Description of problem:
I am using Centos 8, but I assume that makes this valid for RHEL 8.
Firefox 69 flatpak from Fedora flatpak OCI worked, but when I try to update to 70 I get "Can't pull from untrusted non-gpg verified remote"
Version-Release number of selected component (if applicable):
Please see my report, the package maintainer suggested I make a bug report here:
I originally added the repo with flatpak remote-add --if-not-exists fedora oci+https://registry.fedoraproject.org
This is the output from the terminal when I try to update:
Looking for updates...
Installing in system:
org.freedesktop.Platform.openh264/x86_64/19.08 flathub 563e6c1a7173
Updating in system:
org.mozilla.Firefox/x86_64/stable fedora 445138d3b3fb
Is this ok [y/n]: y
Updating: org.mozilla.Firefox/x86_64/stable from fedora
Error: Failed to update org.mozilla.Firefox/x86_64/stable: Can't pull from untrusted non-gpg verified remote
Installing: org.freedesktop.Platform.openh264/x86_64/19.08 from flathub
Warning: Failed to install org.freedesktop.Platform.openh264/x86_64/19.08: runtime/org.freedesktop.Platform.openh264/x86_64/19.08 needs a later flatpak version (1.4.2;1.2.5;1.0.9;)
error: There were one or more errors
The other error message clearly states that you need a more recent flatpak version.
(In reply to David King from comment #1)
> The other error message clearly states that you need a more recent flatpak
That is unrelated. It said that when I installed FF69 and worked fine. This bug report relates to "Can't pull from untrusted non-gpg verified remote"
Gnome Software just tried to update Firefox, it claimed it was successfully updated, and then gave the exact same "Can't pull from untrusted non-gpg verified remote" error. It was not updated and remains in the list of software that has updates.
Owen, do you know if we are missing an OCI patch for rhel 8.1.0 flatpak builds? I feel like we've had this error in Fedora as well in the past and you fixed it.
Looks like https://email@example.com/message/XV76QSHKUEKWQBZYPAMHJEIUSU26IQ5C/ - we patched it in 1.2.4-X for Fedora, and it was fixed in 1.4 upstream - so, yes, it wouldn't be fixed in the 8.1.0 1.0.6 unless we added a patch.
Installing from https://firefox-flatpak.mojefedora.cz/ would be one workaround - this problem only occurs for OCI remotes, like the Fedora Flatpak remote.