Add error handling for use-keyboxd incompatibility

DopplerHQ · Feb 21, 2024 · b03f663 · b03f663
1 parent 2522b47
commit b03f663
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/scripts/install.sh b/scripts/install.sh
@@ -7,6 +7,7 @@ set -e
 # 2 insufficient perms
 # 3 gnupg package not installed
 # 4 ~/.gnupg ownership issue
+# 5 incompatible use-keyboxd option enabled
 
 DOPPLER_DOMAIN="cli.doppler.com"
 DEBUG=0
@@ -473,6 +474,9 @@ log "Verifying signature"
 if [ -d ~/.gnupg ]; then
   # Run sudo chown -r $(whoami) ~/.gnupg to fix this
   ls -l ~/.gnupg > /dev/null 2>&1 || (log "Failed to read ~/.gnupg. Please verify the directory's ownership, or run 'sudo chown -R $(whoami) ~/.gnupg' to fix this." && clean_exit 4)
+
+  # Make sure use-keyboxd isn't set. This causes gpg to ignore ALL keyrings, so --no-default-keyring and --keyring are ignored if that's enabled.
+  gpgconf --list-options gpg | grep use_keyboxd | grep "0::" > /dev/null 2>&1 || (log "Incompatible gpg option 'use-keyboxd' is enabled. Please disable that option or manually import the public key from https://cli.doppler.com/keys/public." && clean_exit 5)
 fi
 gpg --no-default-keyring --keyring "$key_filename" --verify "$sig_filename" "$filename" > /dev/null 2>&1 || (log "Failed to verify binary signature" && clean_exit 1)
 log_debug "Signature successfully verified!"