Created attachment 1815579 [details] Insights-client log Description of problem: When applying a remediation, the playbook signature verification fails. From receptor log: """ receptor[1057]: Playbook Verification has started receptor[1057]: gpg returned a non-zero error code: 1 receptor[1057]: SIGNATURE NOT VALID: Template [name: Block sudoedit with systemtap] has invalid signature', aborting. """ Attached also insights-client log. Version-Release number of selected component (if applicable): Satellite 6.10.0 snap 14 on RHEL 7.9 insights-client 3.1.5 insights-core 3.0.235-1 How reproducible: Always Steps to Reproduce: 1. Configure cloud connector, have a remediable host and inventory uploaded 2. On CRC, create a remediation 3. Attempt to apply that remediation OR: 1. Download a remediation playbook from CRC 2. insights-client --module insights.client.apps.ansible.playbook_verifier < playbook.yml Actual results: Signature validation fails due to an invalid signature Expected results: Successful remediation/signature validation Additional info: After discussion with Alec Cohan, this seems to be because the verification code is meant for RHEL8+. When I tried to run the signature validation on a RHEL 8.3 system, the validation passed.
Just to make things clear, this is completely dependent on insights-client. Does it make sense to block the beta on something that can't even be updated by us as the update is delivered out of band?
Verified with Sat 6.10.0 snap 20.0. Playbook verification now passes for a remediation with correct certs and the playbook is run on the host.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Satellite 6.10 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:4702