Is your feature request related to a problem? Please describe.
AAP container images on "registry.redhat.io" were published with PQC (post-quantum cryptography) signatures in addition to legacy signatures. pulp_container cannot process the GPG v6 PQC signature layer, which causes container signature verification to fail during installs or upgrades.
pulp [48cb258faa9c4ea0913ddcf73031afef]: gnupg:WARNING: gpg returned a non-zero error code: 2 Mar 03 14:48:20 ip-10-0-1-203.ec2.internal gunicorn[43648]: pulp [48cb258faa9c4ea0913ddcf73031afef]: pulp_container.app.utils:INFO: It is not possible to read the signed document, GPG error: gpg: onepass_sig with unknown version
Describe the solution you'd like
This shouldn't fail outright
Additional context
https://issues.redhat.com/browse/AAP-67344
https://issues.redhat.com/browse/PULP-1288
Is your feature request related to a problem? Please describe.
AAP container images on "registry.redhat.io" were published with PQC (post-quantum cryptography) signatures in addition to legacy signatures. pulp_container cannot process the GPG v6 PQC signature layer, which causes container signature verification to fail during installs or upgrades.
Describe the solution you'd like
This shouldn't fail outright
Additional context
https://issues.redhat.com/browse/AAP-67344
https://issues.redhat.com/browse/PULP-1288