The GPG stuff has been tested and works, though with certain inputs. I can get it to work with `-PuseGPG` and providing the following properties `-Psigning.gnupg.keyName` (with the full fingerprint) and `-Psigning.gnupg.passphrase`.
I think the problem is getting the passphrase to the GPG stuff through the python script isn't working. Doing some local testing to see how we can fix it. In the meantime, if you put "signing.gnupg.passphrase=...." in your ~/.gradle/gradle.properties then I bet the "-PuseGPG" option will work... - Houston On Tue, Oct 25, 2022 at 12:54 PM Ishan Chattopadhyaya < [email protected]> wrote: > Has the GPG signing ever been tested with Linux (or Fedora in particular)? > Any ideas on how to proceed? > > > On Tue, Oct 25, 2022 at 10:22 PM Ishan Chattopadhyaya < > [email protected]> wrote: > > > Here are the logs with external GPG. > > > > ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u > > dev-tools/scripts/buildAndPushRelease.py \ > > --logfile ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ > > --push-local "~/.solr-releases/9.1.0/RC1/dist" \ > > --rc-num 1 \ > > --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ > > --gpg-pass-noprompt > > Logfile is: > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log > > Building version: 9.1.0 > > Verify your gpg key is in the main KEYS file > > Using online KEYS file https://archive.apache.org/dist/solr/KEYS > > Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS file at > > https://archive.apache.org/dist/solr/KEYS > > Will not prompt for gpg password. Make sure your signing setup supports > > this. > > > > Prepare release... > > git pull... > > git clone is clean > > git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 > > Check DOAP files > > ./gradlew --no-daemon -Dtests.badapples=false clean check > > prepare-release > > Signing method is gpg tool > > Running: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" > > FAILED: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > Traceback (most recent call last): > > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > line 419, in <module> > > main() > > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > line 397, in main > > prepare(c.root, c.version, c.key_id, c.key_password, gpg_home=gpg_home, > > sign_gradle=c.sign_method_gradle) > > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > line 147, in prepare > > run(cmd) > > File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > line 45, in run > > raise RuntimeError(msg) > > RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease > > -Dversion.release=9.1.0 -Psign --max-workers 2 -PuseGpg > > -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see > > log /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > > > > > > > FAILURE: Build failed with an exception. > > > > * What went wrong: > > Execution failed for task > ':solr:prometheus-exporter:signJarsPublication'. > > > Cannot perform signing task > > ':solr:prometheus-exporter:signJarsPublication' because it has no > > configured signatory > > > > * Try: > > Run with --stacktrace option to get the stack trace. Run with --info or > > --debug option to get more log output. Run with --scan to get full > insights. > > > > On Tue, Oct 25, 2022 at 9:43 PM Ishan Chattopadhyaya < > > [email protected]> wrote: > > > >> The "no configured signatory" seems to be the problem. > >> I tried adding the following to the gradle.properties: > >> signing.keyId=4992A24C > >> signing.password=<MYPASS> > >> signing.secretKeyRingFile=<TRIED VARIOUS FILES> > >> > >> However, none of the files worked well. The problem could be that there > >> exists no such file on Fedora that qualifies as the secretKeyRingFile. > >> > >> Also, it fails for me with the external GPG based signing as well. I'm > >> going to try that out shortly and post the logs. > >> > >> On Tue, Oct 25, 2022 at 9:40 PM Ishan Chattopadhyaya < > >> [email protected]> wrote: > >> > >>> Hi, > >>> I'm having no luck with GPG signing on Fedora 34 (GNU/Linux). > >>> > >>> This is the output with gradle based signing. > >>> > >>> Please advise. > >>> Thanks, > >>> Ishan > >>> > >>> From the console: > >>> ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u > >>> dev-tools/scripts/buildAndPushRelease.py \ > >>> --logfile ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ > >>> --push-local "~/.solr-releases/9.1.0/RC1/dist" \ > >>> --rc-num 1 \ > >>> --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ > >>> --sign-method-gradle > >>> Logfile is: > >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log > >>> Building version: 9.1.0 > >>> Verify your gpg key is in the main KEYS file > >>> Using online KEYS file https://archive.apache.org/dist/solr/KEYS > >>> Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in KEYS file at > >>> https://archive.apache.org/dist/solr/KEYS > >>> WARN: Could not locate your gpg secret keyring, and --gpg-home not > >>> specified. > >>> Falling back to location configured in gradle.properties. > >>> See 'gradlew helpPublishing' for details. > >>> Enter GPG keystore password: > >>> > >>> Prepare release... > >>> git pull... > >>> git clone is clean > >>> git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 > >>> Check DOAP files > >>> ./gradlew --no-daemon -Dtests.badapples=false clean check > >>> prepare-release > >>> Signing method is gradle java-plugin > >>> Running: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > >>> -Psign --max-workers 2 -Psigning.keyId= > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" > >>> FAILED: ./gradlew --no-daemon assembleRelease -Dversion.release=9.1.0 > >>> -Psign --max-workers 2 -Psigning.keyId= > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > >>> Traceback (most recent call last): > >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > >>> line 419, in <module> > >>> main() > >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > >>> line 397, in main > >>> prepare(c.root, c.version, c.key_id, c.key_password, gpg_home=gpg_home, > >>> sign_gradle=c.sign_method_gradle) > >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > >>> line 145, in prepare > >>> runAndSendGPGPassword(cmd, gpg_password) > >>> File "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > >>> line 67, in runAndSendGPGPassword > >>> raise RuntimeError(msg) > >>> RuntimeError: FAILED: ./gradlew --no-daemon assembleRelease > >>> -Dversion.release=9.1.0 -Psign --max-workers 2 -Psigning.keyId= > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > >>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > >>> > >>> > >>> > >>> ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log: > >>> > Task :solr:distribution:prepareGitRev > >>> > Task :solr:distribution:signSourceTgz FAILED > >>> > Task :solr:solrj:compileJava UP-TO-DATE > >>> > >>> FAILURE: Build failed with an exception. > >>> > >>> * What went wrong: > >>> Execution failed for task ':solr:distribution:signSourceTgz'. > >>> > Cannot perform signing task ':solr:distribution:signSourceTgz' > >>> because it has no configured signatory > >>> > >>> * Try: > >>> Run with --stacktrace option to get the stack trace. Run with --info or > >>> --debug option to get more log output. Run with --scan to get full > insights. > >>> > >>> >
