ERROR: Why gpg works fine with test and fails with aptly?

[fradobhalla]

frado8@comp:/home/frado/work/comp/product_g$ export [email protected] frado8@comp:/home/frado/work/comp/product_g$ export DEBFULLNAME='Bhalla Frado' frado8@comp:/home/frado/work/comp/product_g$ gpg -K /home/frado8/.gnupg/pubring.gpg

sec rsa3072 2022-09-28 [SC] 0FA2D236135EA1B5849E4B6306CA7B9D3DB2353D uid [ unknown] Bhalla Frado [email protected] ssb rsa3072 2022-09-28 [E]

frado8@comp:/home/frado/work/comp/product_g$ echo test | gpg --clearsign gpg: using "[email protected]" as default secret key for signing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

test -----BEGIN PGP SIGNATURE-----

iQHHBAEBCgAxFiEED6LSNhNeobWEnktjBsp7nT2yNT0FAmM7bGQTHGVpdmFub3Zh QGxhYjUwLm5ldAAKCRAGynudPbI1PU1zC/9noPGpTNurf0R05qd+Q/MDe49/GG5L gP6RXetUy6e7BIEWkDlUdcYq7iqik3SPUUtyZspNGnG7xf+QyTx37+SXnLkMYh8p sC3bIoCkAe/GKIDRnuAcsYDEHC7iDiNBzjuzgjCgcYJgiJvtedzhcJwP6Zxdgeac 4cjxGhg3qPvmISNA0kEEX7qxMq3z1Ma858QDPtTNq8rp4zsJukVczoGaKXwswnLC SYR8Sn6ZzadrZ0xu0i7HPF8XG8bXfzCAWL25cfikro2XaYs2/hXsJ8Zw6OKfNy0L EX4DnfxaAyiZJbYrhWM/c5LcQNa7NAZE6/eGf9Hug6J/9DxaUViET15TxkrIDA8O W84TBajvaI6zKMUhM1s8wYfE7qXX6CPjpfCXrr2oBONV/ihIlvK6CGA4/DUyAJdn F4OxyyvRoopHrUGwaPQS9r3MNRqh58eZQkX6EZjTZlfEWvx1uz7gVTGGjKRAiPTl 6CZVqCx+Wy1aMXY+qaMYJCvDRm1cnVwLp7Q= =y0fs -----END PGP SIGNATURE----- frado8@comp:/home/frado/work/comp/product_g$ aptly -architectures=all publish repo product-bullseye Warning: publishing from empty source, architectures list should be complete, it can't be changed after publishing (use -architectures flag) Loading packages... Generating metadata files and linking package files... Finalizing metadata files... Signing file 'Release' with gpg, please enter your passphrase when prompted: gpg: no default secret key: secret key not available gpg: signing failed: secret key not available ERROR: unable to publish: unable to detached sign file: exit status 2

My Environment

lsb_release -a No LSB modules are available. Distributor ID: Neon Description: KDE neon User - 5.25 Release: 20.04 Codename: focal

aptly is downloaded, unarchived and added to $PATH Why gpg works fine with test and fails with aptly?

[r4co0n]

Similar to what is noted in issue #1138, you should be fine as long as you point aptly to the correct keyring containing your secret key used for signing.

Try: aptly publish [repo|snapshot|switch] -secret-keyring <secret-keyring> [...] and replace <secret-keyring> with the path to the keyring you used in your first, successful signature command. For good measure, you might also want to specify the fingerprint of the private-key you want to sign with using -gpg-key <secret-fingerprint> .