Alas, it failed again due to GPG. This time, I can't tell what went wrong, except the non-zero exit. Should I add my credentials in gradle.properties and try again?
On Tue, Oct 25, 2022 at 11:34 PM Ishan Chattopadhyaya < [email protected]> wrote: > With your patch, Houston, the following command went quite a far bit > further than failing fast with GPG issues. I think it is worth trying out > (merging and rebuilding the RC1). > > ishan@x1extreme ~/code/solr (branch_9_1) $ ./gradlew --no-daemon > assembleRelease -Dversion.release=9.1.0 -Psign --max-workers 2 -PuseGpg > -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" > To honour the JVM settings for this build a single-use Daemon process will > be forked. See > https://docs.gradle.org/7.2/userguide/gradle_daemon.html#sec:disabling_the_daemon > . > Daemon will be stopped at the end of the build > > > Task :errorProneSkipped > WARNING: errorprone disabled (skipped on builds not running inside CI > environments, pass -Pvalidation.errorprone=true to enable) > > > Task :checkWorkingCopyClean FAILED > > FAILURE: Build failed with an exception. > > * Where: > Script '/home/ishan/code/solr/gradle/globals.gradle' line: 78 > > * What went wrong: > Execution failed for task ':checkWorkingCopyClean'. > > Working copy is not a clean git checkout (skip with > -Pvalidation.git.failOnModified=false): > - 1125.diff (untracked) > - gradle/maven/defaults-maven.gradle (modified) > > * Try: > Run with --stacktrace option to get the stack trace. Run with --info or > --debug option to get more log output. Run with --scan to get full insights. > > * Get more help at https://help.gradle.org > > BUILD FAILED in 24s > 165 actionable tasks: 117 executed, 48 up-to-date > > > > On Tue, Oct 25, 2022 at 11:31 PM Ishan Chattopadhyaya < > [email protected]> wrote: > >> Couldn't find a file by that name: >> >> ishan@x1extreme ~/code/solr (branch_9_1) $ sudo find / -name >> gpg-agent.conf >> Place your finger on the fingerprint reader >> find: ‘/run/user/1000/doc’: Permission denied >> find: ‘/run/user/1000/gvfs’: Permission denied >> find: ‘/proc/3730/task/3730/net’: Invalid argument >> find: ‘/proc/3730/net’: Invalid argument >> find: ‘/proc/6630/task/6630/net’: Invalid argument >> find: ‘/proc/6630/net’: Invalid argument >> find: ‘/proc/10182/task/10182/net’: Invalid argument >> find: ‘/proc/10182/net’: Invalid argument >> find: ‘/proc/10378/task/10378/net’: Invalid argument >> find: ‘/proc/10378/net’: Invalid argument >> find: ‘/proc/10790/task/10790/net’: Invalid argument >> find: ‘/proc/10790/net’: Invalid argument >> >> >> I'll try your patch and report back, Houston. >> >> On Tue, Oct 25, 2022 at 11:29 PM Ishan Chattopadhyaya < >> [email protected]> wrote: >> >>> I'm trying to locate the gpg-agent.conf. The ~/.gnupg dir is like this: >>> >>> ishan@x1extreme ~/code/solr (branch_9_1) $ tree ~/.gnupg/ >>> /home/ishan/.gnupg/ >>> ├── private-keys-v1.d >>> │ ├── 6B96929D18CF7343BCA9CB3D6E17F3D1F298AE08.key >>> │ └── EF99BCB6F0CE32A0D16C816E1C9BAE2980C54795.key >>> ├── pubring.kbx >>> └── trustdb.gpg >>> >>> 1 directory, 4 files >>> >>> On Tue, Oct 25, 2022 at 11:27 PM Ishan Chattopadhyaya < >>> [email protected]> wrote: >>> >>>> Yes, I had tested it out. It works, as per the screenshots attached. >>>> The second one shows the prompt (GNOME). >>>> >>>> On Tue, Oct 25, 2022 at 11:23 PM Mike Drob <[email protected]> wrote: >>>> >>>>> From `gradlew helpPublishing` >>>>> >>>>> If you the following command fails with your GPG configuration, >>>>> you can >>>>> not use an external GPG process with gradle: >>>>> echo foo | gpg --batch --no-tty --armor --detach-sign --use-agent >>>>> --local-user YOUR_KEY_NAME >>>>> >>>>> Can you verify that command works for you? You might need to do some >>>>> steps >>>>> to configure your pinentry