Why This Change Puppet sets its package signing keys to expire on a set schedule for good security practices. Summary
On November 2, 2020, Puppet Release Engineering will start signing Puppet Platform and Puppet Enterprise packages with an updated GPG key. This is an explanation of how various existing users will be affected by this change and what actions they will need to take. FOSS users can update their release packages and import the new GPG key now so that when the GPG key changes, they will not see any problems installing software. Puppet Enterprise Users Puppet Enterprise users do not need to take any specific action, the GPG change will be handled inside the PE installer. FOSS Users Puppet Release Engineering updated the yum and apt release packages to contain both the new key and the current key just before June 3, 2020. If you have installed or updated the release package since that date you should already have the new key. SLES users, however, need to take an additional step: SLES Users SLES users need to take these steps. (Replace "puppet-release" with "puppet5-release" or "puppet6-release" if you are using those packages) 1. Download the updated GPG key: $ curl --remote-name --location https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 2. Import the updated GPG key: $ sudo rpm --import RPM-GPG-KEY-puppet-20250406 3. Update the SLES puppet-release package $ zypper update puppet-release All Other FOSS users All other FOSS users need only upgrade to the latest puppet-release package. (Replace "puppet-release" with "puppet5-release" or "puppet6-release" if you are using those packages) For the apt users: $ sudo apt-get upgrade puppet-release For the yum users: $ sudo yum update puppet-release Further Notes Puppet GPG signing key, 2020 edition <https://puppet.com/blog/updated-puppet-gpg-signing-key-2020-edition> contains this and some more information about updating the GPG key using Puppet. Eric Griswold Puppet Release Engineering -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/111a5a12-db70-424a-bd3f-1f46810e96c1n%40googlegroups.com.
