Signing Key <gc-team@google.com>
pub  2048R/6A030B21BA07F4FB 2018-04-01 Google Cloud Packages Automatic Signing Key <gc-team@google.com>
pub  2048R/8B57C5C2836F4BEB 2020-12-04 gLinux Rapture Automatic Signing Key (//depot/google3/production/borg/cloud-rapture/keys/cloud-rapture-pubkeys/cloud-rapture-signing-key-2020-12-03-16_0
8_05.pub) <glinux-team@google.com>
sub  2048R/48419E688DD52AC0 2020-12-04
rudder:~ # 
rudder:~ # rpm --import ./yum-key.gpg
rudder:~ # rpm -q --last gpg-pubkey-* |head -2
gpg-pubkey-836f4beb-5fc97e5e                  Thu 11 Feb 2021 11:15:01 AM UTC
gpg-pubkey-3e1ba8d5-558ab6a8                  Thu 11 Feb 2021 11:12:55 AM UTC
rudder:~ # 

Best regards
Alex

[1] https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
[2] https://packages.cloud.google.com/yum/doc/yum-key.gpg
[3] https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

No data to display

Actions

Also available in: Atom PDF