New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kludge: hardcode Google Cloud SDK key due to error 500 #24045
Conversation
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nbusseneau can we hardcode https://web.archive.org/web/20230223152417/https://packages.cloud.google.com/apt/doc/apt-key.gpg and add this URL in the commit / comment?
@aanm I don't understand the comment, this is already what I'm doing 🤔 |
test/provision/k8s_install.sh
Outdated
# retry_function "wget https://packages.cloud.google.com/apt/doc/apt-key.gpg" | ||
# apt-key add apt-key.gpg | ||
# the Google Cloud SDK apt-key is not working at the moment (error 500) | ||
# temporarily hardcode the latest version of the key available (taken from my personal machine, so we're OK @Nicolas) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nbusseneau can we hardcode
# temporarily hardcode the latest version of the key available (taken from my personal machine, so we're OK @Nicolas) | |
# temporarily hardcode the latest version of the key available (taken from https://web.archive.org/web/20230223152417/https://packages.cloud.google.com/apt/doc/apt-key.gpg) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nbusseneau but this should still be changed otherwise if we ever need to change this for some reason we will have to call you to get a new key from your personal machine.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a kludge for until Google Cloud SDK fixes their stuff at which point we should revert the commit. If we ever need to update that base64-encoded key it means something went very, very wrong 😁
# apt-key add apt-key.gpg | ||
# the Google Cloud SDK apt-key is not working at the moment (error 500) | ||
# temporarily hardcode the latest version of the key available (taken from my personal machine, so we're OK @Nicolas) | ||
echo "mQENBGKItdQBCADWmKTNZEYWgXy73FvKFY5fRro4tGNa4Be4TZW3wZpct9Cj8EjykU7S9EPoJ3EdKpxFltHRu7QbDi6LWSNA4XxwnudQrYGxnxx6Ru1KBHFxHhLfWsvFcGMwit/znpxtIt9UzqCm2YTEW5NUnzQ4rXYqVQK2FLG4weYJ5bKwkY+ZsnRJpzxdHGJ0pBiqwkMT8bfQdJymUBown+SeuQ2HEqfjVMsIRe0dweD2PHWeWo9fTXsz1Q5abiGckyOVyoN9//DgSvLUocUcZsrWvYPaN+o8lXTO3GYFGNVsx069rxarkeCjOpiQOWrQmywXISQudcusSgmmgfsRZYW7FDBy5MQrABEBAAGwDAAAZ3BnAQAAAAAAALRRUmFwdHVyZSBBdXRvbWF0aWMgU2lnbmluZyBLZXkgKGNsb3VkLXJhcHR1cmUtc2lnbmluZy1rZXktMjAyMi0wMy0wNy0wOF8wMV8wMS5wdWIpsAwAAGdwZwIAAAAAAACJASIEEwEIABYFAmKItdQJELU9yA0T7e8FAhsDAhkBAADBqAf/fEATSCDd0Ng92moa35G+msXeeczsEdLZ64riUaDx6DbqKzqQr/WljDL0AAjVpMbLycRBfDlG84UmIwEed+EQ4oI03rYytotsCi8/5CY2W7heGVzMpwpuNHlZtV2alOt1PV0dkcZl6acjaTKkDvS68xhJzSbodt4nGmWOp6NdmscpsXJXv/kgpnWvKAwH2tIsgNosoP3lNOW7mb+eDAukQdd0LUvvLzqygxq+0WKf1WL0M2FpvnJOg75WlV+lQedQZC5dt0kJJ8mSCQVT5vLbVOuRMq64BtYyyxxVw1Kif0aTSqvjws1osreLstwH1yvPUXMy7t7sYg9AkCNE99bvyLAGAANncGcAuQENBGKItdQBCADIMMJdRcg0Phv7+CrZz3xRE8Fbz8AN+YCLigQeH0B9lijxkjAFr+thB0IrOu7ruwNY+mvdP6dAewUur+pJaIjEe+4s8JBEFb4BxJfBBPuEbGSxbi4OPEJuwT53TMJMEs7+gIxCCmwioTggTBp6JzDsT/cdBeyWCusCQwDWpqoYCoUWJLrUQ6dOlI7s6p+iIUNIamtyBCwb4izs27HdEpX8gvO9rEdtcb7399HyO3oD4gHgcuFiuZTpvWHdn9WYwPGM6npJNG7crtLnctTR0cP9KutSPNzpySeAniHx8L9ebdD9tNPCWC+OtOcGRrcBeEznkYh1C4kzdP1ORm5upnknABEBAAGJAR8EGAEIABMFAmKItdQJELU9yA0T7e8FAhsMAABJmAgAhRPk/dFj71bU/UTXrkEkZZzE9JzUgan/ttyRrV6QbFZABByf4pYjBj+yLKw3280//JWurKox2uzEq1hdXPedRHICRuh1Fjd00otaQ+wGF3kY74zlWivB6Wp6tnL9STQ1oVYBUv7HhSHoJ5shELyedxxHxurUgFAD+pbFXIiK8cnAHfXTJMcrmPpC+YWEC/DeqIyEcNPkzRhtRSuERXcq1n+KJvMUAKMD/tezwvujzBaaSWapmdnGmtRjjL7IxUeGamVWOwLQbUr+34MwzdeJdcL8fav5LA8Uk0ulyeXdwiAK8FKQsixI+xZvz7HUs8ln4pZwGw/TpvO9cMkHogtgzbAGAANncGcA" | base64 -d | apt-key add - |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
echo "mQENBGKItdQBCADWmKTNZEYWgXy73FvKFY5fRro4tGNa4Be4TZW3wZpct9Cj8EjykU7S9EPoJ3EdKpxFltHRu7QbDi6LWSNA4XxwnudQrYGxnxx6Ru1KBHFxHhLfWsvFcGMwit/znpxtIt9UzqCm2YTEW5NUnzQ4rXYqVQK2FLG4weYJ5bKwkY+ZsnRJpzxdHGJ0pBiqwkMT8bfQdJymUBown+SeuQ2HEqfjVMsIRe0dweD2PHWeWo9fTXsz1Q5abiGckyOVyoN9//DgSvLUocUcZsrWvYPaN+o8lXTO3GYFGNVsx069rxarkeCjOpiQOWrQmywXISQudcusSgmmgfsRZYW7FDBy5MQrABEBAAGwDAAAZ3BnAQAAAAAAALRRUmFwdHVyZSBBdXRvbWF0aWMgU2lnbmluZyBLZXkgKGNsb3VkLXJhcHR1cmUtc2lnbmluZy1rZXktMjAyMi0wMy0wNy0wOF8wMV8wMS5wdWIpsAwAAGdwZwIAAAAAAACJASIEEwEIABYFAmKItdQJELU9yA0T7e8FAhsDAhkBAADBqAf/fEATSCDd0Ng92moa35G+msXeeczsEdLZ64riUaDx6DbqKzqQr/WljDL0AAjVpMbLycRBfDlG84UmIwEed+EQ4oI03rYytotsCi8/5CY2W7heGVzMpwpuNHlZtV2alOt1PV0dkcZl6acjaTKkDvS68xhJzSbodt4nGmWOp6NdmscpsXJXv/kgpnWvKAwH2tIsgNosoP3lNOW7mb+eDAukQdd0LUvvLzqygxq+0WKf1WL0M2FpvnJOg75WlV+lQedQZC5dt0kJJ8mSCQVT5vLbVOuRMq64BtYyyxxVw1Kif0aTSqvjws1osreLstwH1yvPUXMy7t7sYg9AkCNE99bvyLAGAANncGcAuQENBGKItdQBCADIMMJdRcg0Phv7+CrZz3xRE8Fbz8AN+YCLigQeH0B9lijxkjAFr+thB0IrOu7ruwNY+mvdP6dAewUur+pJaIjEe+4s8JBEFb4BxJfBBPuEbGSxbi4OPEJuwT53TMJMEs7+gIxCCmwioTggTBp6JzDsT/cdBeyWCusCQwDWpqoYCoUWJLrUQ6dOlI7s6p+iIUNIamtyBCwb4izs27HdEpX8gvO9rEdtcb7399HyO3oD4gHgcuFiuZTpvWHdn9WYwPGM6npJNG7crtLnctTR0cP9KutSPNzpySeAniHx8L9ebdD9tNPCWC+OtOcGRrcBeEznkYh1C4kzdP1ORm5upnknABEBAAGJAR8EGAEIABMFAmKItdQJELU9yA0T7e8FAhsMAABJmAgAhRPk/dFj71bU/UTXrkEkZZzE9JzUgan/ttyRrV6QbFZABByf4pYjBj+yLKw3280//JWurKox2uzEq1hdXPedRHICRuh1Fjd00otaQ+wGF3kY74zlWivB6Wp6tnL9STQ1oVYBUv7HhSHoJ5shELyedxxHxurUgFAD+pbFXIiK8cnAHfXTJMcrmPpC+YWEC/DeqIyEcNPkzRhtRSuERXcq1n+KJvMUAKMD/tezwvujzBaaSWapmdnGmtRjjL7IxUeGamVWOwLQbUr+34MwzdeJdcL8fav5LA8Uk0ulyeXdwiAK8FKQsixI+xZvz7HUs8ln4pZwGw/TpvO9cMkHogtgzbAGAANncGcA" | base64 -d | apt-key add - | |
