Description of problem:
If we use rpm.RPMTRANS_FLAG_TEST in DNF then we can successfully import gpg key (result = self._ts.pgpImportPubkey(misc.procgpgkey(info.raw_key))), but key is not available for consequent package verification. This behavior is critical for "dnf system-upgrade download --releasever=<n+1>".
Here is dnf code where we use it with work around:
Version-Release number of selected component (if applicable):
Everytime - use dnf with --setopt=tsflags=test for transaction that requires import of gpg key. Key is imported but package verification fails.
Steps to Reproduce:
1. Remove gpg key required for mashine
2. Run "dnf install --setopt=tsflags=test <package>"
3. Transaction fails due failed gpg verification
Transaction fails due failed gpg verification
RPMTRANS_FLAG_TEST allows you to test whether importing a key would work or not - in other words this is an intentional feature.
If you need to ensure import then you need to set the flags accordingly.
Thanks Panu :-)
I created a pull-request that should help (https://github.com/rpm-software-management/dnf/pull/847)
dnf-2.6.3-1.fc26 dnf-plugins-extras-2.0.2-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-4813633f96
dnf-2.6.3-1.fc26, dnf-plugins-extras-2.0.2-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-4813633f96
dnf-2.6.3-1.fc26, dnf-plugins-extras-2.0.2-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.