Re: yum repo gpg signature file missing
Thanks for the clarification. I've submitted JENKINS-62400 <https://issues.jenkins-ci.org/browse/JENKINS-62400> to track it. On Thu, May 21, 2020 at 4:45 PM Jason Pyeron wrote: > That file is only used when setting up the yum repository the first time. > Your change will not change anyone’s file configured in the past. So no > your change will not break anyone. > > > > The changes will only be seen by those newly following the instructions at > https://pkg.jenkins.io/redhat/ or at https://pkg.jenkins.io/redhat-stable/ > . > > > > For that fact, it is important that each repository section has a unique > name, without that things could get weird at best or just not work. > > > > v/r, > > > > Jason > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 6:17 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > I'm less concerned about the affect on systems which have both repos > enabled, since I expect that to be very few. > > > > I'm concerned that change the string inside the square brackets from > "jenkins" to "jenkins-stable" may cause systems that previously had one yum > repository for Jenkins to be confused and think they have two. If you can > confirm that confusion won't happen, then I don't object to the change. > > > > On Thu, May 21, 2020 at 4:09 PM Jason Pyeron wrote: > > Well on systems where both repos exist, there is a conflict in name. > > > > Think of it this way… > > > > Jenkins enabled=0 > > Jenkins-stable enabled=1 > > > > Happily auto updating….. > > > > Oh no, there is an issue – the fix is in Jenkins v.x.y.z, stable is not > there yet. > > > > yum –enablerepo=jenkins update > > > > @phew, now we have this bleeding edge fix, when the stable repo has a > newer version # it will get upgraded. > > > > > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 5:55 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > Thanks. I think I understand all the changes except the change from > [jenkins] to [jenkins-stable] in the redhat-stable repository. > > > > Won't that risk that some installed systems will think that they now have > a new repository source named "jenkins-stable" that is different than the > "jenkins" that they had before that change? > > > > I had assumed that the name "[jenkins]" was one way of requiring that a > system choose either Jenkins LTS or Jenkins Weekly, without choosing both > Jenkins LTS and Jenkins Weekly. The usual caveat applies. I am not expert > in Red Hat package management. I just want to do the best thing for > Jenkins users. > > > > Mark Waite > > > > On Thu, May 21, 2020 at 11:34 AM Jason Pyeron wrote: > > This is depending on the OS installation choices, security choices, etc… > > > > failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors > to try. > > https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS > Error 404 - Not Found > > > > Based on how Jenkins is delivering the yum repo these are how the repo > files should be delivered: > > > > https://pkg.jenkins.io/redhat-stable/jenkins.repo: > > [jenkins-stable] > > name=Jenkins-stable > > baseurl=https://pkg.jenkins.io/redhat-stable > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key > > > > and > > https://pkg.jenkins.io/redhat/jenkins.repo: > > [jenkins] > > name=Jenkins > > baseurl=https://pkg.jenkins.io/redhat > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key > > > > I highlighted the changed portions. If those are changed accordingly, the > problem should be moot. > > > > But having the repo GPG signed is a good thing. > > > > > > v/r, > > > > Jason Pyeron > > > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 12:24 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > I confirm that I don't see it there, but I am not sure it has ever been > there. > > > > I just performed an install of Jenkins 2.237 on a CentOS 7 system > following the instructions at > https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran > without
RE: yum repo gpg signature file missing
