0

I am trying to verify the signature of a CLI I am trying to install into a GitHub action.

 steps:
    - uses: actions/checkout@v3

    - name: Download SnowSQL
      run: curl -O https://sfc-repo.snowflakecomputing.com/snowsql/bootstrap/1.2/linux_x86_64/snowsql-1.2.24-linux_x86_64.bash

    - name: Download GPG public key
      run: curl -O https://sfc-repo.snowflakecomputing.com/snowsql/bootstrap/1.2/linux_x86_64/snowsql-1.2.24-linux_x86_64.bash.sig

    - name: Print content
      run: ls

    - name: Verify the package signature
      run: gpg --verify snowsql-1.2.24-linux_x86_64.bash.sig snowsql-1.2.24-linux_x86_64.bash

When doing so I am getting an error.

gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: Signature made Thu Oct 20 18:31:13 2022 UTC
gpg:                using RSA key 630D9F3CAB551AF3
gpg: Can't check signature: No public key

I added the ls to see if both files are there and they do show up in the path. Output from ls:

README.md
snowsql-1.2.24-linux_x86_64.bash
snowsql-1.2.24-linux_x86_64.bash.sig

Any idea on what causes this and how it can be fixed?

SomeDutchGuy
  • 2,249
  • 4
  • 16
  • 42
  • Relevant: [SnowSQL: Verifying the Package Signature](https://docs.snowflake.com/en/user-guide/snowsql-install-config#verifying-the-package-signature) – Azeem Feb 26 '23 at 12:24
  • After adding the public key with `gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 630D9F3CAB551AF3`, the rest should work fine. – Azeem Feb 26 '23 at 12:25
  • 1
    @Azeem that indeed fixed the issue. – SomeDutchGuy Feb 26 '23 at 12:33

0 Answers0