This morning I published a new tag as usal, the goreleaser finished successfully, with the github release and assets created succesfully, together with the checksum and checksum signature. When I go to the registry page, it says:
The key is not expired actually. I recall I’ve met this issue months ago, and I have to delete the Github release and re-run the goreleaser action again, which somehow resolves the issue. But I’d like to understand what’s going wrong this time…
But maybe check with Hashicorp. Publish providers to the Terraform registry | Terraform | HashiCorp Developer has some details on the registry, and an email address to contact. Maybe you could try re-uploading your public key in their portal too? If nothing else, if there’s an error importing it, it might give you some additional information.
I’ve made a new release v0.19.1 for my provider days ago, the sync job still failed for the same reason. I don’t think it makes sense to change a GPG key in this case, that makes the users have to identify which public key to use to verify which release of this provider. Doesn’t make sense to me.
They recently started respecting expiry dates, which may be rolled back soon
In my case, the sbind on my subkey had expired, but I updated the key and uploaded the change to several key servers. They didn’t know about this, which makes sense now. Hashicorp’s team was very helpful and got us back up and running. I highly recommend sending an email to terraform-registry@hashicorp.com, it was a very positive experience.
