Issue publishing a provider Error: "unable to verify signature: openpgp: signature made by unknown entity"

jeremyh · August 25, 2021, 8:40pm

While attempting to publish a new provider (Release v0.1.0 · splunk/terraform-provider-synthetics · GitHub) I’m getting an error message in the registry.terraform.io page for my provider stating:
Could not find all platform assets for this release yet (0.1.0) — 6 minutes ago

unable to verify signature: openpgp: signature made by unknown entity

I followed the publishing guide to create my GPG key and get it setup in github and the terraform registry: Terraform Registry - Publishing Providers - Terraform by HashiCorp

I’ve seen this message: Terraform Updates for HCSEC-2021-12
But I’m using SDK V2 v2.7.0 so I dont think that is the issue?

Any clues as to what the issue might be and how to best address it?

erebuslost · August 27, 2021, 3:59pm

I pulled down the sigfile for the 0.1.0 release of that provider, and it looks like it was signed by a key with the fingerprint EE1BA253F32A50C0, when you go into your settings in the registry, under the splunk namespace is that fingerprint listed?

jeremyh · August 31, 2021, 5:56pm

Thanks! Yeah after more sleuthing I found that I need to work with someone on the Hashi side to get the key info into the correct namespace.

Really appreciate your response also! Many thanks!

mvisonneau · September 1, 2021, 11:05am

I am facing a similar, issue. @jeremyh, do you know what the procedure is in order to get in touch with them?

jeremyh · September 1, 2021, 2:26pm

best bet is probably trying to email terraform-registry@hashicorp.com
Here’s hoping!