Need your own package repository for Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Terraform, Vagrant, Raw & More?

Cloudsmith provides better DevOps with simple and secure delivery of your software, from dev to production.

Start My Free Trial
Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package (implicit)
name:my-package (explicit)

Search by package filename:
my-package.ext (implicit)
filename:my-package.ext (explicit)

Search by package tag:
latest (implicit)
tag:latest (explicit)

Search by package version:
1.0.0 (implicit)
version:1.0.0 (explicit)
prerelease:true (prereleases)
prerelease:false (no prereleases)

Search by package architecture:
architecture:x86_64 

Search by package distribution:
distribution:el 

Search by package license:
license:MIT 

Search by package format:
format:deb 

Search by package status:
status:in_progress 

Search by package file checksum:
checksum:5afba 

Search by package security status:
severity:critical 

Search by package vulnerabilities:
vulnerabilities:>1 
vulnerabilities:<1000 

Search by package downloads:
downloads:>8 
downloads:<100 

Search by package type:
type:binary 
type:source 

Search by package size (bytes):
size:>50000 
size:<10000 

Search by dependency name:
dependency:log4j 

Search by uploaded date:
uploaded:>"1 day ago" 
uploaded:<"August 14, 2018 EST" 

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY 

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache 

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

 Open-Source tetrate tetrate (Tetrate) / getenvoy-rpm-stable  GitHub Project
getenvoy-rpm: GeteEnvoy RPM Packages
Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

Tool-Specific Instructions

Although we use GPG (and RSA) keys across each repository and package format, client-side tools might have specific instructions that differ (or require manual steps). To add or use the signing key for these tools, please click on the package format specific tabs above.

Public GPG Key

GPG-based key signing is used by:   RedHat logo

The public GPG key for the tetrate/getenvoy-rpm-stable is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQGNBGB3BeABDADCx5Rb1wWYKNCSPUs3PdBbVVoRFJDKNms6RYnpxTWi6JwY9PYr
5ZqdxCVrtWj3INI+QcK318pv8yRe2y3f7CS2uxf1Ygl/vN7L5rwN7Y9YWda61V35
QsxRkm4w8cq0m9eL96fVKyA0IUJVRTcVvJ8KTD4F3Fsj2gR6kRD7AaCcih/KtUeM
4M0VEJb2IsLBNyyDM0lat/0cJMT1uEj8wZ3jOhu4H/Uhj09LSQ2R1qOuX1cScnWY
KDX4arwVrJUx3ihse9ERwSCOasKv/1nQEZ9cVYXpp5WnbL0vMwOqRAwM+a9nBktM
IsI8ErlIJpnJNDK3d4FNB5vOFCgNyxN7vB5gAnvQSfiwxmwHyX8J1bT8dOgP0JKs
DapVSTr3umqzvjciIJvex6+ThmtcyPWORq6Ki4KtIjGIEcld5Cvcg3bdiWMlSkRN
FGnql9tKairdf15etGZlkwANiHgVxAsXjyRPupPy+SqNNwRnNCi6dNck5wbpg1YF
rynNzngZa4GsprsAEQEAAbRBQ2xvdWRzbWl0aCBQYWNrYWdlICh0ZXRyYXRlL2dl
dGVudm95LXJwbSkgPHN1cHBvcnRAY2xvdWRzbWl0aC5pbz6JAbcEEwEIACEFAmB3
BeACGy8FCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQz3Fq9QMYNJFFbAv7BKg5
o0e1aeNF+A5QVLfQsxO+759Jt1O9e0bGmF+5741EFM6Fg03GMd3ZdHi549nzFQXY
QI3xg/S9eByxEOGDMKkxXlZaPWRcE1+eOfXht+1Iv0ZHQalllK8FWj0TTEwOlDV6
qoJx0dc1QEvUbWhlg4nVtjPTh5UPquNE34YnuEERHeAeyjwGvS88hh9WfDEO09sh
r2CrydPSHhHI/BVBH7tJpmJfMy6lvGB8IiPUC/WNIjBvvpbHFC3xGh52U5JMbAVn
KFGTiw3+Qel4JqpsLXELKenJuGB9Ka02cWPTEuds6SEEYclJBAao/Zb5wjtfM/K7
s7Hpkd6XmCg9qITDXQH6w/+TFMc2ZG5YqvQO1xaZeAypnuxLGHi2iPZCicOsOIRp
1hRffkiE3r7vgj4qVMDQW0A20MismFhei7cBhWvLZAakf6AQRKADB0ofsBk+ASGm
WeSQ04Xv/53z0r6O5t70siDPiXDqOi6XboKb11NtvgPmF8pJDcjZzO051E9I
=xjCs
-----END PGP PUBLIC KEY BLOCK-----

