DEVHIDE
Login Or Sign up

generate temp gpg key non interactively (unattended mode)

557 Views Asked by At

Specific problem:

Unable to create required files in gnupg home directory, so gpg couldn't connect the agent.

Additional details:

  1. With the help of gnupg docs, I generated a temporary key.
- name: gpg key generation - transient
      run: >
        export GNUPGHOME="$(mktemp -d)"
        cat >tempkey <<EOF
          %echo Generating a basic OpenPGP key
          Key-Type: DSA
          Key-Length: 1024
          Subkey-Type: ELG-E
          Subkey-Length: 1024
          Name-Real: J143 Bot
          Name-Comment: this contains some passphrase
          Name-Email: j143+[bot]@protonmail.com
          Expire-Date: 0
          Passphrase: asdfghjkl
          # Do a commit here, so that we can later print "done" :-)
          %commit
          %echo done
        EOF
        gpg --batch --generate-key tempkey
  1. tried this key generation in github actions (CI), I am having the following error messages:
gpg: WARNING: unsafe ownership on homedir '/home/runner/gnupg_home'
gpg: failed to create temporary file '/home/runner/gnupg_home/.#lk0x00005632ca729d00.fv-az269-930.1622': Permission denied
gpg: keyblock resource '/home/runner/gnupg_home/pubring.kbx': Permission denied
gpg: Generating a basic OpenPGP key
gpg: failed to create temporary file '/home/runner/gnupg_home/.#lk0x00005632ca732190.fv-az269-930.1622': Permission denied
gpg: can't connect to the agent: Permission denied
gpg: agent_genkey failed: No agent running
gpg: key generation failed: No agent running
gpg: done
  1. The generated key is used for signing with maven-gpg-plugin, the error message looks like this:
[INFO] [DEBUG] Configuring mojo 'org.apache.maven.plugins:maven-gpg-plugin:1.6:sign' with basic configurator -->
[INFO] [DEBUG]   (f) ascDirectory = /home/runner/work/release-scripts/release-scripts/systemds/target/gpg
[INFO] [DEBUG]   (f) defaultKeyring = true
[INFO] [DEBUG]   (f) homedir = /home/runner/gnupghome
[INFO] [DEBUG]   (f) interactive = false
[INFO] [DEBUG]   (f) passphraseServerId = gpg.passphrase
[INFO] [DEBUG]   (f) project = MavenProject: org.apache.systemds:systemds:2.1.0-SNAPSHOT @ /home/runner/work/release-scripts/release-scripts/systemds/pom.xml
[INFO] [DEBUG]   (f) settings = org.apache.maven.execution.SettingsAdapter@596ad7fe
[INFO] [DEBUG]   (f) skip = false
[INFO] [DEBUG]   (f) useAgent = true
[INFO] [DEBUG] -- end configuration --
[INFO] [DEBUG] Generating signature for /home/runner/work/release-scripts/release-scripts/systemds/target/systemds-2.1.0-SNAPSHOT.jar

Complete workflow file here: ./maven-publish.yml#L43-L98

github-actions gnupg maven-gpg-plugin
Original Q&A
0

There are 0 best solutions below

Related Questions in GITHUB-ACTIONS

Related Questions in GNUPG

Related Questions in MAVEN-GPG-PLUGIN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.