Silverblue rawhide update: GPG issue

error: Commit 5bd7af02e76ad659bfbdb19f7061a97dadf2b187ed3814ee76e307bf056d859c: GPG signatures found, but none are in trusted keyring

I’ve been on rawhide through multiple updates. Has the gpg signature changed?

My recollection is that you need a key for Fedora 30 and have to run an ostree command to activate it. I’m not booted in Silverblue at the moment so I can’t track down the details. You might try searching this forum for “ostree GPG”.

Right … thanks. I’ve been on Fedora 30 and have gone through multiple updates. I installed the key when I rebased from 29 to rawhide.

The issue for me now is that the current commit has a key that isn’t trusted by my system I guess?

They just added the f31 key to the fedora-repos package so you’ll need to make sure you have the newer version of that rpm installed before you can rebase to rawhide. https://bodhi.fedoraproject.org/updates/?packages=fedora-repos

Also now we can specify the directory and not just the specific key so you don’t have to update the remote for each new fedora release. So set gpgkeypath=/etc/pki/rpm-gpg/ in your file within /etc/ostree/remotes.d/ .

please see Fedora 30 / branching / remotes?.

the SRPM can be found here: https://koji.fedoraproject.org/koji/buildinfo?buildID=1212056

rawhide updates are now working for me.

I took a somewhat more convoluted approach to this, but it still worked.

I popped open my f29 fedora-toolbox container and did an update, which gave me the F31 key there. Then I copied it back to my home directory, left the container, and copied to /etc/pki/rpm-gpg. I also had to create a symlink from RPM-GPG-KEY-31-fedora to RPM-GPG-KEY-fedora-31-x86_64.

After that, rpm-ostree upgrade worked.