Doppler CLI GnuPG Requirement
Starting February 9, 2022, the GnuPG package will be required when installing the CLI via the shell script (install.sh) method or when updating the CLI via doppler update.
Signature verification is a security measure to ensure you can only ever install a binary that is built and signed by Doppler. After successfully implementing binary signature verification as an optional part of the CLI install and update process in 2021 (via install.sh), we’re moving to make this a requirement.
Starting February 9, 2022, the GnuPG package will be required when installing the CLI via the shell script (install.sh) method or when updating the CLI via doppler update.
If GnuPG is already installed, there is nothing to do!
If GnuPG is not installed and you’re on Linux, you have two options:
- Change your CLI installation command to use the package manager version for your OS which also installs GnuPG (recommended)
- Install the GnuPG package prior to running the shell script install.sh command
Check out our CLI installation documentation (and Docker) for the updated commands.
For macOS users, simply run brew install gnupg and you’re good to go!
Updated about 2 years ago