That file is only used when setting up the yum repository the first time. Your change will not change anyone’s file configured in the past. So no your change will not break anyone. The changes will only be seen by those newly following the instructions at https://pkg.jenkins.io/redhat/ or at https://pkg.jenkins.io/redhat-stable/ . For that fact, it is important that each repository section has a unique name, without that things could get weird at best or just not work. v/r, Jason From: jenkinsci-users@googlegroups.com On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 6:17 PM To: Jenkins Users Subject: Re: yum repo gpg signature file missing I'm less concerned about the affect on systems which have both repos enabled, since I expect that to be very few. I'm concerned that change the string inside the square brackets from "jenkins" to "jenkins-stable" may cause systems that previously had one yum repository for Jenkins to be confused and think they have two. If you can confirm that confusion won't happen, then I don't object to the change. On Thu, May 21, 2020 at 4:09 PM Jason Pyeron mailto:jpye...@pdinc.us> > wrote: Well on systems where both repos exist, there is a conflict in name. Think of it this way… Jenkins enabled=0 Jenkins-stable enabled=1 Happily auto updating….. Oh no, there is an issue – the fix is in Jenkins v.x.y.z, stable is not there yet. yum –enablerepo=jenkins update @phew, now we have this bleeding edge fix, when the stable repo has a newer version # it will get upgraded. From: jenkinsci-users@googlegroups.com <mailto:jenkinsci-users@googlegroups.com> mailto:jenkinsci-users@googlegroups.com> > On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 5:55 PM To: Jenkins Users mailto:jenkinsci-users@googlegroups.com> > Subject: Re: yum repo gpg signature file missing Thanks. I think I understand all the changes except the change from [jenkins] to [jenkins-stable] in the redhat-stable repository. Won't that risk that some installed systems will think that they now have a new repository source named "jenkins-stable" that is different than the "jenkins" that they had before that change? I had assumed that the name "[jenkins]" was one way of requiring that a system choose either Jenkins LTS or Jenkins Weekly, without choosing both Jenkins LTS and Jenkins Weekly. The usual caveat applies. I am not expert in Red Hat package management. I just want to do the best thing for Jenkins users. Mark Waite On Thu, May 21, 2020 at 11:34 AM Jason Pyeron mailto:jpye...@pdinc.us> > wrote: This is depending on the OS installation choices, security choices, etc… failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors to try. https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS Error 404 - Not Found Based on how Jenkins is delivering the yum repo these are how the repo files should be delivered: https://pkg.jenkins.io/redhat-stable/jenkins.repo: [jenkins-stable] name=Jenkins-stable baseurl=https://pkg.jenkins.io/redhat-stable <http://pkg.jenkins.io/redhat-stable> gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key and https://pkg.jenkins.io/redhat/jenkins.repo: [jenkins] name=Jenkins baseurl=https://pkg.jenkins.io/redhat <http://pkg.jenkins.io/redhat> gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key I highlighted the changed portions. If those are changed accordingly, the problem should be moot. But having the repo GPG signed is a good thing. v/r, Jason Pyeron From: jenkinsci-users@googlegroups.com <mailto:jenkinsci-users@googlegroups.com> mailto:jenkinsci-users@googlegroups.com> > On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 12:24 PM To: Jenkins Users mailto:jenkinsci-users@googlegroups.com> > Subject: Re: yum repo gpg signature file missing I confirm that I don't see it there, but I am not sure it has ever been there. I just performed an install of Jenkins 2.237 on a CentOS 7 system following the instructions at https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran without issue. The automated tests which check for install on various operating systems all pass on Jenkins 2.237 as well. That probably means more tests are needed to detect this case. What's the failure that you're seeing due to the missing 'asc' file? Mark Waite On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: Thanks for letting us know. I'm investigating now. On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: The repository GGP .asc file(s) are missing. # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L * Abo
Re: yum repo gpg signature file missing
I'm less concerned about the affect on systems which have both repos enabled, since I expect that to be very few. I'm concerned that change the string inside the square brackets from "jenkins" to "jenkins-stable" may cause systems that previously had one yum repository for Jenkins to be confused and think they have two. If you can confirm that confusion won't happen, then I don't object to the change. On Thu, May 21, 2020 at 4:09 PM Jason Pyeron wrote: > Well on systems where both repos exist, there is a conflict in name. > > > > Think of it this way… > > > > Jenkins enabled=0 > > Jenkins-stable enabled=1 > > > > Happily auto updating….. > > > > Oh no, there is an issue – the fix is in Jenkins v.x.y.z, stable is not > there yet. > > > > yum –enablerepo=jenkins update > > > > @phew, now we have this bleeding edge fix, when