Error on update RHEL8 - repomd.xml GPG signature

Hi all.
This is my first post here, so hope this is correct here.
I try to update my gitlab, running on RockyLinux (RHEL 8) via dnf update / yum update.
I had installed it some time ago and it already worked for me well, but this time I got:

Error: Failed to download metadata for repo 'gitlab_gitlab-ce': repomd.xml GPG signature verification error: Bad GPG signature

So I googled and found similar issues, but none of the solutions solved my problem. I tried to remove the yum.repos.d entry and run

curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

and I sudo gitlab-ctl reconfigure as this is mentioned on trouble shooting page (Troubleshooting Omnibus GitLab installation issues | GitLab)

and I also tried this one because it was mentioned there
but still I have this issue. My GitLab version is 14.7
I hope someone can help or give a hint.
Thanks a lot.

There was a brief period on 2022-03-2 where GitLab’s package signing key had expired, which affected upgrades and new installations of GitLab and GitLab Runner. We’ve since extended the expiry of the affected key, but as you’re still experiencing problems, you’ll need to take an additional step.

Please follow the instructions here to update the GPG keys used to sign GitLab Linux packages on your system. As you’re using the yum package manager, you’ll want to follow the instructions for RPM based distributions there. I’ve copied and pasted the steps you’ll want to take to resolve this issue here for convenience.

  1. Remove any existing key from the repository keyrings:

     for pubring in /var/cache/dnf/gitlab_gitlab-?e-*/pubring
     do
       gpg --homedir $pubring --delete-key F6403F6544A38863DAA0B6E03F01618A51312F3F
     done
    
  2. Update the repository data/cache, which asks you to confirm keys:

     dnf check-update
    
  3. Download the new key and import it

    # Download the new key
    curl "https://gitlab-org.gitlab.io/omnibus-gitlab/gitlab_new_gpg.key" -o /tmp/omnibus_gitlab_gpg.key
    # Import it to YUM/DNF
    sudo rpm --import /tmp/omnibus_gitlab_gpg.key
    

Let me know if this resolves the issue for you, and please don’t hesitate to ask if you have any questions or concerns.

For more information and context on the GPG key issue, see: https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6701.

5 Likes

Greg, you saved my day, thanks a lot.

5 Likes

this worked for me on the gitlab_gitlab-ce repo, but I’m still getting
“Error: Failed to download metadata for repo ‘runner_gitlab-runner’: repomd.xml GPG signature verification error: Bad GPG signature” for the runner_gitlab-runner repo.

Any suggestions?

You’ll probably want to clear out the cache.

Try

sudo dnf clean all
sudo rm -f /var/cache/dnf/*gitlab*
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh" | sudo bash
sudo dnf check-updates
2 Likes

still not working…

# curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh" | sudo bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  6976  100  6976    0     0  41772      0 --:--:-- --:--:-- --:--:-- 41772
Detected operating system as rhel/8.
Checking for curl...
Detected curl...
Downloading repository file: https://packages.gitlab.com/install/repositories/runner/gitlab-runner/config_file.repo?os=rhel&dist=8&source=script
done.
Installing yum-utils...
Updating Subscription Management repositories.
EPEL-8                                                                                                                                                                           121 kB/s | 3.1 kB     00:00
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)                                                                                                                         105 kB/s | 2.8 kB     00:00
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)                                                                                                                             71 kB/s | 2.4 kB     00:00
Red Hat Enterprise Linux 8 for x86_64 - Supplementary (RPMs)                                                                                                                      82 kB/s | 2.1 kB     00:00
runner_gitlab-runner-source                                                                                                                                                      1.4 kB/s | 862  B     00:00
runner_gitlab-runner-source                                                                                                                                                       11 kB/s | 3.1 kB     00:00
runner_gitlab-runner-source                                                                                                                                                       14 kB/s | 3.1 kB     00:00
runner_gitlab-runner-source                                                                                                                                                      1.1 kB/s | 862  B     00:00
Error: Failed to download metadata for repo 'runner_gitlab-runner-source': repomd.xml GPG signature verification error: Bad GPG signature
Generating yum cache for runner_gitlab-runner...
Error: Failed to download metadata for repo 'runner_gitlab-runner': repomd.xml GPG signature verification error: Bad GPG signature
Generating yum cache for runner_gitlab-runner-source...
Error: Failed to download metadata for repo 'runner_gitlab-runner-source': repomd.xml GPG signature verification error: Bad GPG signature

The repository is setup! You can now install packages.

1 Like

ah, I needed to change the first two lines of your suggestion, and then it worked.

sudo dnf clean all
sudo rm -rf /var/cache/dnf/*gitlab*

Thanks so much for pointing me in the right direction.

2 Likes