I waited at the right time and entered the passphrase. Seems like the GPG step succeeded? But, the artifact still didn't get generated :-(
On Wed, Oct 26, 2022 at 1:01 AM Houston Putman <[email protected]> wrote: > If you look at the PR there is an initial step added to pre-cache your > passphrase in the gpg agent. If you run that yourself, you should be fine? > > On Tue, Oct 25, 2022 at 3:02 PM Ishan Chattopadhyaya < > [email protected]> wrote: > > > Ah, there's a "gpg: signing failed: Timeout" thing shown there. I was out > > on a walk, and not sure if I was late to intercept a prompt. > > I'll re-run and see how it goes. This time I'll not be AFK at the right > > time :-) > > > > On Wed, Oct 26, 2022 at 12:30 AM Ishan Chattopadhyaya < > > [email protected]> wrote: > > > > > Alas, it failed again due to GPG. This time, I can't tell what went > > wrong, > > > except the non-zero exit. > > > Should I add my credentials in gradle.properties and try again? > > > > > > On Tue, Oct 25, 2022 at 11:34 PM Ishan Chattopadhyaya < > > > [email protected]> wrote: > > > > > >> With your patch, Houston, the following command went quite a far bit > > >> further than failing fast with GPG issues. I think it is worth trying > > out > > >> (merging and rebuilding the RC1). > > >> > > >> ishan@x1extreme ~/code/solr (branch_9_1) $ ./gradlew --no-daemon > > >> assembleRelease -Dversion.release=9.1.0 -Psign --max-workers 2 > -PuseGpg > > >> -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" > > >> To honour the JVM settings for this build a single-use Daemon process > > >> will be forked. See > > >> > > > https://docs.gradle.org/7.2/userguide/gradle_daemon.html#sec:disabling_the_daemon > > >> . > > >> Daemon will be stopped at the end of the build > > >> > > >> > Task :errorProneSkipped > > >> WARNING: errorprone disabled (skipped on builds not running inside CI > > >> environments, pass -Pvalidation.errorprone=true to enable) > > >> > > >> > Task :checkWorkingCopyClean FAILED > > >> > > >> FAILURE: Build failed with an exception. > > >> > > >> * Where: > > >> Script '/home/ishan/code/solr/gradle/globals.gradle' line: 78 > > >> > > >> * What went wrong: > > >> Execution failed for task ':checkWorkingCopyClean'. > > >> > Working copy is not a clean git checkout (skip with > > >> -Pvalidation.git.failOnModified=false): > > >> - 1125.diff (untracked) > > >> - gradle/maven/defaults-maven.gradle (modified) > > >> > > >> * Try: > > >> Run with --stacktrace option to get the stack trace. Run with --info > or > > >> --debug option to get more log output. Run with --scan to get full > > insights. > > >> > > >> * Get more help at https://help.gradle.org > > >> > > >> BUILD FAILED in 24s > > >> 165 actionable tasks: 117 executed, 48 up-to-date > > >> > > >> > > >> > > >> On Tue, Oct 25, 2022 at 11:31 PM Ishan Chattopadhyaya < > > >> [email protected]> wrote: > > >> > > >>> Couldn't find a file by that name: > > >>> > > >>> ishan@x1extreme ~/code/solr (branch_9_1) $ sudo find / -name > > >>> gpg-agent.conf > > >>> Place your finger on the fingerprint reader > > >>> find: ‘/run/user/1000/doc’: Permission denied > > >>> find: ‘/run/user/1000/gvfs’: Permission denied > > >>> find: ‘/proc/3730/task/3730/net’: Invalid argument > > >>> find: ‘/proc/3730/net’: Invalid argument > > >>> find: ‘/proc/6630/task/6630/net’: Invalid argument > > >>> find: ‘/proc/6630/net’: Invalid argument > > >>> find: ‘/proc/10182/task/10182/net’: Invalid argument > > >>> find: ‘/proc/10182/net’: Invalid argument > > >>> find: ‘/proc/10378/task/10378/net’: Invalid argument > > >>> find: ‘/proc/10378/net’: Invalid argument > > >>> find: ‘/proc/10790/task/10790/net’: Invalid argument > > >>> find: ‘/proc/10790/net’: Invalid argument > > >>> > > >>> > > >>> I'll try your patch and report back, Houston. > > >>> > > >>> On Tue, Oct 25, 2022 at 11:29 PM Ishan Chattopadhyaya < > > >>> [email protected]> wrote: > > >>> > > >>>> I'm trying to locate the gpg-agent.conf. The ~/.gnupg dir is like > > this: > > >>>> > > >>>> ishan@x1extreme ~/code/solr (branch_9_1) $ tree ~/.gnupg/ > > >>>> /home/ishan/.gnupg/ > > >>>> ├── private-keys-v1.d > > >>>> │ ├── 6B96929D18CF7343BCA9CB3D6E17F3D1F298AE08.key > > >>>> │ └── EF99BCB6F0CE32A0D16C816E1C9BAE2980C54795.key > > >>>> ├── pubring.kbx > > >>>> └── trustdb.gpg > > >>>> > > >>>> 1 directory, 4 files > > >>>> > > >>>> On Tue, Oct 25, 2022 at 11:27 PM Ishan Chattopadhyaya < > > >>>> [email protected]> wrote: > > >>>> > > >>>>> Yes, I had tested it out. It works, as per the screenshots > attached. > > >>>>> The second one shows the prompt (GNOME). > > >>>>> > > >>>>> On Tue, Oct 25, 2022 at 11:23 PM Mike Drob <[email protected]> > wrote: > > >>>>> > > >>>>>> From `gradlew helpPublishing` > > >>>>>> > > >>>>>> If you the following command fails with your GPG > configuration, > > >>>>>> you can > > >>>>>> not use an external GPG process with gradle: > > >>>>>> echo foo | gpg --batch --no-tty --armor --detach-sign > > --use-agent > > >>>>>> --local-user YOUR_KEY_NAME > > >>>>>> > > >>>>>> Can you verify that command works for you? You might need to do > some > > >>>>>> steps > > >>>>>> to configure your pinentry settings > > >>>>>> > > >>>>>> On Tue, Oct 25, 2022 at 12:46 PM Houston Putman < > [email protected] > > > > > >>>>>> wrote: > > >>>>>> > > >>>>>> > Ok, I have a fix for this to start, it does require a commit: > > >>>>>> > https://github.com/apache/solr/pull/1125 > > >>>>>> > > > >>>>>> > For a more complete fix can you share your gpg agent conf > > >>>>>> > file: ~/.gnupg/gpg-agent.conf? > > >>>>>> > > > >>>>>> > This will help me setup the release wizard for default setups. > > >>>>>> > > > >>>>>> > On Tue, Oct 25, 2022 at 1:40 PM Ishan Chattopadhyaya < > > >>>>>> > [email protected]> wrote: > > >>>>>> > > > >>>>>> > > I tried putting the keyid and passphrase in the > > >>>>>> gradle.properties. But > > >>>>>> > the > > >>>>>> > > signing.secretKeyRingFile didn't work as, AFAICT, Fedora > doesn't > > >>>>>> have a > > >>>>>> > > secret key file lying around in the filesystem, I think it > uses > > >>>>>> some > > >>>>>> > secure > > >>>>>> > > storage for it. > > >>>>>> > > > > >>>>>> > > On Tue, 25 Oct, 2022, 10:32 pm Houston Putman, < > > >>>>>> [email protected]> > > >>>>>> > wrote: > > >>>>>> > > > > >>>>>> > > > The GPG stuff has been tested and works, though with certain > > >>>>>> inputs. I > > >>>>>> > > can > > >>>>>> > > > get it to work with `-PuseGPG` and providing the following > > >>>>>> properties > > >>>>>> > > > `-Psigning.gnupg.keyName` (with the full fingerprint) and > > >>>>>> > > > `-Psigning.gnupg.passphrase`. > > >>>>>> > > > > > >>>>>> > > > I think the problem is getting the passphrase to the GPG > stuff > > >>>>>> through > > >>>>>> > > the > > >>>>>> > > > python script isn't working. > > >>>>>> > > > > > >>>>>> > > > Doing some local testing to see how we can fix it. > > >>>>>> > > > > > >>>>>> > > > In the meantime, if you put "signing.gnupg.passphrase=...." > in > > >>>>>> your > > >>>>>> > > > ~/.gradle/gradle.properties then I bet the "-PuseGPG" option > > >>>>>> will > > >>>>>> > work... > > >>>>>> > > > > > >>>>>> > > > - Houston > > >>>>>> > > > > > >>>>>> > > > On Tue, Oct 25, 2022 at 12:54 PM Ishan Chattopadhyaya < > > >>>>>> > > > [email protected]> wrote: > > >>>>>> > > > > > >>>>>> > > > > Has the GPG signing ever been tested with Linux (or Fedora > > in > > >>>>>> > > > particular)? > > >>>>>> > > > > Any ideas on how to proceed? > > >>>>>> > > > > > > >>>>>> > > > > > > >>>>>> > > > > On Tue, Oct 25, 2022 at 10:22 PM Ishan Chattopadhyaya < > > >>>>>> > > > > [email protected]> wrote: > > >>>>>> > > > > > > >>>>>> > > > > > Here are the logs with external GPG. > > >>>>>> > > > > > > > >>>>>> > > > > > ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u > > >>>>>> > > > > > dev-tools/scripts/buildAndPushRelease.py \ > > >>>>>> > > > > > --logfile > > >>>>>> ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ > > >>>>>> > > > > > --push-local "~/.solr-releases/9.1.0/RC1/dist" \ > > >>>>>> > > > > > --rc-num 1 \ > > >>>>>> > > > > > --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ > > >>>>>> > > > > > --gpg-pass-noprompt > > >>>>>> > > > > > Logfile is: > > >>>>>> > > > > > > > >>>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log > > >>>>>> > > > > > Building version: 9.1.0 > > >>>>>> > > > > > Verify your gpg key is in the main KEYS file > > >>>>>> > > > > > Using online KEYS file > > >>>>>> https://archive.apache.org/dist/solr/KEYS > > >>>>>> > > > > > Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in > KEYS > > >>>>>> file at > > >>>>>> > > > > > https://archive.apache.org/dist/solr/KEYS > > >>>>>> > > > > > Will not prompt for gpg password. Make sure your signing > > >>>>>> setup > > >>>>>> > > supports > > >>>>>> > > > > > this. > > >>>>>> > > > > > > > >>>>>> > > > > > Prepare release... > > >>>>>> > > > > > git pull... > > >>>>>> > > > > > git clone is clean > > >>>>>> > > > > > git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 > > >>>>>> > > > > > Check DOAP files > > >>>>>> > > > > > ./gradlew --no-daemon -Dtests.badapples=false clean > check > > >>>>>> > > > > > prepare-release > > >>>>>> > > > > > Signing method is gpg tool > > >>>>>> > > > > > Running: ./gradlew --no-daemon assembleRelease > > >>>>>> > > -Dversion.release=9.1.0 > > >>>>>> > > > > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > > >>>>>> > > > > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" > > >>>>>> > > > > > FAILED: ./gradlew --no-daemon assembleRelease > > >>>>>> > -Dversion.release=9.1.0 > > >>>>>> > > > > > -Psign --max-workers 2 -PuseGpg -Psigning.gnupg.keyName= > > >>>>>> > > > > > "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > > >>>>>> > > > > > > > >>>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > >>>>>> > > > > > Traceback (most recent call last): > > >>>>>> > > > > > File > > >>>>>> > > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > > line 419, in <module> > > >>>>>> > > > > > main() > > >>>>>> > > > > > File > > >>>>>> > > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > > line 397, in main > > >>>>>> > > > > > prepare(c.root, c.version, c.key_id, c.key_password, > > >>>>>> > > gpg_home=gpg_home, > > >>>>>> > > > > > sign_gradle=c.sign_method_gradle) > > >>>>>> > > > > > File > > >>>>>> > > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > > line 147, in prepare > > >>>>>> > > > > > run(cmd) > > >>>>>> > > > > > File > > >>>>>> > > > > "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > > line 45, in run > > >>>>>> > > > > > raise RuntimeError(msg) > > >>>>>> > > > > > RuntimeError: FAILED: ./gradlew --no-daemon > > assembleRelease > > >>>>>> > > > > > -Dversion.release=9.1.0 -Psign --max-workers 2 -PuseGpg > > >>>>>> > > > > > > > >>>>>> -Psigning.gnupg.keyName="2085660D9C1FCCACC4A479A3BF160FF14992A24C" > > >>>>>> > > [see > > >>>>>> > > > > > log > > >>>>>> > > > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > >>>>>> > > > > > > > >>>>>> > > > > > > > >>>>>> > > > > > > > >>>>>> > > > > > FAILURE: Build failed with an exception. > > >>>>>> > > > > > > > >>>>>> > > > > > * What went wrong: > > >>>>>> > > > > > Execution failed for task > > >>>>>> > > > > ':solr:prometheus-exporter:signJarsPublication'. > > >>>>>> > > > > > > Cannot perform signing task > > >>>>>> > > > > > ':solr:prometheus-exporter:signJarsPublication' because > it > > >>>>>> has no > > >>>>>> > > > > > configured signatory > > >>>>>> > > > > > > > >>>>>> > > > > > * Try: > > >>>>>> > > > > > Run with --stacktrace option to get the stack trace. Run > > >>>>>> with > > >>>>>> > --info > > >>>>>> > > or > > >>>>>> > > > > > --debug option to get more log output. Run with --scan > to > > >>>>>> get full > > >>>>>> > > > > insights. > > >>>>>> > > > > > > > >>>>>> > > > > > On Tue, Oct 25, 2022 at 9:43 PM Ishan Chattopadhyaya < > > >>>>>> > > > > > [email protected]> wrote: > > >>>>>> > > > > > > > >>>>>> > > > > >> The "no configured signatory" seems to be the problem. > > >>>>>> > > > > >> I tried adding the following to the gradle.properties: > > >>>>>> > > > > >> signing.keyId=4992A24C > > >>>>>> > > > > >> signing.password=<MYPASS> > > >>>>>> > > > > >> signing.secretKeyRingFile=<TRIED VARIOUS FILES> > > >>>>>> > > > > >> > > >>>>>> > > > > >> However, none of the files worked well. The problem > could > > >>>>>> be that > > >>>>>> > > > there > > >>>>>> > > > > >> exists no such file on Fedora that qualifies as the > > >>>>>> > > secretKeyRingFile. > > >>>>>> > > > > >> > > >>>>>> > > > > >> Also, it fails for me with the external GPG based > signing > > >>>>>> as well. > > >>>>>> > > I'm > > >>>>>> > > > > >> going to try that out shortly and post the logs. > > >>>>>> > > > > >> > > >>>>>> > > > > >> On Tue, Oct 25, 2022 at 9:40 PM Ishan Chattopadhyaya < > > >>>>>> > > > > >> [email protected]> wrote: > > >>>>>> > > > > >> > > >>>>>> > > > > >>> Hi, > > >>>>>> > > > > >>> I'm having no luck with GPG signing on Fedora 34 > > >>>>>> (GNU/Linux). > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> This is the output with gradle based signing. > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> Please advise. > > >>>>>> > > > > >>> Thanks, > > >>>>>> > > > > >>> Ishan > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> From the console: > > >>>>>> > > > > >>> ishan@x1extreme ~/code/solr (branch_9_1) $ python3 -u > > >>>>>> > > > > >>> dev-tools/scripts/buildAndPushRelease.py \ > > >>>>>> > > > > >>> --logfile > > >>>>>> > ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log \ > > >>>>>> > > > > >>> --push-local "~/.solr-releases/9.1.0/RC1/dist" \ > > >>>>>> > > > > >>> --rc-num 1 \ > > >>>>>> > > > > >>> --sign 2085660D9C1FCCACC4A479A3BF160FF14992A24C \ > > >>>>>> > > > > >>> --sign-method-gradle > > >>>>>> > > > > >>> Logfile is: > > >>>>>> > > > > >>> > > >>>>>> /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log > > >>>>>> > > > > >>> Building version: 9.1.0 > > >>>>>> > > > > >>> Verify your gpg key is in the main KEYS file > > >>>>>> > > > > >>> Using online KEYS file > > >>>>>> https://archive.apache.org/dist/solr/KEYS > > >>>>>> > > > > >>> Found key 2085660D9C1FCCACC4A479A3BF160FF14992A24C in > > >>>>>> KEYS file > > >>>>>> > at > > >>>>>> > > > > >>> https://archive.apache.org/dist/solr/KEYS > > >>>>>> > > > > >>> WARN: Could not locate your gpg secret keyring, and > > >>>>>> --gpg-home > > >>>>>> > not > > >>>>>> > > > > >>> specified. > > >>>>>> > > > > >>> Falling back to location configured in > > gradle.properties. > > >>>>>> > > > > >>> See 'gradlew helpPublishing' for details. > > >>>>>> > > > > >>> Enter GPG keystore password: > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> Prepare release... > > >>>>>> > > > > >>> git pull... > > >>>>>> > > > > >>> git clone is clean > > >>>>>> > > > > >>> git rev: 36d8f3977d65525dab0b5e25a35e137aac4e1580 > > >>>>>> > > > > >>> Check DOAP files > > >>>>>> > > > > >>> ./gradlew --no-daemon -Dtests.badapples=false clean > > check > > >>>>>> > > > > >>> prepare-release > > >>>>>> > > > > >>> Signing method is gradle java-plugin > > >>>>>> > > > > >>> Running: ./gradlew --no-daemon assembleRelease > > >>>>>> > > > -Dversion.release=9.1.0 > > >>>>>> > > > > >>> -Psign --max-workers 2 -Psigning.keyId= > > >>>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" > > >>>>>> > > > > >>> FAILED: ./gradlew --no-daemon assembleRelease > > >>>>>> > > -Dversion.release=9.1.0 > > >>>>>> > > > > >>> -Psign --max-workers 2 -Psigning.keyId= > > >>>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > > >>>>>> > > > > >>> > > >>>>>> > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > >>>>>> > > > > >>> Traceback (most recent call last): > > >>>>>> > > > > >>> File > > >>>>>> > > > > > >>>>>> "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > >>> line 419, in <module> > > >>>>>> > > > > >>> main() > > >>>>>> > > > > >>> File > > >>>>>> > > > > > >>>>>> "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > >>> line 397, in main > > >>>>>> > > > > >>> prepare(c.root, c.version, c.key_id, c.key_password, > > >>>>>> > > > gpg_home=gpg_home, > > >>>>>> > > > > >>> sign_gradle=c.sign_method_gradle) > > >>>>>> > > > > >>> File > > >>>>>> > > > > > >>>>>> "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > >>> line 145, in prepare > > >>>>>> > > > > >>> runAndSendGPGPassword(cmd, gpg_password) > > >>>>>> > > > > >>> File > > >>>>>> > > > > > >>>>>> "/home/ishan/code/solr/dev-tools/scripts/buildAndPushRelease.py", > > >>>>>> > > > > >>> line 67, in runAndSendGPGPassword > > >>>>>> > > > > >>> raise RuntimeError(msg) > > >>>>>> > > > > >>> RuntimeError: FAILED: ./gradlew --no-daemon > > >>>>>> assembleRelease > > >>>>>> > > > > >>> -Dversion.release=9.1.0 -Psign --max-workers 2 > > >>>>>> -Psigning.keyId= > > >>>>>> > > > > >>> "2085660D9C1FCCACC4A479A3BF160FF14992A24C" [see log > > >>>>>> > > > > >>> > > >>>>>> > > /home/ishan/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log] > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> > ~/.solr-releases/9.1.0/RC1/logs/buildAndPushRelease.log: > > >>>>>> > > > > >>> > Task :solr:distribution:prepareGitRev > > >>>>>> > > > > >>> > Task :solr:distribution:signSourceTgz FAILED > > >>>>>> > > > > >>> > Task :solr:solrj:compileJava UP-TO-DATE > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> FAILURE: Build failed with an exception. > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> * What went wrong: > > >>>>>> > > > > >>> Execution failed for task > > >>>>>> ':solr:distribution:signSourceTgz'. > > >>>>>> > > > > >>> > Cannot perform signing task > > >>>>>> ':solr:distribution:signSourceTgz' > > >>>>>> > > > > >>> because it has no configured signatory > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> * Try: > > >>>>>> > > > > >>> Run with --stacktrace option to get the stack trace. > Run > > >>>>>> with > > >>>>>> > > --info > > >>>>>> > > > or > > >>>>>> > > > > >>> --debug option to get more log output. Run with --scan > > to > > >>>>>> get > > >>>>>> > full > > >>>>>> > > > > insights. > > >>>>>> > > > > >>> > > >>>>>> > > > > >>> > > >>>>>> > > > > > > >>>>>> > > > > > >>>>>> > > > > >>>>>> > > > >>>>>> > > >>>>> > > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
