tests: Migrate off gpg2 and regenerate key ed25519

vvoland · vvoland · commit 6f81be1b60c9 · 2026-05-06T12:58:53.000+02:00
Signed-off-by: Paweł Gronowski &lt;pawel.gronowski@docker.com&gt;
diff --git a/tests/Dockerfile b/tests/Dockerfile
@@ -4,7 +4,7 @@ ARG PYTHON_VERSION=3.12
 FROM python:${PYTHON_VERSION}
 
 RUN apt-get update && apt-get -y install --no-install-recommends \
-    gnupg2 \
+    gnupg \
     pass
 
 # Add SSH keys and set permissions
@@ -14,10 +14,10 @@ RUN sed -i '1s;^;dpy-dind-ssh ;' /root/.ssh/known_hosts
 RUN chmod -R 600 /root/.ssh
 
 COPY ./tests/gpg-keys /gpg-keys
-RUN gpg2 --import gpg-keys/secret
-RUN gpg2 --import-ownertrust gpg-keys/ownertrust
-RUN yes | pass init $(gpg2 --no-auto-check-trustdb --list-secret-key | awk '/^sec/{getline; $1=$1; print}')
-RUN gpg2 --check-trustdb
+RUN gpg --batch --pinentry-mode loopback --passphrase '' --import gpg-keys/secret
+RUN gpg --import-ownertrust gpg-keys/ownertrust
+RUN yes | pass init $(gpg --no-auto-check-trustdb --list-secret-key | awk '/^sec/{getline; $1=$1; print}')
+RUN gpg --check-trustdb
 ARG CREDSTORE_VERSION=v0.6.3
 RUN curl -sSL -o /opt/docker-credential-pass.tar.gz \
     https://github.com/docker/docker-credential-helpers/releases/download/$CREDSTORE_VERSION/docker-credential-pass-$CREDSTORE_VERSION-amd64.tar.gz && \
diff --git a/tests/gpg-keys/ownertrust b/tests/gpg-keys/ownertrust
@@ -1,3 +1,3 @@
-# List of assigned trustvalues, created Wed 25 Apr 2018 01:28:17 PM PDT
+# List of assigned trustvalues, created Wed May  6 10:29:17 2026 UTC
 # (Use "gpg --import-ownertrust" to restore them)
-9781B87DAB042E6FD51388A5464ED987A7B21401:6:
+9B87CDB4965061C06C6557BC377FA74706852BF9:6:
diff --git a/tests/gpg-keys/secret b/tests/gpg-keys/secret
diff --git a/tests/integration/credentials/create_gpg_key.sh b/tests/integration/credentials/create_gpg_key.sh
@@ -1,12 +1,4 @@
 #!/usr/bin/sh
-haveged
-gpg --batch --gen-key <<-EOF
-%echo Generating a standard key
-Key-Type: DSA
-Key-Length: 1024
-Subkey-Type: ELG-E
-Subkey-Length: 1024
-Name-Real: Sakuya Izayoi
-Name-Email: sakuya@gensokyo.jp
-Expire-Date: 0
-EOF
+gpg --batch --passphrase '' --quick-gen-key 'Sakuya Izayoi <sakuya@gensokyo.jp>' ed25519 cert 0
+FINGERPRINT=$(gpg --no-auto-check-trustdb --list-secret-keys --with-colons | awk -F: '/^fpr/{print $10; exit}')
+gpg --batch --passphrase '' --quick-add-key "$FINGERPRINT" cv25519 encr 0
