iapilgrim

Posted on Mar 11

Troubleshooting: Fixing k6 GPG Key Errors in Ubuntu

#k6 #locust #hey #ubuntu

Setting up k6 on Ubuntu should be a straightforward process, but GPG key errors can occasionally turn a "five-minute task" into a troubleshooting marathon. If you’ve encountered the dreaded NO_PUBKEY or unsupported filetype errors, this guide will walk you through the fix and the proper installation.

Modern Linux distributions have moved away from apt-key add (which is now deprecated) toward specific keyrings located in /usr/share/keyrings. This "sandboxes" the security keys so that the k6 key can only be used to verify k6 packages, making your overall system much more secure.

🛠️ Troubleshooting: Fixing k6 GPG Key Errors

When you see errors like "The following signatures couldn't be verified" or "unsupported filetype," it means your system doesn't trust the k6 repository or the key file you downloaded is corrupted (usually saved as plain text instead of binary).

Step 1: Clean Up Old Keys

If you have a broken keyring file, apt will continue to complain until it's gone. Start by removing any existing k6 keyring:

sudo rm /usr/share/keyrings/k6-archive-keyring.gpg

Step 2: Download and "Dearmor" the Key

The key must be in a binary format for modern Ubuntu versions. We use gpg --dearmor to convert the text-based key from k6 into the required binary format.

curl -fsSL https://dl.k6.io/key.gpg | sudo gpg --dearmor -o /usr/share/keyrings/k6-archive-keyring.gpg

Step 3: Set Correct Permissions

System services need to be able to read this file. Set the permissions to 644:

sudo chmod 644 /usr/share/keyrings/k6-archive-keyring.gpg

📦 Setting Up the Repository

Now that the security "handshake" is ready, you need to tell Ubuntu exactly where to find k6 and which key to use for verification.

Step 4: Add the k6 Source List

Run this command to create (or overwrite) the source file. Note the signed-by tag—this is the secret sauce that links the repo to the key we just created.

echo "deb [signed-by=/usr/share/keyrings/k6-archive-keyring.gpg] https://dl.k6.io/deb stable main" | sudo tee /etc/apt/sources.list.d/k6.list

🚀 Final Installation

With the repository correctly configured and the key verified, you can now update your package list and install k6.

Step 5: Update and Install

sudo apt-get update
sudo apt-get install k6

Step 6: Verify Success

Confirm k6 is installed and ready to go by checking the version:

k6 version

DEV Community