Description of problem: Copying my comment from https://gerrit.ovirt.org/c/otopi/+/112980 : If/when we have some time, will be useful to improve this patch to also do a full test - generate keypair, import it to rpm db, sign the packages, install, then remove the packages, remove the key from rpm db (but make it available in the repo in gpgkey), try again to install and see that otopi prompts, asking to import the key (and provide an answer in the answerfile, if needed, to accept). To clarify - this isn't an RFE for otopi itself, it's just for CI.
This is a CodeChange. Also without the patch, it was possible to do e.g.: otopi ODEBUG/packagesAction=str:install ODEBUG/packages=str:somepackage Where somepackage is a signed package available from some repo having gpgkey pointing to a key not yet imported to the rpm db. otopi correctly prompts confirming importing of the key. I also merged a patch allowing providing an answer to this confirmation, e.g.: otopi QUESTION/1/DIALOG_CONFIRM/GPG_KEY=str:yes ODEBUG/packagesAction=str:install ODEBUG/packages=str:somepackage For a complete demonstration you can see the linked patch.