It has the following long (20 bytes) and short (8 bytes) fingerprints:

A8220FC0141BFA990DE5609CCF716AF503183491
CF716AF503183491

You can download the GPG key or fetch it via the command-line:

curl -sL 'https://rpm.dl.getenvoy.io/public/gpg.CF716AF503183491.key'

Public RSA Key

RSA-based key signing is used by:  

The public RSA key for the tetrate/getenvoy-rpm-stable is:

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAn9GzkBp3fT8cYRcsX0hn
Clubf6h3F5I+OWQNhKN8PgAlUlxalwyslyfPE/3lIcd1ZUXCJfR4GlJ4n9kiQKTy
5Mz47B9Cp4ezXxBCmavQD2x839VeHZEbFh1OMj4Fz1OMgB++UJWPGvOEs6gm+5wr
XpAJe2jiuqiHsUbHkpgGYgL2TBTPvTnQiNE600vFmwAlMzKWgRWWVJQ/DKJIsc57
utK+evs3uCUoAvokCSYnvT6l+V3sW5dU5QeiryUPr8owbmBqDU0Qzg7Ur36q5RcO
N8/4t3yQG3K0q+e9DtDFmKk+XNs3tj6Q0PCW9PRN6Opr1t5Z8YiDBSLKJyfhDCcE
X7IFItc2bmiJjwc+JN9ZJvBe9xElKR9gianc4UmLKU9CRE14BqApe5lOrhQCN3ID
pyOdxC0Q99JzRzwvRwG81AQIt2Bb6n4k/i2OVb7AmNaWLcJPG+Gprc1pgcbdleAo
/Tox8YCUUZMgzk9CSmR8J4xHLB09aDVXPiJo32OKroEzAgMBAAE=
-----END PUBLIC KEY-----

It has the following long (16 bytes) and short (8 bytes) fingerprints:

378C287897BDE7F76E014CDB4186AE0C
6E014CDB4186AE0C

You can download the RSA key or fetch it via the command-line:

curl -sL 'https://rpm.dl.getenvoy.io/public/rsa.6E014CDB4186AE0C.key'

Need Help?

If you couldn't find what you needed in our documentation, then you can always chat to a member of our team instead. It's our mission to be your dedicated off-site team for package management, and we mean it. Come and chat with us, anytime.

RedHat logo

RedHat Signing Key Installation

The following instructions are for RedHat (e.g. dnf, rpm, yum, zypper) packages or compatible.

Automated Installation (Bash)

If you installed the tetrate/getenvoy-rpm-stable repository by following one of the repository installation instructions then you don't need take any further action. The GPG key should already have been installed alongside the repository.