the stable repo has a > newer version # it will get upgraded. > > > > > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 5:55 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > Thanks. I think I understand all the changes except the change from > [jenkins] to [jenkins-stable] in the redhat-stable repository. > > > > Won't that risk that some installed systems will think that they now have > a new repository source named "jenkins-stable" that is different than the > "jenkins" that they had before that change? > > > > I had assumed that the name "[jenkins]" was one way of requiring that a > system choose either Jenkins LTS or Jenkins Weekly, without choosing both > Jenkins LTS and Jenkins Weekly. The usual caveat applies. I am not expert > in Red Hat package management. I just want to do the best thing for > Jenkins users. > > > > Mark Waite > > > > On Thu, May 21, 2020 at 11:34 AM Jason Pyeron wrote: > > This is depending on the OS installation choices, security choices, etc… > > > > failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors > to try. > > https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS > Error 404 - Not Found > > > > Based on how Jenkins is delivering the yum repo these are how the repo > files should be delivered: > > > > https://pkg.jenkins.io/redhat-stable/jenkins.repo: > > [jenkins-stable] > > name=Jenkins-stable > > baseurl=https://pkg.jenkins.io/redhat-stable > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key > > > > and > > https://pkg.jenkins.io/redhat/jenkins.repo: > > [jenkins] > > name=Jenkins > > baseurl=https://pkg.jenkins.io/redhat > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key > > > > I highlighted the changed portions. If those are changed accordingly, the > problem should be moot. > > > > But having the repo GPG signed is a good thing. > > > > > > v/r, > > > > Jason Pyeron > > > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 12:24 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > I confirm that I don't see it there, but I am not sure it has ever been > there. > > > > I just performed an install of Jenkins 2.237 on a CentOS 7 system > following the instructions at > https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran > without issue. The automated tests which check for install on various > operating systems all pass on Jenkins 2.237 as well. That probably means > more tests are needed to detect this case. > > > > What's the failure that you're seeing due to the missing 'asc' file? > > > Mark Waite > > On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: > > Thanks for letting us know. I'm investigating now. > > On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: > > The repository GGP .asc file(s) are missing. > > # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L > * About to connect() to pkg.jenkins.io port 80 (#0) > * Trying 151.101.66.133... connected > * Connected to pkg.jenkins.io (151.101.66.133) port 80 (#0) > > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: pkg.jenkins.io > > Accept
RE: yum repo gpg signature file missing
Well on systems where both repos exist, there is a conflict in name. Think of it this way… Jenkins enabled=0 Jenkins-stable enabled=1 Happily auto updating….. Oh no, there is an issue – the fix is in Jenkins v.x.y.z, stable is not there yet. yum –enablerepo=jenkins update @phew, now we have this bleeding edge fix, when the stable repo has a newer version # it will get upgraded. From: jenkinsci-users@googlegroups.com On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 5:55 PM To: Jenkins Users Subject: Re: yum repo gpg signature file missing Thanks. I think I understand all the changes except the change from [jenkins] to [jenkins-stable] in the redhat-stable repository. Won't that risk that some installed systems will think that they now have a new repository source named "jenkins-stable" that is different than the "jenkins" that they had before that change? I had assumed that the name "[jenkins]" was one way of requiring that a system choose either Jenkins LTS or Jenkins Weekly, without choosing both Jenkins LTS and Jenkins Weekly. The usual caveat applies. I am not expert in Red Hat package management. I just want to do the best thing for Jenkins users. Mark Waite On Thu, May 21, 2020 at 11:34 AM Jason Pyeron mailto:jpye...