diff mbox series

[v3,16/16] isar-bootstrap: Connect to gpg-agent before adding keys

Message ID fb2c4ebc092d9f15ef13209d3c38434e601c7e8a.1600788534.git.jan.kiszka@siemens.com
State Superseded, archived
Headers show
Series Complete backlog: SDK, compat arch, assorting fixed and cleanups | expand

Commit Message

Jan Kiszka Sept. 22, 2020, 7:28 a.m. UTC 
From: Jan Kiszka <jan.kiszka@siemens.com>

We have recurring issues in CI with the gpg-agent not being ready when
trying to use apt-key:

gpg: can't connect to the agent: IPC connect call failed

Work around this by connecting upfront to the agent, retrying that in a
bounded loop.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Jan Kiszka Sept. 22, 2020, 1:03 p.m. UTC | #1 
On 22.09.20 17:28, [ext] Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> We have recurring issues in CI with the gpg-agent not being ready when
> trying to use apt-key:
> 
> gpg: can't connect to the agent: IPC connect call failed
> 
> Work around this by connecting upfront to the agent, retrying that in a
> bounded loop.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>   meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> index fbfe669d..957dfd6a 100644
> --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> @@ -303,6 +303,10 @@ isar_bootstrap() {
>                                "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf"
>               find ${APT_KEYS_DIR}/ -type f | while read keyfile
>               do
> +                for i in $(seq 10); do
> +                    gpg-connect-agent && break
> +                    sleep 1
> +                done
>                   kfn="$(basename $keyfile)"
>                   cp $keyfile "${ROOTFSDIR}/tmp/$kfn"
>                   chroot "${ROOTFSDIR}" /usr/bin/apt-key \
> 

Strike this, nonsense. Got confused by the levels of chroots. New 
version will follow that retries the key addition itself, inside the chroot.

Jan
Baurzhan Ismagulov Sept. 23, 2020, 12:29 p.m. UTC | #2 
On Tue, Sep 22, 2020 at 11:03:52PM +0200, Jan Kiszka wrote:
> Strike this, nonsense. Got confused by the levels of chroots. New version
> will follow that retries the key addition itself, inside the chroot.

We have a similar implementation which also kills the agent afterwards, will
post as well.

With kind regards,
Baurzhan.
diff mbox series

Patch

diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index fbfe669d..957dfd6a 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -303,6 +303,10 @@  isar_bootstrap() {
                              "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar.conf"
             find ${APT_KEYS_DIR}/ -type f | while read keyfile
             do
+                for i in $(seq 10); do
+                    gpg-connect-agent && break
+                    sleep 1
+                done
                 kfn="$(basename $keyfile)"
                 cp $keyfile "${ROOTFSDIR}/tmp/$kfn"
                 chroot "${ROOTFSDIR}" /usr/bin/apt-key \