When Jenkins triggers maven-gpg-plugin in a remote Linux shell it fails with gpg: signing failed: Inappropriate ioctl for device. This used to work until recently. I don't know what changed.
I found a lot of online references suggesting export GPG_TTY=$(tty) but this doesn't work for ssh connections as tty is null. Any ideas?
On
Upgrading to a newer maven-gpg-plugin version helped in my case. From 1.5 to 3.0.1.
Hopefully it will be at least a try for somebody
On
To build on Gili's answer:
Rather than modify every pom.xml to make Jenkins happy, you can add the following to ~/.gnupg/gpg.conf on Jenkins slaves with newer gpg:
pinentry-mode loopback
You can also automate this. I'm using puppet to create gpg.conf files with this entry if gpg version is 2.1 or higher:
<% if scope.lookupvar("gpg_version").to_f >= 2.1 %>
pinentry-mode loopback
<% end %>
Facter.add("gpg_version") do
setcode do
result = ''
begin
first_line = `gpg --version`.split("\n")[0]
match = first_line.match /.* ([0-9\.]*)$/
result = match[1]
rescue
end
result
end
end
This worked for me:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.0.1</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<gpgArguments>
<argument>--pinentry-mode</argument>
<argument>loopback</argument>
</gpgArguments>
</configuration>
</plugin>
I found an excellent explanation over at https://myshittycode.com/2017/08/07/maven-gpg-plugin-prevent-signing-prompt-or-gpg-signing-failed-no-such-file-or-directory-error/
I will re-post the gist of the post in case the page goes down:
Sounds about right...