@pdinc.us> > wrote: This is depending on the OS installation choices, security choices, etc… failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors to try. https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS Error 404 - Not Found Based on how Jenkins is delivering the yum repo these are how the repo files should be delivered: https://pkg.jenkins.io/redhat-stable/jenkins.repo: [jenkins-stable] name=Jenkins-stable baseurl=https://pkg.jenkins.io/redhat-stable <http://pkg.jenkins.io/redhat-stable> gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key and https://pkg.jenkins.io/redhat/jenkins.repo: [jenkins] name=Jenkins baseurl=https://pkg.jenkins.io/redhat <http://pkg.jenkins.io/redhat> gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key I highlighted the changed portions. If those are changed accordingly, the problem should be moot. But having the repo GPG signed is a good thing. v/r, Jason Pyeron From: jenkinsci-users@googlegroups.com <mailto:jenkinsci-users@googlegroups.com> mailto:jenkinsci-users@googlegroups.com> > On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 12:24 PM To: Jenkins Users mailto:jenkinsci-users@googlegroups.com> > Subject: Re: yum repo gpg signature file missing I confirm that I don't see it there, but I am not sure it has ever been there. I just performed an install of Jenkins 2.237 on a CentOS 7 system following the instructions at https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran without issue. The automated tests which check for install on various operating systems all pass on Jenkins 2.237 as well. That probably means more tests are needed to detect this case. What's the failure that you're seeing due to the missing 'asc' file? Mark Waite On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: Thanks for letting us know. I'm investigating now. On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: The repository GGP .asc file(s) are missing. # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L * About to connect() to pkg.jenkins.io <http://pkg.jenkins.io> port 80 (#0) * Trying 151.101.66.133... connected * Connected to pkg.jenkins.io <http://pkg.jenkins.io> (151.101.66.133) port 80 (#0) > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: pkg.jenkins.io <http://pkg.jenkins.io> > Accept: */* > < HTTP/1.1 301 Moved Permanently < Server: Varnish < Retry-After: 0 < Location: https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc < Content-Length: 0 < Accept-Ranges: bytes < Date: Thu, 21 May 2020 14:19:12 GMT < Via: 1.1 varnish < Connection: close < X-Served-By: cache-dca17762-DCA < X-Cache: HIT < X-Cache-Hits: 0 < X-Timer: S1590070752.250345,VS0,VE0 < Strict-Transport-Security: max-age=300 < * Closing connection #0 * Issue another request to this URL: 'https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc' * About to connect() to pkg.jenkins.io <http://pkg.jenkins.io> port 443 (#0) * Trying 151.101.2.133... connected * Connected to pkg.jenkins.io <http://pkg.jenkins.io> (151.101.2.133) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt
Re: yum repo gpg signature file missing
Thanks. I think I understand all the changes except the change from [jenkins] to [jenkins-stable] in the redhat-stable repository. Won't that risk that some installed systems will think that they now have a new repository source named "jenkins-stable" that is different than the "jenkins" that they had before that change? I had assumed that the name "[jenkins]" was one way of requiring that a system choose either Jenkins LTS or Jenkins Weekly, without choosing both Jenkins LTS and Jenkins Weekly. The usual caveat applies. I am not expert in Red Hat package management. I just want to do the best thing for Jenkins users. Mark Waite On Thu, May 21, 2020 at 11:34 AM Jason Pyeron wrote: > This is depending on the OS installation choices, security choices, etc… > > > > failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors > to try. > > https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS > Error 404 - Not Found > > > > Based on how Jenkins is delivering the yum repo these are how the repo > files should be delivered: > > > > https://pkg.jenkins.io/redhat-stable/jenkins.repo: > > [jenkins-stable] > > name=Jenkins-stable > > baseurl=https://pkg.jenkins.io/redhat-stable > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key > > > > and > > https://pkg.jenkins.io/redhat/jenkins.repo: > > [jenkins] > > name=Jenkins > > baseurl=https://pkg.jenkins.io/redhat > > gpgcheck=1 > > repo_gpgcheck=0 > > gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key > > > > I highlighted the changed portions. If those are changed accordingly, the > problem should be moot. > > > > But having the repo GPG signed is a good thing. > > > > > > v/r, > > > > Jason Pyeron > > > > *From:* jenkinsci-users@googlegroups.com > *On Behalf Of *Mark Waite > *Sent:* Thursday, May 21, 2020 12:24 PM > *To:* Jenkins Users > *Subject:* Re: yum repo gpg signature file missing > > > > I confirm that I don't see it there, but I am not sure it has ever