settings >>>>> >>>>> On Tue, Oct 25, 2022 at 12:46 PM Houston Putman <[email protected]> >>>>> wrote: >>>>> >>>>> > Ok, I have a fix for this to start, it does require a commit: >>>>> > https://github.com/apache/solr/pull/1125 >>>>> > >>>>> > For a more complete fix can you share your gpg agent conf >>>>> > file: ~/.gnupg/gpg-agent.conf? >>>>> > >>>>> > This will help me setup the release wizard for default setups. >>>>> > >>>>> > On Tue, Oct 25, 2022 at 1:40 PM Ishan Chattopadhyaya < >>>>> > [email protected]> wrote: >>>>> > >>>>> > > I tried putting the keyid and passphrase in the gradle.properties. >>>>> But >>>>> > the >>>>> > > signing.secretKeyRingFile didn't work as, AFAICT, Fedora doesn't >>>>> have a >>>>> > > secret key file lying around in the filesystem, I think it uses >>>>> some >>>>> > secure >>>>> > > storage for it. >>>>> > > >>>>> > > On Tue, 25 Oct, 2022, 10:32 pm Houston Putman, <[email protected] >>>>> > >>>>> > wrote: >>>>> > > >>>>> > > > The GPG stuff has been tested and works, though with certain >>>>> inputs. I >>>>> > > can >>>>> > > > get it to work with `-PuseGPG` and providing the following >>>>> properties >>>>> > > > `-Psigning.gnupg.keyName` (with the full fingerprint) and >>>>> > > > `-Psigning.gnupg.passphrase`. >>>>> > > > >>>>> > > > I think the problem is getting the passphrase to the GPG stuff >>>>> through >>>>> > > the >>>>> > > > python script isn't working. >>>>> > > > >>>>> > > > Doing some local testing to see how we can fix it. >>>>> > > > >>>>> > > > In the meantime, if you put "signing.gnupg.passphrase=...." in >>>>> your >>>>> > > > ~/.gradle/gradle.properties then I bet the "-PuseGPG" option will >>>>> > work... >>>>> > > > >>>>> > > > - Houston >>>>> > > > >>>>> > > > On Tue, Oct 25, 2022 at 12:54 PM Ishan Chattopadhyaya < >>>>> > > > [email protected]> wrote: >>>>> > > > >>>>> > > > > Has the GPG signing ever been tested with Linux (or Fedora in >>>>> > > > particular)? >>>>> > > > > Any ideas on how to proceed? >>>>> > > > > >>>>> > > > > >>>>> > > > > On Tue, Oct 25, 2022 at 10:22 PM Ishan Chattopadhyaya < >>>>> > > > > [email protected]> wrote: >>>>> > > > > >>>>> > > > > > Here are the logs with external GPG. >>>>> > > > > > >>>>> > > > > > ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u >>>>> > > > > > dev-tools/scripts/buildAndPushRelease.py \ >>>>> > > > > > --logfile >>>>> ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ >>>>> > > > > > --push-local "~/.solr-releases/9.1.0/RC1/dist" \ >>>>> > > > > > --rc-num 1 \ >>>>> > > > > > --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ >>>>> > > > > > --gpg-pass-noprompt >>>>> > > > > > Logfile is: >>>>> > > > > > >>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log >>>>> > > > > > Building version: 9.1.0 >>>>> > > > > > Verify your gpg key is in the main KEYS file >>>>> > > > > > Using online KEYS file >>>>> https://archive.apache.org/dist/solr/KEYS >>>>> > > > > > Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS >>>>> file at >>>>> > > > > > https://archive.apache.org/dist/solr/KEYS >>>>> > > > > > Will not prompt for gpg password. Make sure your signing >>>>> setup >>>>> > > supports >>>>> > > > > > this. >>>>> > > > > > >>>>> > > > > > Prepare release... >>>>> > > > > > git pull... >>>>> > > > > > git clone is clean >>>>> > > > > > git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 >>>>> > > > > > Check DOAP files >>>>> > > > > > ./gradlew --no-daemon -Dtests.badapples=false clean check >>>>> > > > > > prepare-release >>>>> > > > > > Signing method is gpg tool >>>>> > > > > > Running: ./gradlew --no-daemon assembleRelease >>>>> > > -Dversion.release=9.1.0 >>>>> > > > > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= >>>>> > > > > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" >>>>> > > > > > FAILED: ./gradlew --no-daemon assembleRelease >>>>> > -Dversion.release=9.1.0 >>>>> > > > > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= >>>>> > > > > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log >>>>> > > > > > >>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>>>> > > > > > Traceback (most recent call last): >>>>> > > > > > File >>>>> > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > > line 419, in <module> >>>>> > > > > > main() >>>>> > > > > > File >>>>> > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > > line 397, in main >>>>> > > > > > prepare(c.root, c.version, c.key_id, c.key_password, >>>>> > > gpg_home=gpg_home, >>>>> > > > > > sign_gradle=c.sign_method_gradle) >>>>> > > > > > File >>>>> > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > > line 147, in prepare >>>>> > > > > > run(cmd) >>>>> > > > > > File >>>>> > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > > line 45, in run >>>>> > > > > > raise RuntimeError(msg) >>>>> > > > > > RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease >>>>> > > > > > -Dversion.release=9.1.0 -Psign --max-workers 2 -PuseGpg >>>>> > > > > > >>>>> -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" >>>>> > > [see >>>>> > > > > > log >>>>> > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>>>> > > > > > >>>>> > > > > > >>>>> > > > > > >>>>> > > > > > FAILURE: Build failed with an exception. >>>>> > > > > > >>>>> > > > > > * What went wrong: >>>>> > > > > > Execution failed for task >>>>> > > > > ':solr:prometheus-exporter:signJarsPublication'. >>>>> > > > > > > Cannot perform signing task >>>>> > > > > > ':solr:prometheus-exporter:signJarsPublication' because it >>>>> has no >>>>> > > > > > configured signatory >>>>> > > > > > >>>>> > > > > > * Try: >>>>> > > > > > Run with --stacktrace option to get the stack trace. Run with >>>>> > --info >>>>> > > or >>>>> > > > > > --debug option to get more log output. Run with --scan to >>>>> get full >>>>> > > > > insights. >>>>> > > > > > >>>>> > > > > > On Tue, Oct 25, 2022 at 9:43 PM Ishan Chattopadhyaya < >>>>> > > > > > [email protected]> wrote: >>>>> > > > > > >>>>> > > > > >> The "no configured signatory" seems to be the problem. >>>>> > > > > >> I tried adding the following to the gradle.properties: >>>>> > > > > >> signing.keyId=4992A24C >>>>> > > > > >> signing.password=<MYPASS> >>>>> > > > > >> signing.secretKeyRingFile=<TRIED VARIOUS FILES> >>>>> > > > > >> >>>>> > > > > >> However, none of the files worked well. The problem could >>>>> be that >>>>> > > > there >>>>> > > > > >> exists no such file on Fedora that qualifies as the >>>>> > > secretKeyRingFile. >>>>> > > > > >> >>>>> > > > > >> Also, it fails for me with the external GPG based signing >>>>> as well. >>>>> > > I'm >>>>> > > > > >> going to try that out shortly and post the logs. >>>>> > > > > >> >>>>> > > > > >> On Tue, Oct 25, 2022 at 9:40 PM Ishan Chattopadhyaya < >>>>> > > > > >> [email protected]> wrote: >>>>> > > > > >> >>>>> > > > > >>> Hi, >>>>> > > > > >>> I'm having no luck with GPG signing on Fedora 34 >>>>> (GNU/Linux). >>>>> > > > > >>> >>>>> > > > > >>> This is the output with gradle based signing. >>>>> > > > > >>> >>>>> > > > > >>> Please advise. >>>>> > > > > >>> Thanks, >>>>> > > > > >>> Ishan >>>>> > > > > >>> >>>>> > > > > >>> From the console: >>>>> > > > > >>> ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u >>>>> > > > > >>> dev-tools/scripts/buildAndPushRelease.py \ >>>>> > > > > >>> --logfile >>>>> > ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ >>>>> > > > > >>> --push-local "~/.solr-releases/9.1.0/RC1/dist" \ >>>>> > > > > >>> --rc-num 1 \ >>>>> > > > > >>> --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ >>>>> > > > > >>> --sign-method-gradle >>>>> > > > > >>> Logfile is: >>>>> > > > > >>> >>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log >>>>> > > > > >>> Building version: 9.1.0 >>>>> > > > > >>> Verify your gpg key is in the main KEYS file >>>>> > > > > >>> Using online KEYS file >>>>> https://archive.apache.org/dist/solr/KEYS >>>>> > > > > >>> Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS >>>>> file >>>>> > at >>>>> > > > > >>> https://archive.apache.org/dist/solr/KEYS >>>>> > > > > >>> WARN: Could not locate your gpg secret keyring, and >>>>> --gpg-home >>>>> > not >>>>> > > > > >>> specified. >>>>> > > > > >>> Falling back to location configured in gradle.properties. >>>>> > > > > >>> See 'gradlew helpPublishing' for details. >>>>> > > > > >>> Enter GPG keystore password: >>>>> > > > > >>> >>>>> > > > > >>> Prepare release... >>>>> > > > > >>> git pull... >>>>> > > > > >>> git clone is clean >>>>> > > > > >>> git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 >>>>> > > > > >>> Check DOAP files >>>>> > > > > >>> ./gradlew --no-daemon -Dtests.badapples=false clean check >>>>> > > > > >>> prepare-release >>>>> > > > > >>> Signing method is gradle java-plugin >>>>> > > > > >>> Running: ./gradlew --no-daemon assembleRelease >>>>> > > > -Dversion.release=9.1.0 >>>>> > > > > >>> -Psign --max-workers 2 -Psigning.keyId= >>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" >>>>> > > > > >>> FAILED: ./gradlew --no-daemon assembleRelease >>>>> > > -Dversion.release=9.1.0 >>>>> > > > > >>> -Psign --max-workers 2 -Psigning.keyId= >>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log >>>>> > > > > >>> >>>>> > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>>>> > > > > >>> Traceback (most recent call last): >>>>> > > > > >>> File >>>>> > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > >>> line 419, in <module> >>>>> > > > > >>> main() >>>>> > > > > >>> File >>>>> > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > >>> line 397, in main >>>>> > > > > >>> prepare(c.root, c.version, c.key_id, c.key_password, >>>>> > > > gpg_home=gpg_home, >>>>> > > > > >>> sign_gradle=c.sign_method_gradle) >>>>> > > > > >>> File >>>>> > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > >>> line 145, in prepare >>>>> > > > > >>> runAndSendGPGPassword(cmd, gpg_password) >>>>> > > > > >>> File >>>>> > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", >>>>> > > > > >>> line 67, in runAndSendGPGPassword >>>>> > > > > >>> raise RuntimeError(msg) >>>>> > > > > >>> RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease >>>>> > > > > >>> -Dversion.release=9.1.0 -Psign --max-workers 2 >>>>> -Psigning.keyId= >>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log >>>>> > > > > >>> >>>>> > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] >>>>> > > > > >>> >>>>> > > > > >>> >>>>> > > > > >>> >>>>> > > > > >>> ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log: >>>>> > > > > >>> > Task :solr:distribution:prepareGitRev >>>>> > > > > >>> > Task :solr:distribution:signSourceTgz FAILED >>>>> > > > > >>> > Task :solr:solrj:compileJava UP-TO-DATE >>>>> > > > > >>> >>>>> > > > > >>> FAILURE: Build failed with an exception. >>>>> > > > > >>> >>>>> > > > > >>> * What went wrong: >>>>> > > > > >>> Execution failed for task >>>>> ':solr:distribution:signSourceTgz'. >>>>> > > > > >>> > Cannot perform signing task >>>>> ':solr:distribution:signSourceTgz' >>>>> > > > > >>> because it has no configured signatory >>>>> > > > > >>> >>>>> > > > > >>> * Try: >>>>> > > > > >>> Run with --stacktrace option to get the stack trace. Run >>>>> with >>>>> > > --info >>>>> > > > or >>>>> > > > > >>> --debug option to get more log output. Run with --scan to >>>>> get >>>>> > full >>>>> > > > > insights. >>>>> > > > > >>> >>>>> > > > > >>> >>>>> > > > > >>>>> > > > >>>>> > > >>>>> > >>>>> >>>>
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
