Package Details: etcd 3.3.3-1

Git Clone URL: https://aur.archlinux.org/etcd.git (read-only)
Package Base: etcd
Description: A highly-available key value store for shared configuration and service discovery.
Upstream URL: https://github.com/coreos/etcd
Licenses: Apache
Submitter: xeross
Maintainer: andrewSC
Last Packager: andrewSC
Votes: 26
Popularity: 0.123186
First Submitted: 2013-10-02 12:54
Last Updated: 2018-03-29 22:04

Latest Comments

galaux commented on 2018-02-25 17:41

Adding keyserver-options auto-key-retrieve to ~/.gnupg/gpg.conf enables makepkg to use the validpgpkeys provided in the PKGBUILD so that it can check the signature is the valid regarding the key specified by the packager.

jolan commented on 2018-02-25 17:31

I can reproduce what clofresh was referring to:

==> Verifying source file signatures with gpg...
    etcd-3.3.1.tar.gz ... FAILED (unknown public key F804F4137EF48FD3)
==> ERROR: One or more PGP signatures could not be verified!

Maybe just add a pinned comment about how to retrieve it?

andrewSC commented on 2018-02-12 22:13

clofresh: Not sure I'm following. Where are you seeing a message about a missing key?

clofresh commented on 2018-02-09 17:23

FYI the missing key is CoreOS's app signing key https://coreos.com/security/app-signing-key/

galaux commented on 2017-12-06 21:31

I finally came to the conclusion I do not have enough time to take care of this package. Orphaning. Sorry for the late realisation. Hopefully some good fellow will step up… :)

galaux commented on 2017-09-14 13:21

You could but adding `keyserver-options auto-key-retrieve` to `~/.gnupg/gpg.conf` enables `makepkg` to use the `validpgpkeys` provided in the PKGBUILD so that you can check the key is the one specified by the packager rather than having to pick one up by yourself.

imriss commented on 2017-09-14 12:43

To get the missing public key, you can use:
gpg --keyserver hkp://keys.gnupg.net/ --recv-key F804F4137EF48FD3

galaux commented on 2017-09-13 18:40

Updated. Sorry for the delay. Feel free to drop an email if I happen to miss updates.

monotykamary commented on 2017-09-09 01:05

I don't understand. I can bump the version locally and change the hashsums in literally under 20 seconds, yet there has been no attempt to update this package from either maintainers.

bastelfreak commented on 2017-08-12 21:24

Hi,
I created a patch for 3.2.5 https://p.bastelfreak.de/sDqO/

* bump version
* verify gpg signature
* switch to sha512sum
* use proper quotes to prevent globbing

All comments