If it complains about missing key:
==> Verifying source file signatures with gpg...
spotify-1.1.72.439-3-Release ... FAILED (unknown public key 5E3C45D7B312C643)
==> ERROR: One or more PGP signatures could not be verified!
:: Unable to build spotify - makepkg exited with code: 1
Run the curl command given in the PKGBUILD file on line 41:
# Import key with:
# curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --import -
validpgpkeys=('F9A211976ED662F00E59361E5E3C45D7B312C643') # Spotify Public Repository Signing Key <tux@spotify.com>
Pinned Comments
imp0 commented on 2020-11-01 15:43 (UTC) (edited on 2020-11-01 15:53 (UTC) by imp0)
If no keyserver is specified, GnuPG uses hkps://hkps.pool.sks-keyservers.net.
Unfortunately, at this time, almost no servers in that pool are active.
Update the gpg configuration in your build environment to use a different (pool of) keyserver(s).