been > there. > > > > I just performed an install of Jenkins 2.237 on a CentOS 7 system > following the instructions at > https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran > without issue. The automated tests which check for install on various > operating systems all pass on Jenkins 2.237 as well. That probably means > more tests are needed to detect this case. > > > > What's the failure that you're seeing due to the missing 'asc' file? > > > Mark Waite > > On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: > > Thanks for letting us know. I'm investigating now. > > On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: > > The repository GGP .asc file(s) are missing. > > # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L > * About to connect() to pkg.jenkins.io port 80 (#0) > * Trying 151.101.66.133... connected > * Connected to pkg.jenkins.io (151.101.66.133) port 80 (#0) > > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: pkg.jenkins.io > > Accept: */* > > > < HTTP/1.1 301 Moved Permanently > < Server: Varnish > < Retry-After: 0 > < Location: https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc > < Content-Length: 0 > < Accept-Ranges: bytes > < Date: Thu, 21 May 2020 14:19:12 GMT > < Via: 1.1 varnish > < Connection: close > < X-Served-By: cache-dca17762-DCA > < X-Cache: HIT > < X-Cache-Hits: 0 > < X-Timer: S1590070752.250345,VS0,VE0 > < Strict-Transport-Security: max-age=300 > < > * Closing connection #0 > * Issue another request to this URL: ' > https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc' > * About to connect() to pkg.jenkins.io port 443 (#0) > * Trying 151.101.2.133... connected > * Connected to pkg.jenkins.io (151.101.2.133) port 443 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * CAfile: /etc/pki/tls/certs/ca-bundle.crt > CApath: none > * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > * Server certificate: > * subject: CN=pkg.jenkins.io > * start date: Apr 22 12:02:54 2020 GMT > * expire date: Jul 21 12:02:54 2020 GMT > * common name: pkg.jenkins.io > * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US > > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > > U
RE: yum repo gpg signature file missing
This is depending on the OS installation choices, security choices, etc… failure: repodata/repomd.xml.asc from jenkins: [Errno 256] No more mirrors to try. https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc: [Errno 14] HTTPS Error 404 - Not Found Based on how Jenkins is delivering the yum repo these are how the repo files should be delivered: https://pkg.jenkins.io/redhat-stable/jenkins.repo: [jenkins-stable] name=Jenkins-stable baseurl=https://pkg.jenkins.io/redhat-stable gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io.key and https://pkg.jenkins.io/redhat/jenkins.repo: [jenkins] name=Jenkins baseurl=https://pkg.jenkins.io/redhat gpgcheck=1 repo_gpgcheck=0 gpgkey=https://pkg.jenkins.io/redhat/jenkins.io.key I highlighted the changed portions. If those are changed accordingly, the problem should be moot. But having the repo GPG signed is a good thing. v/r, Jason Pyeron From: jenkinsci-users@googlegroups.com On Behalf Of Mark Waite Sent: Thursday, May 21, 2020 12:24 PM To: Jenkins Users Subject: Re: yum repo gpg signature file missing I confirm that I don't see it there, but I am not sure it has ever been there. I just performed an install of Jenkins 2.237 on a CentOS 7 system following the instructions at https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran without issue. The automated tests which check for install on various operating systems all pass on Jenkins 2.237 as well. That probably means more tests are needed to detect this case. What's the failure that you're seeing due to the missing 'asc' file? Mark Waite On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: Thanks for letting us know. I'm investigating now. On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: The repository GGP .asc file(s) are missing. # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L * About to connect() to pkg.jenkins.io <http://pkg.jenkins.io> port 80 (#0) * Trying 151.101.66.133... connected * Connected to pkg.jenkins.io <http://pkg.jenkins.io> (151.101.66.133) port 80 (#0) > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: pkg.jenkins.io <http://pkg.jenkins.io> > Accept: */* > < HTTP/1.1 301 Moved Permanently < Server: Varnish < Retry-After: 0 < Location: https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc < Content-Length: 0 < Accept-Ranges: bytes < Date: Thu, 21 May 2020 14:19:12 GMT < Via: 1.1 varnish < Connection: close < X-Served-By: cache-dca17762-DCA < X-Cache: HIT < X-Cache-Hits: 0 < X-Timer: