Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Expired signing key #222

Closed
abstractionfactory opened this issue Nov 15, 2024 · 4 comments
Closed

[BUG] Expired signing key #222

abstractionfactory opened this issue Nov 15, 2024 · 4 comments
Assignees
Labels
bug Something isn't working untriaged

Comments

@abstractionfactory
Copy link

What is the bug?

The GPG signing key for this provider expired in February. Using an expired signing key may cause signatures to be rejected as the signature verification in OpenTofu/Terraform develops.

How can one reproduce the bug?

Import the key submitted in opentofu/registry#1296, which matches your latest release, into GPG and list the keys.

What is the expected behavior?

The releases should be signed with a non-expired key.

What is your host/environment?

N/A

Do you have any screenshots?

image

Do you have any additional context?

opentofu/registry#1296
#221

@prudhvigodithi
Copy link
Member

Coming from #173 (comment) a new key was added on Apr 2nd 2024, let me take a look and see whats happening.

@prudhvigodithi prudhvigodithi self-assigned this Nov 15, 2024
@prudhvigodithi
Copy link
Member

I see whats happening, the key was renewed by was not submitted to the hashicorp gpg-keys keys, hence curl 'https://registry.terraform.io/v1/providers/opensearch-project/opensearch/2.3.1/download/linux/amd64' | jq --raw-output '.signing_keys | .gpg_public_keys | .[0] | .ascii_armor' shows old key.

@prudhvigodithi
Copy link
Member

Hey @abstractionfactory I have updated the public key in opentofu/registry#1296.
Thank you

@abstractionfactory
Copy link
Author

Thank you for your work @prudhvigodithi ! I would make sure that the Terraform Registry also has an updated key, not sure how they treat expired keys.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working untriaged
Projects
Status: ✅ Done
Development

No branches or pull requests

2 participants