Silverblue rawhide update: GPG issue

error: Commit 5bd7af02e76ad659bfbdb19f7061a97dadf2b187ed3814ee76e307bf056d859c: GPG signatures found, but none are in trusted keyring

I’ve been on rawhide through multiple updates. Has the gpg signature changed?

My recollection is that you need a key for Fedora 30 and have to run an ostree command to activate it. I’m not booted in Silverblue at the moment so I can’t track down the details. You might try searching this forum for “ostree GPG”.

Right … thanks. I’ve been on Fedora 30 and have gone through multiple updates. I installed the key when I rebased from 29 to rawhide.

The issue for me now is that the current commit has a key that isn’t trusted by my system I guess?

They just added the f31 key to the fedora-repos package so you’ll need to make sure you have the newer version of that rpm installed before you can rebase to rawhide.

Also now we can specify the directory and not just the specific key so you don’t have to update the remote for each new fedora release. So set gpgkeypath=/etc/pki/rpm-gpg/ in your file within /etc/ostree/remotes.d/ .

please see Fedora 30 / branching / remotes?.

the SRPM can be found here:

rawhide updates are now working for me.

I took a somewhat more convoluted approach to this, but it still worked.

I popped open my f29 fedora-toolbox container and did an update, which gave me the F31 key there. Then I copied it back to my home directory, left the container, and copied to /etc/pki/rpm-gpg. I also had to create a symlink from RPM-GPG-KEY-31-fedora to RPM-GPG-KEY-fedora-31-x86_64.

After that, rpm-ostree upgrade worked.