S1590070752.250345,VS0,VE0 < Strict-Transport-Security: max-age=300 < * Closing connection #0 * Issue another request to this URL: 'https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc' * About to connect() to pkg.jenkins.io <http://pkg.jenkins.io> port 443 (#0) * Trying 151.101.2.133... connected * Connected to pkg.jenkins.io <http://pkg.jenkins.io> (151.101.2.133) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: CN=pkg.jenkins.io <http://pkg.jenkins.io> * start date: Apr 22 12:02:54 2020 GMT * expire date: Jul 21 12:02:54 2020 GMT * common name: pkg.jenkins.io <http://pkg.jenkins.io> * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: pkg.jenkins.io <http://pkg.jenkins.io> > Accept: */* > < HTTP/1.1 404 Not Found < Connection: keep-alive < Content-Length: 228 < Server: Apache/2.4.29 (Ubuntu) < Content-Type: text/html; charset=iso-8859-1 < Accept-Ranges: bytes < Date: Thu, 21 May 2020 14:19:12 GMT < Via: 1.1 varnish < Age: 0 < X-Served-By: cache-dca17757-DCA < X-Cache: MISS < X-Cache-Hits: 0 < X-Timer: S1590070752.409173,VS0,VE8 < Strict-Transport-Security: max-age=300 < 404 Not Found Not Found The requested URL /redhat/repodata/repomd.xml.asc was not found on this server. * Connection #0 to host pkg.jenkins.io <http://pkg.jenkins.io> left intact * Closing connection #0 -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com <mailto:jenkinsci-user
Re: yum repo gpg signature file missing
I confirm that I don't see it there, but I am not sure it has ever been there. I just performed an install of Jenkins 2.237 on a CentOS 7 system following the instructions at https://www.jenkins.io/doc/book/installing/#red-hat-centos and it ran without issue. The automated tests which check for install on various operating systems all pass on Jenkins 2.237 as well. That probably means more tests are needed to detect this case. What's the failure that you're seeing due to the missing 'asc' file? Mark Waite On Thursday, May 21, 2020 at 9:50:07 AM UTC-6, Mark Waite wrote: > > Thanks for letting us know. I'm investigating now. > > On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: >> >> The repository GGP .asc file(s) are missing. >> >> # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L >> * About to connect() to pkg.jenkins.io port 80 (#0) >> * Trying 151.101.66.133... connected >> * Connected to pkg.jenkins.io (151.101.66.133) port 80 (#0) >> > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 >> > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 >> zlib/1.2.3 libidn/1.18 libssh2/1.4.2 >> > Host: pkg.jenkins.io >> > Accept: */* >> > >> < HTTP/1.1 301 Moved Permanently >> < Server: Varnish >> < Retry-After: 0 >> < Location: https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc >> < Content-Length: 0 >> < Accept-Ranges: bytes >> < Date: Thu, 21 May 2020 14:19:12 GMT >> < Via: 1.1 varnish >> < Connection: close >> < X-Served-By: cache-dca17762-DCA >> < X-Cache: HIT >> < X-Cache-Hits: 0 >> < X-Timer: S1590070752.250345,VS0,VE0 >> < Strict-Transport-Security: max-age=300 >> < >> * Closing connection #0 >> * Issue another request to this URL: ' >> https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc' >> * About to connect() to pkg.jenkins.io port 443 (#0) >> * Trying 151.101.2.133... connected >> * Connected to pkg.jenkins.io (151.101.2.133) port 443 (#0) >> * Initializing NSS with certpath: sql:/etc/pki/nssdb >> * CAfile: /etc/pki/tls/certs/ca-bundle.crt >> CApath: none >> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 >> * Server certificate: >> * subject: CN=pkg.jenkins.io >> * start date: Apr 22 12:02:54 2020 GMT >> * expire date: Jul 21 12:02:54 2020 GMT >> * common name: pkg.jenkins.io >> * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US >> > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 >> > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 >> zlib/1.2.3 libidn/1.18 libssh2/1.4.2 >> > Host: pkg.jenkins.io >> > Accept: */* >> > >> < HTTP/1.1 404 Not Found >> < Connection: keep-alive >> < Content-Length: 228 >> < Server: Apache/2.4.29 (Ubuntu) >> < Content-Type: text/html; charset=iso-8859-1 >> < Accept-Ranges: bytes >> < Date: Thu, 21 May 2020 14:19:12 GMT >> < Via: 1.1 varnish >> < Age: 0 >> < X-Served-By: cache-dca17757-DCA >> < X-Cache: MISS >> < X-Cache-Hits: 0 >> < X-Timer: S1590070752.409173,VS0,VE8 >> < Strict-Transport-Security: max-age=300 >> < >> >> >> 404 Not Found >> >> Not Found >> The requested URL /redhat/repodata/repomd.xml.asc was not found on >> this server. >> >> * Connection #0 to host pkg.jenkins.io left intact >> * Closing connection #0 >> >> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/5a8a2b6e-740f-4afb-b9d2-4d0db2e810da%40googlegroups.com.
