Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Switch to sequoia for codecov signature check
GnuPG in F39 seems to use keyboxd and as a consequence, keyring choice
on import seems to be ignored:
+ gpg --no-default-keyring --keyring trustedkeys.gpg --import ci/codecov-keys.asc
gpg: directory '/home/gitlab-runner/.gnupg' created
gpg: /home/gitlab-runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
+ curl -Os https://uploader.codecov.io/latest/linux/codecov
+ curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
+ curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig
+ gpgv codecov.SHA256SUM.sig codecov.SHA256SUM
gpgv: unknown type of key resource 'trustedkeys.kbx'
gpgv: keyblock resource '/home/gitlab-runner/.gnupg/trustedkeys.kbx': General error
gpgv: Signature made Thu Oct 19 19:59:46 2023 UTC
gpgv: using RSA key 27034E7FDB850E0BBC2C62FF806BB28AED779869
gpgv: Can't check signature: No public key
The actual key got imported into default keyring, disregarding
"--no-default-keyring --keyring trustedkeys.gpg".
Instead of fighting with GnuPG bug, switch to Sequoia, which is a good
idea anyway.
(cherry picked from commit 5bf2b11)- Loading branch information
