[
https://issues.apache.org/jira/browse/PHOENIX-7446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17891801#comment-17891801
]
Istvan Toth edited comment on PHOENIX-7446 at 10/22/24 11:23 AM:
-----------------------------------------------------------------
Preliminary:
* Make sure you have the *allow-preset-passphrase* line in your
_$HOME/.gnupg/gpg-agent.conf_
* If you had to add it, restart gpg-agent
{noformat}
gpgconf --kill all && gpg-connect-agent /bye{noformat}
* List the keys with the keygrips
{noformat}
gpg --with-keygrip --list-secret-keys{noformat}
2. Find the gpg-preset-passphrase tool. It is not on the PATH by default.
3. Preset the passphrase for your signing key
{noformat}
<path/to/>/gpg-preset-passphrase -P <the passpthrase> -c <the keygrip>{noformat}
* Check that results. There should be a '1' at the fourth position after the
keygrip for your key:
{noformat}
gpg-connect-agent 'keyinfo --list' /bye
S KEYINFO 5249771FBEC0ADE4FXXXXXXXXXXXXXXXXXXXXXXX D - - - P - - -
S KEYINFO BE6EBC96D39BB3BFXXXXXXXXXXXXXXXXXXXXXXXX D - - 1 P - - -
S KEYINFO 06B1EC5E9E2701A3XXXXXXXXXXXXXXXXXXXXXXXX D - - - P - - -
S KEYINFO F55A7CB53BC659F5XXXXXXXXXXXXXXXXXXXXXXXX D - - - P - - -
OK
{noformat}
* . Run the release process
5. Restart the gpg agent to make sure it forgets the preset passphrase
{noformat}
gpgconf --kill all && gpg-connect-agent /bye{noformat}
was (Author: stoty):
Preliminary:
* Make sure you have the *allow-preset-passphrase* line in your
_$HOME/.gnupg/gpg-agent.conf_
* If you had to add it, restart gpg-agent
{noformat}
gpgconf --kill all && gpg-connect-agent /bye{noformat}
* List the keys with the keygrips
{noformat}
gpg --with-keygrip --list-secret-keys{noformat}
2. Find the gpg-preset-passphrase tool. It is not on the PATH by default.
3. Preset the passphrase for your signing key
{noformat}
<path/to/>/gpg-preset-passphrase -P <the passpthrase> -c <the keygrip>{noformat}
4. Run the release process
5. Restart the gpg agent to make sure it forgets the preset passphrase
{noformat}
gpgconf --kill all && gpg-connect-agent /bye{noformat}
> Document GPG passphrase handling in release process
> ---------------------------------------------------
>
> Key: PHOENIX-7446
> URL: https://issues.apache.org/jira/browse/PHOENIX-7446
> Project: Phoenix
> Issue Type: Task
> Reporter: Istvan Toth
> Priority: Major
>
> It seems like the maven GPG plugin is no longer able to ask for a passphrase,
> and it has also been disabled for the tar.gz signing in the release script.
> It seems like we need to somehow preset the passphrase before running the
> release script.
> It seems that this requires either modifying the gpg-agent cache times so
> that it's longer than the release process, or using the gpg-preset-passphrase
> tool.
> Figure this out and document on the release page on the website and/or the
> release script README.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
