Has the GPG signing ever been tested with Linux (or Fedora in particular)? Any ideas on how to proceed?
On Tue, Oct 25, 2022 at 10:22 PM Ishan Chattopadhyaya < [email protected]> wrote: > Here are the logs with external GPG. > > ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u > dev-tools/scripts/buildAndPushRelease.py \ > --logfile ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ > --push-local "~/.solr-releases/9.1.0/RC1/dist" \ > --rc-num 1 \ > --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ > --gpg-pass-noprompt > Logfile is: > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log > Building version: 9.1.0 > Verify your gpg key is in the main KEYS file > Using online KEYS file https://archive.apache.org/dist/solr/KEYS > Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS file at > https://archive.apache.org/dist/solr/KEYS > Will not prompt for gpg password. Make sure your signing setup supports > this. > > Prepare release... > git pull... > git clone is clean > git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 > Check DOAP files > ./gradlew --no-daemon -Dtests.badapples=false clean check > prepare-release > Signing method is gpg tool > Running: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" > FAILED: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > Traceback (most recent call last): > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > line 419, in <module> > main() > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > line 397, in main > prepare(c.root, c.version, c.key_id, c.key_password, gpg_home=gpg_home, > sign_gradle=c.sign_method_gradle) > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > line 147, in prepare > run(cmd) > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > line 45, in run > raise RuntimeError(msg) > RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease > -Dversion.release=9.1.0 -Psign --max-workers 2 -PuseGpg > -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see > log /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > > > FAILURE: Build failed with an exception. > > * What went wrong: > Execution failed for task ':solr:prometheus-exporter:signJarsPublication'. > > Cannot perform signing task > ':solr:prometheus-exporter:signJarsPublication' because it has no > configured signatory > > * Try: > Run with --stacktrace option to get the stack trace. Run with --info or > --debug option to get more log output. Run with --scan to get full insights. > > On Tue, Oct 25, 2022 at 9:43 PM Ishan Chattopadhyaya < > [email protected]> wrote: > >> The "no configured signatory" seems to be the problem. >> I tried adding the following to the gradle.properties: >> signing.keyId=4992A24C >> signing.password=<MYPASS> >> signing.secretKeyRingFile=<TRIED VARIOUS FILES> >> >> However, none of the files worked well. The problem could be that there >> exists no such file on Fedora that qualifies as the secretKeyRingFile. >> >> Also, it fails for me with the external GPG based signing as well. I'm >> going to try that out shortly and post the logs. >> >> On Tue, Oct 25, 2022 at 9:40 PM Ishan Chattopadhyaya < >> [email protected]> wrote: >> >>> Hi, >>> I'm having no luck with GPG signing on Fedora 34 (GNU/Linux). >>> >>> This is the output with gradle based signing. >>> >>> Please advise. >>> Thanks, >>> Ishan >>> >>> From the console: >>> ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u >>> dev-tools/scripts/buildAndPushRelease.py \ >>> --logfile ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ >>> --push-local "~/.solr-releases/9.1.0/RC1/dist" \ >>> --rc-num 1 \ >>> --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ >>> --sign-method-gradle >>> Logfile is: >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log >>> Building version: 9.1.0 >>> Verify your gpg key is in the main KEYS file >>> Using online KEYS file https://archive.apache.org/dist/solr/KEYS >>> Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS file at >>> https://archive.apache.org/dist/solr/KEYS >>> WARN: Could not locate your gpg secret keyring, and --gpg-home not >>> specified. >>> Falling back to location configured in gradle.properties. >>> See 'gradlew helpPublishing' for details. >>> Enter GPG keystore password: >>> >>> Prepare release... >>> git pull... >>> git clone is clean >>> git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 >>> Check DOAP files >>> ./gradlew --no-daemon -Dtests.badapples=false clean check >>> prepare-release >>> Signing method is gradle java-plugin >>> Running: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 >>> -Psign --max-workers 2 -Psigning.keyId= >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" >>> FAILED: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 >>> -Psign --max-workers 2 -Psigning.keyId= >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>> Traceback (most recent call last): >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>> line 419, in <module> >>> main() >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>> line 397, in main >>> prepare(c.root, c.version, c.key_id, c.key_password, gpg_home=gpg_home, >>> sign_gradle=c.sign_method_gradle) >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>> line 145, in prepare >>> runAndSendGPGPassword(cmd, gpg_password) >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>> line 67, in runAndSendGPGPassword >>> raise RuntimeError(msg) >>> RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease >>> -Dversion.release=9.1.0 -Psign --max-workers 2 -Psigning.keyId= >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>> >>> >>> >>> ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log: >>> > Task :solr:distribution:prepareGitRev >>> > Task :solr:distribution:signSourceTgz FAILED >>> > Task :solr:solrj:compileJava UP-TO-DATE >>> >>> FAILURE: Build failed with an exception. >>> >>> * What went wrong: >>> Execution failed for task ':solr:distribution:signSourceTgz'. >>> > Cannot perform signing task ':solr:distribution:signSourceTgz' >>> because it has no configured signatory >>> >>> * Try: >>> Run with --stacktrace option to get the stack trace. Run with --info or >>> --debug option to get more log output. Run with --scan to get full insights. >>> >>>
