microdnf chokes on a repo with gpgkey option pointing to an OpenPGP binary file

[yrro]

See nextdns/nextdns#558

The file referenced by the gpgkey option in https://repo.nextdns.io/nextdns.repo is in OpenPGP binary format. microdnf fails to install packages from this repo:

STEP 1: FROM registry.access.redhat.com/ubi8/ubi-minimal:latest
STEP 2: ADD https://repo.nextdns.io/nextdns.repo /etc/yum.repos.d
--> Using cache 32cf75b74a62c8e0550373b90d05a9ce1047fad237b3b973885ba594194877c4
--> 32cf75b74a6
STEP 3: RUN microdnf install -y --nodocs nextdns

(microdnf:1): librhsm-WARNING **: 19:29:50.568: Found 0 entitlement certificates

(microdnf:1): librhsm-WARNING **: 19:29:50.573: Found 0 entitlement certificates
Downloading metadata...
Downloading metadata...
Downloading metadata...
Downloading metadata...
Package                  Repository   Size
Installing:                               
 nextdns-1.35.0-1.x86_64 nextdns    3.2 MB
Transaction Summary:
 Installing:        1 packages
 Reinstalling:      0 packages
 Upgrading:         0 packages
 Obsoleting:        0 packages
 Removing:          0 packages
 Downgrading:       0 packages
Downloading packages...
error: PKI file /var/cache/yum/metadata/nextdns-8-x86_64/nextdns.gpg is not a public key
Error: error building at STEP "RUN microdnf install -y --nodocs nextdns": error while running runtime: exit status 1

The yum/DNF docs are not explicit about whether the gpgkey file should be in binary or armoured format; I guess yum/DNF support both but microdnf currently only supports armoured format.

[Conan-Kudo]

I don't think we've ever tested with binary format and generally expected files to be in ASCII Armored format. All distribution GPG keys are also shipped that way, too. The actual issue is in libdnf, though, and not microdnf. You'll want to file a bug in the Red Hat Bugzilla for that, though, especially since you're doing this on RHEL.