Manual Installation

If you'd like to manually install the GPG key, you can utilise curl to retrieve the GPG key and install it by executing:

rpm --import 'https://rpm.dl.getenvoy.io/public/gpg.CF716AF503183491.key'

Or you can add it directly without curl by executing:

cat > /tmp/tetrate-getenvoy-rpm-stable.key <<EOF
    -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQGNBGB3BeABDADCx5Rb1wWYKNCSPUs3PdBbVVoRFJDKNms6RYnpxTWi6JwY9PYr
5ZqdxCVrtWj3INI+QcK318pv8yRe2y3f7CS2uxf1Ygl/vN7L5rwN7Y9YWda61V35
QsxRkm4w8cq0m9eL96fVKyA0IUJVRTcVvJ8KTD4F3Fsj2gR6kRD7AaCcih/KtUeM
4M0VEJb2IsLBNyyDM0lat/0cJMT1uEj8wZ3jOhu4H/Uhj09LSQ2R1qOuX1cScnWY
KDX4arwVrJUx3ihse9ERwSCOasKv/1nQEZ9cVYXpp5WnbL0vMwOqRAwM+a9nBktM
IsI8ErlIJpnJNDK3d4FNB5vOFCgNyxN7vB5gAnvQSfiwxmwHyX8J1bT8dOgP0JKs
DapVSTr3umqzvjciIJvex6+ThmtcyPWORq6Ki4KtIjGIEcld5Cvcg3bdiWMlSkRN
FGnql9tKairdf15etGZlkwANiHgVxAsXjyRPupPy+SqNNwRnNCi6dNck5wbpg1YF
rynNzngZa4GsprsAEQEAAbRBQ2xvdWRzbWl0aCBQYWNrYWdlICh0ZXRyYXRlL2dl
dGVudm95LXJwbSkgPHN1cHBvcnRAY2xvdWRzbWl0aC5pbz6JAbcEEwEIACEFAmB3
BeACGy8FCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQz3Fq9QMYNJFFbAv7BKg5
o0e1aeNF+A5QVLfQsxO+759Jt1O9e0bGmF+5741EFM6Fg03GMd3ZdHi549nzFQXY
QI3xg/S9eByxEOGDMKkxXlZaPWRcE1+eOfXht+1Iv0ZHQalllK8FWj0TTEwOlDV6
qoJx0dc1QEvUbWhlg4nVtjPTh5UPquNE34YnuEERHeAeyjwGvS88hh9WfDEO09sh
r2CrydPSHhHI/BVBH7tJpmJfMy6lvGB8IiPUC/WNIjBvvpbHFC3xGh52U5JMbAVn
KFGTiw3+Qel4JqpsLXELKenJuGB9Ka02cWPTEuds6SEEYclJBAao/Zb5wjtfM/K7
s7Hpkd6XmCg9qITDXQH6w/+TFMc2ZG5YqvQO1xaZeAypnuxLGHi2iPZCicOsOIRp
1hRffkiE3r7vgj4qVMDQW0A20MismFhei7cBhWvLZAakf6AQRKADB0ofsBk+ASGm
WeSQ04Xv/53z0r6O5t70siDPiXDqOi6XboKb11NtvgPmF8pJDcjZzO051E9I
=xjCs
-----END PGP PUBLIC KEY BLOCK-----
    EOF
    rpm --import /tmp/tetrate-getenvoy-rpm-stable.key
    rm -f /tmp/tetrate-getenvoy-rpm-stable.key

Removing Installation / Uninstalling

If you want to remove the public GPG key for the tetrate/getenvoy-rpm-stable repository then you can do so by executing the following:

gpgkey=$(rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} %{summary}\n' | grep "(tetrate/getenvoy-rpm-stable)" | awk '{ print $1 }')
test ! -z "$gpgkey" && sudo rpm -e --allmatches "$gpgkey"

Note: Don't do this if you currently have the repository installed and wish to continue using it. If you remove the key the next fetch will fail.

Viewing Installed Keys

If you want to verify that a GPG public key has been installed or removed, you can view the list of all installed keys by executing:

rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'

What's this page? All Cloudsmith repositories and packages are signed using GPG (or RSA) keys where supported. GPG (or RSA) signatures and checksums provide reliable mechanisms to ensure that the packages that you download/install are neither corrupt nor modified. GPG is generally preferred, but RSA is used for some package formats (such as Alpine). Learn more in the signing keys documentation.

Top