I have the same issue here, changing the image to v4 raises this error
gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
gpg: key XXXXX: public key "Passbolt default user <passbolt@yourdomain.com>" imported
gpg: can't connect to the agent: End of file
gpg: Total number processed: 1
gpg: imported: 1
gpg: key XXXXX: "Passbolt default user <passbolt@yourdomain.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: key XXXXX: "Passbolt default user <passbolt@yourdomain.com>" not changed
gpg: can't connect to the agent: End of file
gpg: error getting the KEK: No agent running
gpg: error reading '/etc/passbolt/gpg/serverkey_private.asc': No agent running
gpg: import from '/etc/passbolt/gpg/serverkey_private.asc' failed: No agent running
gpg: Total number processed: 0
gpg: unchanged: 1
gpg: secret keys read: 1
3.12.2-1-ce is running without issues. We have the same installation since 2.x and all previous upgrades were smooth, any idea what changed in the 4.x docker releases that could cause this?
I also tried (with 4.0.x, but the latest release gives me the same error)
# docker run --rm -v passbolt_gpg:/etc/passbolt/gpg --entrypoint bash -it passbolt/passbolt:4.0.2-2-ce
root@d69d1ea28f3f:/usr/share/php/passbolt# gpg --home /var/lib/passbolt/.gnupg --import /etc/passbolt/gpg/serverkey_private.asc
gpg: WARNING: unsafe ownership on homedir '/var/lib/passbolt/.gnupg'
gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
gpg: key XXXXX: public key "Passbolt default user <passbolt@yourdomain.com>" imported
gpg: can't connect to the agent: End of file
gpg: error getting the KEK: No agent running
gpg: error reading '/etc/passbolt/gpg/serverkey_private.asc': No agent running
gpg: import from '/etc/passbolt/gpg/serverkey_private.asc' failed: No agent running
gpg: Total number processed: 0
gpg: imported: 1
gpg: secret keys read: 1
root@d69d1ea28f3f:/usr/share/php/passbolt# gpg --version
gpg: WARNING: unsafe ownership on homedir '/var/lib/passbolt/.gnupg'
gpg (GnuPG) 2.2.40
libgcrypt 1.10.1
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /var/lib/passbolt/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
In 3.x, docker has the following gpg version
# docker exec -it passbolt bash
root@2ae0c8f1f8a7:/usr/share/php/passbolt# gpg --version
gpg: WARNING: unsafe ownership on homedir '/var/lib/passbolt/.gnupg'
gpg (GnuPG) 2.2.27
libgcrypt 1.8.8
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /var/lib/passbolt/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2