Package: src:golang-github-sigstore-cosign-v2 Version: 2.6.3-2 Severity: serious Tags: ftbfs forky sid
Dear maintainer: During a rebuild of all packages in unstable, this package failed to build. Below you will find the last part of the build log (probably the most relevant part, but not necessarily). If required, the full build log is available here: https://people.debian.org/~sanvila/build-logs/202606/ About the archive rebuild: The build was made on virtual machines from AWS, using sbuild and a reduced chroot with only build-essential packages. If you cannot reproduce the bug please contact me privately, as I am willing to provide ssh access to a virtual machine where the bug is fully reproducible. If this is really a bug in one of the build-depends, please use reassign and add an affects on src:golang-github-sigstore-cosign-v2, so that this is still visible in the BTS web page for this package. Thanks. -------------------------------------------------------------------------------- [...] debian/rules clean dh clean --builddirectory=_build --buildsystem=golang dh_auto_clean -O--builddirectory=_build -O--buildsystem=golang dh_autoreconf_clean -O--builddirectory=_build -O--buildsystem=golang dh_clean -O--builddirectory=_build -O--buildsystem=golang debian/rules binary dh binary --builddirectory=_build --buildsystem=golang dh_update_autotools_config -O--builddirectory=_build -O--buildsystem=golang dh_autoreconf -O--builddirectory=_build -O--buildsystem=golang dh_auto_configure -O--builddirectory=_build -O--buildsystem=golang debian/rules execute_before_dh_auto_build make[1]: Entering directory '/<<PKGBUILDDIR>>' rm -rfv _build/src/github.com/sigstore/cosign/v2/pkg/cosign/rego removed '_build/src/github.com/sigstore/cosign/v2/pkg/cosign/rego/rego_test.go' removed '_build/src/github.com/sigstore/cosign/v2/pkg/cosign/rego/fuzz_test.go' [... snipped ...] === RUN TestTagMethods/attestation_passed_a_tag === RUN TestTagMethods/attestation_passed_a_tag_(w/_custom_suffix) === RUN TestTagMethods/attestation_passed_a_digest === RUN TestTagMethods/sbom_passed_a_tag === RUN TestTagMethods/sbom_passed_a_tag_(w/_custom_suffix) === RUN TestTagMethods/sbom_passed_a_digest --- PASS: TestTagMethods (0.00s) --- PASS: TestTagMethods/signature_passed_a_tag (0.00s) --- PASS: TestTagMethods/signature_passed_a_tag_(w/_custom_suffix) (0.00s) --- PASS: TestTagMethods/signature_passed_a_digest (0.00s) --- PASS: TestTagMethods/attestation_passed_a_tag (0.00s) --- PASS: TestTagMethods/attestation_passed_a_tag_(w/_custom_suffix) (0.00s) --- PASS: TestTagMethods/attestation_passed_a_digest (0.00s) --- PASS: TestTagMethods/sbom_passed_a_tag (0.00s) --- PASS: TestTagMethods/sbom_passed_a_tag_(w/_custom_suffix) (0.00s) --- PASS: TestTagMethods/sbom_passed_a_digest (0.00s) === RUN TestTagMethodErrors === RUN TestTagMethodErrors/signature_passed_a_tag --- PASS: TestTagMethodErrors (0.00s) --- PASS: TestTagMethodErrors/signature_passed_a_tag (0.00s) === RUN TestDockercontentDigest === RUN TestDockercontentDigest/docker_content_digest_for_tag === RUN TestDockercontentDigest/docker_content_digest_for_attestation === RUN TestDockercontentDigest/docker_content_digest_for_SBOM --- PASS: TestDockercontentDigest (0.00s) --- PASS: TestDockercontentDigest/docker_content_digest_for_tag (0.00s) --- PASS: TestDockercontentDigest/docker_content_digest_for_attestation (0.00s) --- PASS: TestDockercontentDigest/docker_content_digest_for_SBOM (0.00s) === RUN TestPayload === RUN TestPayload/within_default_limit === RUN TestPayload/excceds_default_limit === RUN TestPayload/exceeds_overridden_limit === RUN TestPayload/within_overridden_limit --- PASS: TestPayload (0.00s) --- PASS: TestPayload/within_default_limit (0.00s) --- PASS: TestPayload/excceds_default_limit (0.00s) --- PASS: TestPayload/exceeds_overridden_limit (0.00s) --- PASS: TestPayload/within_overridden_limit (0.00s) === RUN TestSignaturesErrors === RUN TestSignaturesErrors/404_returns_empty === RUN TestSignaturesErrors/other_transport_errors_propagate === RUN TestSignaturesErrors/other_errors_propagate === RUN TestSignaturesErrors/too_many_layers --- PASS: TestSignaturesErrors (0.00s) --- PASS: TestSignaturesErrors/404_returns_empty (0.00s) --- PASS: TestSignaturesErrors/other_transport_errors_propagate (0.00s) --- PASS: TestSignaturesErrors/other_errors_propagate (0.00s) --- PASS: TestSignaturesErrors/too_many_layers (0.00s) === RUN TestSignedUnknown --- PASS: TestSignedUnknown (0.00s) === RUN TestSignedUnknownWithAttachment --- PASS: TestSignedUnknownWithAttachment (4.30s) === RUN TestWriteSignatures --- PASS: TestWriteSignatures (0.00s) === RUN TestWriteAttestations --- PASS: TestWriteAttestations (0.00s) === RUN TestReferrerManifest --- PASS: TestReferrerManifest (0.00s) === RUN TestTaggableManifest --- PASS: TestTaggableManifest (0.00s) === RUN TestWriteAttestationNewBundleFormat --- PASS: TestWriteAttestationNewBundleFormat (0.00s) === RUN TestWriteAttestationsReferrer --- PASS: TestWriteAttestationsReferrer (0.00s) === RUN TestWriteReferrer --- PASS: TestWriteReferrer (0.00s) === RUN TestWriteReferrerErrorHandling --- PASS: TestWriteReferrerErrorHandling (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/oci/remote 8.517s === RUN TestSignature === RUN TestSignature/just_payload_and_signature === RUN TestSignature/with_empty_other_keys === RUN TestSignature/missing_signature === RUN TestSignature/min_plus_bad_bundle === RUN TestSignature/min_plus_bad_cert === RUN TestSignature/min_plus_bad_chain === RUN TestSignature/min_plus_bundle === RUN TestSignature/min_plus_good_cert === RUN TestSignature/min_plus_bad_chain#01 --- PASS: TestSignature (0.01s) --- PASS: TestSignature/just_payload_and_signature (0.00s) --- PASS: TestSignature/with_empty_other_keys (0.00s) --- PASS: TestSignature/missing_signature (0.00s) --- PASS: TestSignature/min_plus_bad_bundle (0.00s) --- PASS: TestSignature/min_plus_bad_cert (0.00s) --- PASS: TestSignature/min_plus_bad_chain (0.00s) --- PASS: TestSignature/min_plus_bundle (0.00s) --- PASS: TestSignature/min_plus_good_cert (0.00s) --- PASS: TestSignature/min_plus_bad_chain#01 (0.00s) === RUN TestSignatureWithTSAAnnotation === RUN TestSignatureWithTSAAnnotation/just_payload_and_signature === RUN TestSignatureWithTSAAnnotation/with_empty_other_keys === RUN TestSignatureWithTSAAnnotation/missing_signature === RUN TestSignatureWithTSAAnnotation/min_plus_bad_RFC3161_timestamp_bundle === RUN TestSignatureWithTSAAnnotation/min_plus_bad_cert === RUN TestSignatureWithTSAAnnotation/min_plus_bad_chain === RUN TestSignatureWithTSAAnnotation/min_plus_RFC3161_timestamp_bundle === RUN TestSignatureWithTSAAnnotation/payload_size_exceeds_default_limit === RUN TestSignatureWithTSAAnnotation/payload_size_exceeds_overridden_limit === RUN TestSignatureWithTSAAnnotation/payload_size_is_within_overridden_limit --- PASS: TestSignatureWithTSAAnnotation (0.00s) --- PASS: TestSignatureWithTSAAnnotation/just_payload_and_signature (0.00s) --- PASS: TestSignatureWithTSAAnnotation/with_empty_other_keys (0.00s) --- PASS: TestSignatureWithTSAAnnotation/missing_signature (0.00s) --- PASS: TestSignatureWithTSAAnnotation/min_plus_bad_RFC3161_timestamp_bundle (0.00s) --- PASS: TestSignatureWithTSAAnnotation/min_plus_bad_cert (0.00s) --- PASS: TestSignatureWithTSAAnnotation/min_plus_bad_chain (0.00s) --- PASS: TestSignatureWithTSAAnnotation/min_plus_RFC3161_timestamp_bundle (0.00s) --- PASS: TestSignatureWithTSAAnnotation/payload_size_exceeds_default_limit (0.00s) --- PASS: TestSignatureWithTSAAnnotation/payload_size_exceeds_overridden_limit (0.00s) --- PASS: TestSignatureWithTSAAnnotation/payload_size_is_within_overridden_limit (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/oci/signature 0.014s === RUN TestImage --- PASS: