Some Linux distributions don't come bundled with the ca-certificates and gnupg2 packages. If you use such a distribution, you'll need to install them with:
This example is for Debian/Ubuntu and derivatives. Consult your distribution's documentation if you use another one.
Some Ubuntu and Debian users might run into an apt-key deprecation warning while adding k6's repository key to their system's keyring:
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))
To avoid this and be future-proof, users should delete the existing firstname.lastname@example.org repository key on their system, and update their sources list accordingly.
The gpg command to import k6's package signing key might fail with:
This happens if it's the first time that the user runs gpg , so the directory /root/.gnupg/ doesn't exist yet. To create the directory, run sudo gpg -k and try to import the key again.
Some users have reported that they can't download the key from Ubuntu's keyserver. When they run the gpg command, their firewalls or proxies block their requests to download. If this issue affects you, you can try this alternative:
Distributions like Amazon Linux 2 and CentOS before version 8 don't support the PGP V4 signature we use. You'll need to disable the verification when you install k6: