On Fri, Jan 9, 2026 at 3:38 PM Thomas Wolf <[email protected]> wrote: > > On 09.01.26 20:02, Gary Gregory wrote: > > On Fri, Jan 9, 2026 at 1:48 PM Thomas Wolf <[email protected]> wrote: > >> > >> Funny that this didn't crop up much earlier. It's a problem > >> with these tests. > >> > >> sshd-git is unchanged in 2.17.0. The JGit dependency saw a > >> patch version update, but that update didn't change anything > >> even remotely related to this. > >> > >> On 09.01.26 15:36, Gary Gregory wrote: > >>> I tested the src zip file. > >>> > >>> - ASC OK > >>> - SHA512 OK > >>> - `mvn clean verify` fails with: > >>> > >>> https://gist.github.com/garydgregory/ee05f1b6df7722827788d1af676e724e > >>> > >>> For example: > >>> > >>> [INFO] Running org.apache.sshd.git.pack.GitPackCommandTest > >>> [ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time > >>> elapsed: 0.061 s <<< FAILURE! -- in > >>> org.apache.sshd.git.pack.GitPackCommandTest > >>> [ERROR] org.apache.sshd.git.pack.GitPackCommandTest.gitPack -- Time > >>> elapsed: 0.061 s <<< ERROR! > >>> org.eclipse.jgit.api.errors.JGitInternalException: Unable to find a > >>> public-key with key or user id: 530AA5F25C25011F > >>> at > >>> org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:211) > >>> at org.eclipse.jgit.api.CommitCommand.sign(CommitCommand.java:294) > >>> at org.eclipse.jgit.api.CommitCommand.call(CommitCommand.java:247) > >>> at > >>> org.apache.sshd.git.pack.GitPackCommandTest.gitPack(GitPackCommandTest.java:111) > >>> at java.base/java.lang.reflect.Method.invoke(Method.java:569) > >>> at java.base/java.util.ArrayList.forEach(ArrayList.java:1511) > >>> at java.base/java.util.ArrayList.forEach(ArrayList.java:1511) > >>> Caused by: org.bouncycastle.openpgp.PGPException: Unable to find a > >>> public-key with key or user id: 530AA5F25C25011F > >>> at > >>> org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKey(BouncyCastleGpgKeyLocator.java:431) > >>> at > >>> org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.locateSigningKey(BouncyCastleGpgSigner.java:120) > >>> at > >>> org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.signObject(BouncyCastleGpgSigner.java:146) > >>> ... 6 more > >> > >> The tests do not mock the git user and system config. Looks like > >> the test picks up some commit signing configuration, probably > >> from your real ~/.gitconfig. > > > > Hi Thomas, > > > > It took a surprising amount of time and effort for me to get git to > > sign my commits from Eclipse and the command line somewhat > > transparently. I don't plan on touching any of it. > > > > Getting the tests to behave sensibly seems reasonable to me, not that > > I can help with this ATM. > > > > If the only way for me to validate a build is to skip that module > > entirely, then that'll have to be the caveat for any review from me > > going forward. > > > > Gary > > Oh, it's fixable all right; it'll just take a moment. I'd prefer to do > it after this release. > > For this release I see five options: > > 1. You temporarily comment out the "gpgSign = true" line in the "commit" > section of your ~/.gitconfig, run the tests, then uncomment that line again. > > 2. You skip module sshd-git. > > 3. You base your vote on the run you did -- everything after sshd-git > is minor or assembly stuff only anyway. > > 4. You decide not to vote this time. > > 5. We cancel this vote, and maybe I'll have time to find a fix next week > and re-do the release candidate.
The PITA is that I can't find a way to run a build like 'mvn clean verify' and say "skip tests for the module sshd-git only". It seems you have to "install" something in multiple steps or edit the sshd-git POM to have that module implement "skipTests". Or is there a different non-intrusive way (no POM edits, no install in the local repo)? I couldn't get Claude or Gemini to help so maybe it can't be done. Gary > > Cheers, > > Thomas > >> > >> Fixing this in the test will be some work, as will testing that > >> the fix works. > >> > >> Cheers, > >> > >> Thomas > >> > >> > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [email protected] > >> For additional commands, e-mail: [email protected] > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