echo "xsBNBGKItdQBCADWmKTNZEYWgXy73FvKFY5fRro4tGNa4Be4TZW3wZpct9Cj8EjykU7S9EPoJ3EdKpxFltHRu7QbDi6LWSNA4XxwnudQrYGxnxx6Ru1KBHFxHhLfWsvFcGMwit/znpxtIt9UzqCm2YTEW5NUnzQ4rXYqVQK2FLG4weYJ5bKwkY+ZsnRJpzxdHGJ0pBiqwkMT8bfQdJymUBown+SeuQ2HEqfjVMsIRe0dweD2PHWeWo9fTXsz1Q5abiGckyOVyoN9//DgSvLUocUcZsrWvYPaN+o8lXTO3GYFGNVsx069rxarkeCjOpiQOWrQmywXISQudcusSgmmgfsRZYW7FDBy5MQrABEBAAHNUVJhcHR1cmUgQXV0b21hdGljIFNpZ25pbmcgS2V5IChjbG91ZC1yYXB0dXJlLXNpZ25pbmcta2V5LTIwMjItMDMtMDctMDhfMDFfMDEucHViKcLAYgQTAQgAFgUCYoi11AkQtT3IDRPt7wUCGwMCGQEAAMGoCAB8QBNIIN3Q2D3aahrfkb6axd55zOwR0tnriuJRoPHoNuorOpCv9aWMMvQACNWkxsvJxEF8OUbzhSYjAR534RDigjTetjK2i2wKLz/kJjZbuF4ZXMynCm40eVm1XZqU63U9XR2RxmXppyNpMqQO9LrzGEnNJuh23icaZY6no12axymxcle/+SCmda8oDAfa0iyA2iyg/eU05buZv54MC6RB13QtS+8vOrKDGr7RYp/VYvQzYWm+ck6DvlaVX6VB51BkLl23SQknyZIJBVPm8ttU65EyrrgG1jLLHFXDUqJ/RpNKq+PCzWiyt4uy3AfXK89RczLu3uxiD0CQI0T31u/IzsBNBGKItdQBCADIMMJdRcg0Phv7+CrZz3xRE8Fbz8AN+YCLigQeH0B9lijxkjAFr+thB0IrOu7ruwNY+mvdP6dAewUur+pJaIjEe+4s8JBEFb4BxJfBBPuEbGSxbi4OPEJuwT53TMJMEs7+gIxCCmwioTggTBp6JzDsT/cdBeyWCusCQwDWpqoYCoUWJLrUQ6dOlI7s6p+iIUNIamtyBCwb4izs27HdEpX8gvO9rEdtcb7399HyO3oD4gHgcuFiuZTpvWHdn9WYwPGM6npJNG7crtLnctTR0cP9KutSPNzpySeAniHx8L9ebdD9tNPCWC+OtOcGRrcBeEznkYh1C4kzdP1ORm5upnknABEBAAHCwF8EGAEIABMFAmKItdQJELU9yA0T7e8FAhsMAABJmAgAhRPk/dFj71bU/UTXrkEkZZzE9JzUgan/ttyRrV6QbFZABByf4pYjBj+yLKw3280//JWurKox2uzEq1hdXPedRHICRuh1Fjd00otaQ+wGF3kY74zlWivB6Wp6tnL9STQ1oVYBUv7HhSHoJ5shELyedxxHxurUgFAD+pbFXIiK8cnAHfXTJMcrmPpC+YWEC/DeqIyEcNPkzRhtRSuERXcq1n+KJvMUAKMD/tezwvujzBaaSWapmdnGmtRjjL7IxUeGamVWOwLQbUr+34MwzdeJdcL8fav5LA8Uk0ulyeXdwiAK8FKQsixI+xZvz7HUs8ln4pZwGw/TpvO9cMkHogtgzQ==" | base64 -d | apt-key add - |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here is a diff between Nicholas' key and the one from wayback:
$ diff -u <(gpg --list-packets wayback.asc) <(gpg --list-packets pr.asc)
--- /dev/fd/63 2023-02-27 13:10:53.718980457 +0000
+++ /dev/fd/62 2023-02-27 13:10:53.719980469 +0000
@@ -1,12 +1,16 @@
-# off=0 ctb=c6 tag=6 hlen=3 plen=269 new-ctb
+# off=0 ctb=99 tag=6 hlen=3 plen=269
:public key packet:
version 4, algo 1, created 1653126612, expires 0
pkey[0]: [2048 bits]
pkey[1]: [17 bits]
keyid: B53DC80D13EDEF05
-# off=272 ctb=cd tag=13 hlen=2 plen=81 new-ctb
+# off=272 ctb=b0 tag=12 hlen=2 plen=12
+:trust packet: key upd=0 src=0
+# off=286 ctb=b4 tag=13 hlen=2 plen=81
:user ID packet: "Rapture Automatic Signing Key (cloud-rapture-signing-key-2022-03-07-08_01_01.pub)"