Re: yum repo gpg signature file missing
Thanks for letting us know. I'm investigating now. On Thursday, May 21, 2020 at 8:20:46 AM UTC-6, Jason Pyeron wrote: > > The repository GGP .asc file(s) are missing. > > # curl -v http://pkg.jenkins.io/redhat/repodata/repomd.xml.asc -L > * About to connect() to pkg.jenkins.io port 80 (#0) > * Trying 151.101.66.133... connected > * Connected to pkg.jenkins.io (151.101.66.133) port 80 (#0) > > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: pkg.jenkins.io > > Accept: */* > > > < HTTP/1.1 301 Moved Permanently > < Server: Varnish > < Retry-After: 0 > < Location: https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc > < Content-Length: 0 > < Accept-Ranges: bytes > < Date: Thu, 21 May 2020 14:19:12 GMT > < Via: 1.1 varnish > < Connection: close > < X-Served-By: cache-dca17762-DCA > < X-Cache: HIT > < X-Cache-Hits: 0 > < X-Timer: S1590070752.250345,VS0,VE0 > < Strict-Transport-Security: max-age=300 > < > * Closing connection #0 > * Issue another request to this URL: ' > https://pkg.jenkins.io/redhat/repodata/repomd.xml.asc' > * About to connect() to pkg.jenkins.io port 443 (#0) > * Trying 151.101.2.133... connected > * Connected to pkg.jenkins.io (151.101.2.133) port 443 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * CAfile: /etc/pki/tls/certs/ca-bundle.crt > CApath: none > * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > * Server certificate: > * subject: CN=pkg.jenkins.io > * start date: Apr 22 12:02:54 2020 GMT > * expire date: Jul 21 12:02:54 2020 GMT > * common name: pkg.jenkins.io > * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US > > GET /redhat/repodata/repomd.xml.asc HTTP/1.1 > > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 > zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: pkg.jenkins.io > > Accept: */* > > > < HTTP/1.1 404 Not Found > < Connection: keep-alive > < Content-Length: 228 > < Server: Apache/2.4.29 (Ubuntu) > < Content-Type: text/html; charset=iso-8859-1 > < Accept-Ranges: bytes > < Date: Thu, 21 May 2020 14:19:12 GMT > < Via: 1.1 varnish > < Age: 0 > < X-Served-By: cache-dca17757-DCA > < X-Cache: MISS > < X-Cache-Hits: 0 > < X-Timer: S1590070752.409173,VS0,VE8 > < Strict-Transport-Security: max-age=300 > < > > > 404 Not Found > > Not Found > The requested URL /redhat/repodata/repomd.xml.asc was not found on this > server. > > * Connection #0 to host pkg.jenkins.io left intact > * Closing connection #0 > > > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/9bde6540-62ec-41e1-b8ce-aa461a2fde55%40googlegroups.com.
