[BUG] PGP Key Expired on provider repo

[boyer-victor]

What is the bug?

The pgp signing key for the provider is expired causing an error on download (such as through terraform init).

How can one reproduce the bug?

Using terraform 1.6.0 or 1.11.4 run terraform init in a clean project with the config

terraform {

    opensearch = {
      source  = "opensearch-project/opensearch"
      version = "2.3.1"
    }
  }
}


provider "opensearch" {
  url = "http://localhost:9200" # or some url, we should fail before this even gets touched.
  sign_aws_requests = false
  username = "opensearch_username"
 password = "openseacrh_password"
}

Or verify by getting signing key and comparing e.g.:

curl https://registry.terraform.io/v1/providers/opensearch-project/opensearch/2.3.1/download/darwin/arm64 | jq -r '.signing_keys.gpg_public_keys[0].ascii_armor' | gpg --show-keys -

or

curl https://registry.terraform.io/v1/providers/opensearch-project/opensearch/2.3.1/download/linux/amd64 | jq -r '.signing_keys.gpg_public_keys[0].ascii_armor' | gpg --show-keys -

Which has result similar to:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  4146    0  4146    0     0  24765      0 --:--:-- --:--:-- --:--:-- 24826
pub   rsa4096 2023-02-28 [SC] [expired: 2024-02-28]
      A0C16CA6CFA8ABF4DB5338E1C9D54034F594D145
uid                      OpenSearch Terraform Provider (OpenSearch terraform provider official signing key) <opensearch@amazon.com>
sub   rsa4096 2023-02-28 [E] [expired: 2024-02-28]

gpg: WARNING: No valid encryption subkey left over.

Noting that both keys are expired.

What is the expected behavior?

Provider installs correctly.

What is your host/environment?

MacOS 15.4.1 darwin/arm64, Ubuntu 24.04.01 linux/amd64

Do you have any screenshots?

Do you have any additional context?

[gaiksaya]

Adding @prudhvigodithi to take a look.