Reputation: 45521
Artifactory not generating InRelease file for Debian repositories
Artifactory Cloud is not generating Inrelease file or Release.gpg file for Debian repositories. Thus not allowing repository metadata signing.
I have uploaded a private/public gpg file to Artifactory settings, yet no signing is taking place in the repos.
Upvotes: 4
Views: 2983
Answers (3)
Reputation: 241
If you want the gpg key not to be used, you can use the following command:
deb [trusted=yes] https://ARTIFACTORY-URL/virtual-deb-repo focal main
Upvotes: 0
Reputation: 195
What worked for me was to define a passphrase when defining gpg keys.
You can add a passphrase when you are uploading keys through UI:
or, as in my case, with help of Terraform JFrog provider:
resource "artifactory_keypair" "some-keypair6543461672124900137" {
pair_name = "some-keypair6543461672124900137"
pair_type = "RSA"
alias = "foo-alias6543461672124900137"
private_key = file("samples/rsa.priv")
public_key = file("samples/rsa.pub")
passphrase = "your-super-secret-passphrase"
lifecycle {
ignore_changes = [
private_key,
passphrase,
]
}
}
The gpg key was genereted with gpg --gen-key command.
After uploading the key with a passhrase and hitting Recalculate Index the InRelease and Release.gpg were created by Artifactory.
Upvotes: 0
Reputation: 550
TL;DR: Try using gpg --full-generate-key and manually specify a 2048-bit key.
I had this same issue, and just worked through it with jfrog support. I was creating key pairs using gpg, which defaults to 3072-bit keys. It appears that at least some versions of artifactory will silently fail to handle these keys. Once I used gpg --full-generate-key and manually specified a 2048-bit key, my key was recognized, and the InRelease and Release.gpg files were created (after recalculating the index).
If you go to Application | Artifactory | Artifacts and click on the top level folder, you should see an information panel like this:
When I was using 3072-bit keys, the final line "Signing Key" did not appear. This is despite the "Verification" process in the admin panel claiming that the key and passphrase were successfully verified.
Upvotes: 1
Related Questions
- Unable to download debian file immediately after uploading to Artifactory via curl
- Artifactory: How to upload directory (contain debian packages) to local repo via curl command
- Artifactory 404 error on pulling package from remote
- Remote repository on Artifactory can not download artifact when it's not in the cache
- Artifactory Debian repository reports "does not have a Release file"
- Artifactory not listing all repositories in settings generation
- Artifactory - Generic Repo: Archive download failing
- Artifactory NuGet install not getting latest package version
- Artifactory remote repository not up-to-date
- Artifactory simple repo artifact resolution undocumented