TestImage (0.00s) === RUN TestImageIndex --- PASS: TestImageIndex (0.01s) PASS ok github.com/sigstore/cosign/v2/pkg/oci/signed 0.017s === RUN TestNewFile === RUN TestNewFile/check_size === RUN TestNewFile/check_media_type === RUN TestNewFile/check_hashes === RUN TestNewFile/check_content === RUN TestNewFile/check_date === RUN TestNewFile/check_annotations === RUN TestNewFile/huge_file_payload --- PASS: TestNewFile (0.00s) --- PASS: TestNewFile/check_size (0.00s) --- PASS: TestNewFile/check_media_type (0.00s) --- PASS: TestNewFile/check_hashes (0.00s) --- PASS: TestNewFile/check_content (0.00s) --- PASS: TestNewFile/check_date (0.00s) --- PASS: TestNewFile/check_annotations (0.00s) --- PASS: TestNewFile/huge_file_payload (0.00s) === RUN TestOptions === RUN TestOptions/no_options === RUN TestOptions/with_layer_media_type === RUN TestOptions/with_config_media_type === RUN TestOptions/with_annotations === RUN TestOptions/with_cert_chain === RUN TestOptions/with_bundle === RUN TestOptions/with_RFC3161_timestamp_bundle === RUN TestOptions/with_RFC3161Timestamp_and_Rekor_bundle === RUN TestOptions/with_RFC3161Timestamp_and_Rekor_bundle#01 --- PASS: TestOptions (0.00s) --- PASS: TestOptions/no_options (0.00s) --- PASS: TestOptions/with_layer_media_type (0.00s) --- PASS: TestOptions/with_config_media_type (0.00s) --- PASS: TestOptions/with_annotations (0.00s) --- PASS: TestOptions/with_cert_chain (0.00s) --- PASS: TestOptions/with_bundle (0.00s) --- PASS: TestOptions/with_RFC3161_timestamp_bundle (0.00s) --- PASS: TestOptions/with_RFC3161Timestamp_and_Rekor_bundle (0.00s) --- PASS: TestOptions/with_RFC3161Timestamp_and_Rekor_bundle#01 (0.00s) === RUN TestNewSignatureBasic === RUN TestNewSignatureBasic/check_size === RUN TestNewSignatureBasic/check_media_type === RUN TestNewSignatureBasic/check_hashes === RUN TestNewSignatureBasic/check_content === RUN TestNewSignatureBasic/check_annotations === RUN TestNewSignatureBasic/check_signature_accessors --- PASS: TestNewSignatureBasic (0.00s) --- PASS: TestNewSignatureBasic/check_size (0.00s) --- PASS: TestNewSignatureBasic/check_media_type (0.00s) --- PASS: TestNewSignatureBasic/check_hashes (0.00s) --- PASS: TestNewSignatureBasic/check_content (0.00s) --- PASS: TestNewSignatureBasic/check_annotations (0.00s) --- PASS: TestNewSignatureBasic/check_signature_accessors (0.00s) === RUN TestNewAttestationBasic === RUN TestNewAttestationBasic/check_size === RUN TestNewAttestationBasic/check_media_type === RUN TestNewAttestationBasic/check_hashes === RUN TestNewAttestationBasic/check_content === RUN TestNewAttestationBasic/check_annotations === RUN TestNewAttestationBasic/check_signature_accessors --- PASS: TestNewAttestationBasic (0.00s) --- PASS: TestNewAttestationBasic/check_size (0.00s) --- PASS: TestNewAttestationBasic/check_media_type (0.00s) --- PASS: TestNewAttestationBasic/check_hashes (0.00s) --- PASS: TestNewAttestationBasic/check_content (0.00s) --- PASS: TestNewAttestationBasic/check_annotations (0.00s) --- PASS: TestNewAttestationBasic/check_signature_accessors (0.00s) === RUN TestNewSignatureCertChainAndBundle === RUN TestNewSignatureCertChainAndBundle/check_signature_accessors === RUN TestNewSignatureCertChainAndBundle/check_annotations --- PASS: TestNewSignatureCertChainAndBundle (0.00s) --- PASS: TestNewSignatureCertChainAndBundle/check_signature_accessors (0.00s) --- PASS: TestNewSignatureCertChainAndBundle/check_annotations (0.00s) === RUN TestNewSignatureCertChainAndRekorRFC3161Timestamp === RUN TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_tsa_signature_accessors === RUN TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_tsa_annotations === RUN TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_signature_accessors === RUN TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_rekor_and_tsa_annotations --- PASS: TestNewSignatureCertChainAndRekorRFC3161Timestamp (0.00s) --- PASS: TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_tsa_signature_accessors (0.00s) --- PASS: TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_tsa_annotations (0.00s) --- PASS: TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_signature_accessors (0.00s) --- PASS: TestNewSignatureCertChainAndRekorRFC3161Timestamp/check_rekor_and_tsa_annotations (0.00s) === RUN TestNewSignatureBadCertChain === RUN TestNewSignatureBadCertChain/check_signature_accessors --- PASS: TestNewSignatureBadCertChain (0.00s) --- PASS: TestNewSignatureBadCertChain/check_signature_accessors (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/oci/static 0.008s === RUN TestMapImage === RUN TestMapImage/walk_image,_no_errors === RUN TestMapImage/error_propagates --- PASS: TestMapImage (0.00s) --- PASS: TestMapImage/walk_image,_no_errors (0.00s) --- PASS: TestMapImage/error_propagates (0.00s) === RUN TestMapImageIndex === RUN TestMapImageIndex/six_calls_to_identity_mutator --- PASS: TestMapImageIndex (0.01s) --- PASS: TestMapImageIndex/six_calls_to_identity_mutator (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/oci/walk 0.012s === RUN TestFailures --- PASS: TestFailures (0.00s) === RUN TestErroringPayload --- PASS: TestErroringPayload (0.00s) === RUN TestAttestationToPayloadJson --- PASS: TestAttestationToPayloadJson (0.00s) === RUN TestPayloadProvider --- PASS: TestPayloadProvider (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/policy 0.015s ? github.com/sigstore/cosign/v2/pkg/providers [no test files] ? github.com/sigstore/cosign/v2/pkg/providers/all [no test files] === RUN TestEnvVar === RUN TestEnvVar/true === RUN TestEnvVar/false --- PASS: TestEnvVar (0.00s) --- PASS: TestEnvVar/true (0.00s) --- PASS: TestEnvVar/false (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/providers/envvar 0.002s ? github.com/sigstore/cosign/v2/pkg/providers/filesystem [no test files] ? github.com/sigstore/cosign/v2/pkg/providers/github [no test files] ? github.com/sigstore/cosign/v2/pkg/providers/google [no test files] === RUN TestGetSocketPath --- PASS: TestGetSocketPath (0.00s) PASS ok github.com/sigstore/cosign/v2/pkg/providers/spiffe 0.003s === RUN TestSignerFromPrivateKeyFileRef === PAUSE TestSignerFromPrivateKeyFileRef === RUN TestPublicKeyFromFileRef === PAUSE TestPublicKeyFromFileRef === RUN TestPublicKeyFromEnvVar --- PASS: TestPublicKeyFromEnvVar (0.13s) === RUN TestSignerVerifierFromEnvVar --- PASS: TestSignerVerifierFromEnvVar (0.27s) === RUN TestVerifierForKeyRefError --- PASS: TestVerifierForKeyRefError (0.00s) === CONT TestSignerFromPrivateKeyFileRef === CONT TestPublicKeyFromFileRef === RUN TestSignerFromPrivateKeyFileRef/good_password === PAUSE TestSignerFromPrivateKeyFileRef/good_password === RUN TestSignerFromPrivateKeyFileRef/bad_password === PAUSE TestSignerFromPrivateKeyFileRef/bad_password === CONT TestSignerFromPrivateKeyFileRef/good_password --- PASS: TestPublicKeyFromFileRef (0.14s) === CONT TestSignerFromPrivateKeyFileRef/bad_password --- PASS: TestSignerFromPrivateKeyFileRef (0.00s) --- PASS: TestSignerFromPrivateKeyFileRef/good_password (0.28s) --- PASS: TestSignerFromPrivateKeyFileRef/bad_password (0.27s) PASS ok github.com/sigstore/cosign/v2/pkg/signature 0.830s ? github.com/sigstore/cosign/v2/pkg/types [no test files] ? github.com/sigstore/cosign/v2/test/cmd/getoidctoken [no test files] ? github.com/sigstore/cosign/v2/test/fakeoidc [no test files] FAIL dh_auto_test: error: cd _build && go test -vet=off -v -p 2 - [too-long-redacted] t/fakeoidc returned exit code 1 make[1]: *** [debian/rules:23: override_dh_auto_test] Error 25 make[1]: Leaving directory '/<<PKGBUILDDIR>>' make: *** [debian/rules:11: binary] Error 2 dpkg-buildpackage: error: debian/rules binary subprocess failed with exit status 2 --------------------------------------------------------------------------------
