If you gpg2 over gpg, building a debian package with debuild or gbp buildpackage may require some fiddling.

In my case, I'm using gpg2 instead of gpg for signing because unlike version 1, version 2 does PGP key forwarding. That way I can sign on a remote machine, using a local PGP key card.

However gbp buildpackage, dpkg-buildpackage and debuild are hardwired to call gpg. And — it turns out — using a simple /usr/local/bin/gpg to /usr/bin/gpg2 symlink was not sufficient to convince gbp (and debuild) to use the gpg2 binary, while for dpkg-buildpackage that is sufficient.

The cause? gbp calls debuild which cleans the environment. debuild in turn calls dpkg-buildpackage with a clean(er) environment.

The fix? Update the builder command with --prepend-path /usr/local/bin:

$ gbp buildpackage --git-builder='debuild --prepend-path /usr/local/bin -i -I' ...

building gpg debian gpg2