-# off=355 ctb=c2 tag=2 hlen=3 plen=290 new-ctb
+# off=369 ctb=b0 tag=12 hlen=2 plen=12
+:trust packet: uid upd=0 src=0
+# off=383 ctb=89 tag=2 hlen=3 plen=290
:signature packet: algo 1, keyid B53DC80D13EDEF05
version 4, created 1653126612, md5len 0, sigclass 0x13
digest algo 8, begin of digest c1 a8
@@ -15,13 +19,15 @@
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 25 len 1 (primary user ID)
data: [2047 bits]
-# off=648 ctb=ce tag=14 hlen=3 plen=269 new-ctb
+# off=676 ctb=b0 tag=12 hlen=2 plen=6
+:trust packet: sig flag=00 sigcache=03
+# off=684 ctb=b9 tag=14 hlen=3 plen=269
:public sub key packet:
version 4, algo 1, created 1653126612, expires 0
pkey[0]: [2048 bits]
pkey[1]: [17 bits]
keyid: D0EF1EFEA2A85825
-# off=920 ctb=c2 tag=2 hlen=3 plen=287 new-ctb
+# off=956 ctb=89 tag=2 hlen=3 plen=287
:signature packet: algo 1, keyid B53DC80D13EDEF05
version 4, created 1653126612, md5len 0, sigclass 0x18
digest algo 8, begin of digest 49 98
@@ -29,3 +35,5 @@
hashed subpkt 16 len 8 (issuer key ID B53DC80D13EDEF05)
hashed subpkt 27 len 1 (key flags: 0C)
data: [2048 bits]
+# off=1246 ctb=b0 tag=12 hlen=2 plen=6
+:trust packet: sig flag=00 sigcache=03
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@aanm But it's same key, what's the point 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah, the encoding was different so I assumed it was a different key
# apt-key add apt-key.gpg | ||
# the Google Cloud SDK apt-key is not working at the moment (error 500) | ||
# temporarily hardcode the latest version of the key available (taken from my personal machine, so we're OK @Nicolas) | ||
echo "mQENBGKItdQBCADWmKTNZEYWgXy73FvKFY5fRro4tGNa4Be4TZW3wZpct9Cj8EjykU7S9EPoJ3EdKpxFltHRu7QbDi6LWSNA4XxwnudQrYGxnxx6Ru1KBHFxHhLfWsvFcGMwit/znpxtIt9UzqCm2YTEW5NUnzQ4rXYqVQK2FLG4weYJ5bKwkY+ZsnRJpzxdHGJ0pBiqwkMT8bfQdJymUBown+SeuQ2HEqfjVMsIRe0dweD2PHWeWo9fTXsz1Q5abiGckyOVyoN9//DgSvLUocUcZsrWvYPaN+o8lXTO3GYFGNVsx069rxarkeCjOpiQOWrQmywXISQudcusSgmmgfsRZYW7FDBy5MQrABEBAAGwDAAAZ3BnAQAAAAAAALRRUmFwdHVyZSBBdXRvbWF0aWMgU2lnbmluZyBLZXkgKGNsb3VkLXJhcHR1cmUtc2lnbmluZy1rZXktMjAyMi0wMy0wNy0wOF8wMV8wMS5wdWIpsAwAAGdwZwIAAAAAAACJASIEEwEIABYFAmKItdQJELU9yA0T7e8FAhsDAhkBAADBqAf/fEATSCDd0Ng92moa35G+msXeeczsEdLZ64riUaDx6DbqKzqQr/WljDL0AAjVpMbLycRBfDlG84UmIwEed+EQ4oI03rYytotsCi8/5CY2W7heGVzMpwpuNHlZtV2alOt1PV0dkcZl6acjaTKkDvS68xhJzSbodt4nGmWOp6NdmscpsXJXv/kgpnWvKAwH2tIsgNosoP3lNOW7mb+eDAukQdd0LUvvLzqygxq+0WKf1WL0M2FpvnJOg75WlV+lQedQZC5dt0kJJ8mSCQVT5vLbVOuRMq64BtYyyxxVw1Kif0aTSqvjws1osreLstwH1yvPUXMy7t7sYg9AkCNE99bvyLAGAANncGcAuQENBGKItdQBCADIMMJdRcg0Phv7+CrZz3xRE8Fbz8AN+YCLigQeH0B9lijxkjAFr+thB0IrOu7ruwNY+mvdP6dAewUur+pJaIjEe+4s8JBEFb4BxJfBBPuEbGSxbi4OPEJuwT53TMJMEs7+gIxCCmwioTggTBp6JzDsT/cdBeyWCusCQwDWpqoYCoUWJLrUQ6dOlI7s6p+iIUNIamtyBCwb4izs27HdEpX8gvO9rEdtcb7399HyO3oD4gHgcuFiuZTpvWHdn9WYwPGM6npJNG7crtLnctTR0cP9KutSPNzpySeAniHx8L9ebdD9tNPCWC+OtOcGRrcBeEznkYh1C4kzdP1ORm5upnknABEBAAGJAR8EGAEIABMFAmKItdQJELU9yA0T7e8FAhsMAABJmAgAhRPk/dFj71bU/UTXrkEkZZzE9JzUgan/ttyRrV6QbFZABByf4pYjBj+yLKw3280//JWurKox2uzEq1hdXPedRHICRuh1Fjd00otaQ+wGF3kY74zlWivB6Wp6tnL9STQ1oVYBUv7HhSHoJ5shELyedxxHxurUgFAD+pbFXIiK8cnAHfXTJMcrmPpC+YWEC/DeqIyEcNPkzRhtRSuERXcq1n+KJvMUAKMD/tezwvujzBaaSWapmdnGmtRjjL7IxUeGamVWOwLQbUr+34MwzdeJdcL8fav5LA8Uk0ulyeXdwiAK8FKQsixI+xZvz7HUs8ln4pZwGw/TpvO9cMkHogtgzbAGAANncGcA" | base64 -d | apt-key add - |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah, the encoding was different so I assumed it was a different key
test/provision/k8s_install.sh
Outdated
# retry_function "wget https://packages.cloud.google.com/apt/doc/apt-key.gpg" | ||
# apt-key add apt-key.gpg | ||
# the Google Cloud SDK apt-key is not working at the moment (error 500) | ||
# temporarily hardcode the latest version of the key available (taken from my personal machine, so we're OK @Nicolas) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nbusseneau but this should still be changed otherwise if we ever need to change this for some reason we will have to call you to get a new key from your personal machine.
The Google Cloud SDK apt-key is not working at the moment (error 500), resulting in all Jenkins tests failing during the provisioning step. Temporarily hardcode the latest version of the key available until this is resolved. For future reference, one may use https://web.archive.org/web/ to get whatever was last saved by the Internet Archive's Wayback Machine. Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
212d990
to
e1d0404
Compare
@aanm I've updated the commit description and code comments to reference the Wayback Machine just in case, as asked. |
CI tests previously passed with the kludge in, the latest push did not change the code, marking ready to merge. |
Seems like the magic url is back, so I am removing backport labels, we can add it back later if required. |
The Google Cloud SDK apt-key is not working at the moment (error 500), resulting in all Jenkins tests failing during the provisioning step.
Temporarily hardcode the latest version of the key available until this is resolved. For future reference, one may use https://web.archive.org/web/ to get whatever was last saved by the Internet Archive's Wayback Machine.