Package Source Repo GPG Key Broken?

We've recently run into errors when attempting to set up the repository for Ubuntu following the directions here: https://docs.chef.io/packages/

When running apt update after adding the source and the key, we receive the following error on 18.04.5 Ubuntu Bionic which prevents us from booting machines:

E: The repository 'https://packages.chef.io/repos/apt/stable bionic Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

The key listed in apt-key list does not show an expiration date, we are unsure why this repo has stopped working. Can you please help us with this? Our only work around at this time is to add the [trusted=yes] flag to the repo source destination which is not something we feel comfortable doing long term.

Has anyone else run into these issues and found a solution? Hoping we aren't an isolated case somehow and something else is badly broken somewhere else in the chain.

2 Likes

We are also getting this.

Confirm, see the same issue, there's no release.gpg file to be had, I suppose someone at Chef needs to fix it on the serverside.

$ curl https://packages.chef.io/repos/apt/stable/dists/{trusty,xenial,bionic,focal}/Release.gpg
{
"errors" : [ {
"status" : 404,
"message" : "File not found."
} ]
}{
"errors" : [ {
"status" : 404,
"message" : "File not found."
} ]
}{
"errors" : [ {
"status" : 404,
"message" : "File not found."
} ]
}{
"errors" : [ {
"status" : 404,
"message" : "File not found."
} ]
}

@tas50 You published a Release Announcement of Chef Infra client 16.6.14 on the 15th Oct. Could anything in release procedure have gone wrong that omitted the creation of signatures?

Seems to be working again, thanks!

1 Like