Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not valid GPG sign at every update #645

Open
SamuXzX opened this issue Feb 12, 2025 · 4 comments
Open

Not valid GPG sign at every update #645

SamuXzX opened this issue Feb 12, 2025 · 4 comments
Labels
bug Something isn't working question Further information is requested

Comments

@SamuXzX
Copy link

SamuXzX commented Feb 12, 2025
edited
Loading

Description

At every update of my system, I encounter an error related to the native part of FirefoxPWA: the GPG sign is not valid:

È stata trovata una firma GPG non valida:

/var/cache/PackageKit/41/metadata/firefoxpwa-41-x86_64/packages/firefoxpwa-2.14.0-1.x86_64.rpm could not be verified.
/var/cache/PackageKit/41/metadata/firefoxpwa-41-x86_64/packages/firefoxpwa-2.14.0-1.x86_64.rpm:  digest:  SIGNATURE:  NON OK

This is the error from Discover in KDE Plasma.
This time is for the new version (as I'm currently on 2.13.3), which lets me think my package manager finds the new versions, tries to install them but every time the GPG sign is not valid. I updated this package at least four times since I started using FirefoxPWA: every time Discover tried to update various packages, but among them there would be firefoxpwa, which would block the update.

I install the native package via packagecloud.io's RPM for Fedora, and every time I follow the same instructions: I import the GPG sign, I enable the repository, I update DNF caches and I install ("update") the firefoxpwa package. Is there something I don't get, like the GPG sign having to change at every update?
The other issue about the GPG key (#574) has been closed by suggesting to re-add the repository: this is what I do every time, but I suppose I should not be fixing it like this at every update.

Steps to Reproduce

  1. Import GPG key: sudo rpm --import https://packagecloud.io/filips/FirefoxPWA/gpgkey
  2. Enable repository: echo -e "[firefoxpwa]\nname=FirefoxPWA\nmetadata_expire=300\nbaseurl=https://packagecloud.io/filips/FirefoxPWA/rpm_any/rpm_any/\$basearch\ngpgkey=https://packagecloud.io/filips/FirefoxPWA/gpgkey\nrepo_gpgcheck=1\ngpgcheck=0\nenabled=1" | sudo tee /etc/yum.repos.d/firefoxpwa.repo
  3. Update DNF caches: sudo dnf -q makecache -y --disablerepo="*" --enablerepo="firefoxpwa"
  4. Install the package: sudo dnf install firefoxpwa
  5. Wait for an update of the package
  6. Try to update everything at once with Discover

Environment

  • Operating system: Fedora KDE 41
  • System architecture: x86
  • Desktop environment:KDE Plasma 6.2.5 (KDE Frameworks 6.10.0, Qt 6.8.2)
  • Installation method: Fedora RPM from packagecloud.io (https://packagecloud.io/filips/FirefoxPWA#dnf-based-distributions-fedora)
  • FirefoxPWA Extension version: 2.13.3
  • FirefoxPWA Native version: 2.13.3
  • FirefoxPWA Runtime version: 135.0
  • FirefoxPWA Firefox version: 135.0
@SamuXzX SamuXzX added the bug Something isn't working label Feb 12, 2025
@filips123
Copy link
Owner

I'm not sure why this happens. Can you please check if following these instructions fixes the issue? In those instructions, you should use rpm_any/rpm_any instead of el/6.

@filips123 filips123 added the question Further information is requested label Feb 15, 2025
@SamuXzX
Copy link
Author

SamuXzX commented Feb 17, 2025

I'm trying to follow the instruction but I'm not sure how to add the EPEL repository to download the pygpgme and yum-utils packages: in this page there's no hint for "Fedora", and as far as I understand the EPEL repository is in fact for RHEL and CentOS; at the same time, I cannot find pygpgme and yum-utils, which could mean I need EPEL.

@filips123
Copy link
Owner

I think that those packages are only needed for RHEL... Try to just add the repository config file.

@SamuXzX
Copy link
Author

SamuXzX commented Feb 19, 2025

I followed the instructions (created the new .repo file and update yum's caches, and this is the output:

Importing OpenPGP key 0x64487E24:
 UserID     : "https://packagecloud.io/filips/FirefoxPWA (https://packagecloud.io/docs#gpg_signing) <support@packagecloud.io>"
 Fingerprint: 1A3D51F7261CFDB3F12F7A59560C3C6E64487E24
 From       : https://packagecloud.io/filips/FirefoxPWA/gpgkey
The key was successfully imported.
Metadata cache created.

But the same problem appeared:

<html>È stata trovata una firma GPG non valida:<br/><br/>/var/cache/PackageKit/41/metadata/firefoxpwa-41-x86_64/packages/firefoxpwa-2.14.1-1.x86_64.rpm could not be verified.
/var/cache/PackageKit/41/metadata/firefoxpwa-41-x86_64/packages/firefoxpwa-2.14.1-1.x86_64.rpm:  digest:  SIGNATURE:  NON OK</html>

I asked Discover to refresh the updates, and I tried removing the old firefoxpwa.repo file from the /etc/yum.repos.d folder and recreated the cache again, but it didn't work.

Now that I keep trying to update, the same problem arises for Teamviewer and the one about FirefoxPWA is not appearing, making me think that it actually got solved but Discover didn't properly refresh the updates.
I still see the FirefoxPWA package among the updates:

Image

But this could just mean that Discover does not update all those packages until the signature for each of them is checked.

I'll try again after a reboot and check if I can solve the Teamviewer issue so that it does not mess with our issue. Additionally, even if this solution works, maybe we will have to wait two updates, as my issue is that fixing the signature to do one update does not fix it for the following ones and the problem comes back.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@filips123 @SamuXzX