Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix installing latest git from PPA in bionic #1056

Merged
merged 6 commits into from
Jul 26, 2024
Merged

Fix installing latest git from PPA in bionic #1056

merged 6 commits into from
Jul 26, 2024

Conversation

trxcllnt
Copy link
Contributor

@trxcllnt trxcllnt commented Jul 23, 2024
edited
Loading

keys.openpgp.org strips user IDs from keys unless the key owner grants permission to share them. This leads to gpg rejecting the keys instead of importing them, and failing to install the git feature.

This PR enforces an explicit order when testing and importing keys from the keyservers list, ensuring keys.openpgp.org is the last keyserver to be tried. Previously, keyservers were selected based on bash's associative array key enumeration order, but this order is different between Bash v4 (in Ubuntu Bionic) and v5 (Ubuntu Focal+).

I believe the issue isn't seen in Bash v5 because the ubuntu keyservers are enumerated first, not because the gpg version in Focal accepts keys without user IDs.

If this is the case, we should either stop attempting to import keys from keys.openpgp.org, or encourage the owner of E1DD270288B4E6030699E45FA1715D88E1DF1F24 to grant openpgp.org permission to share their user ID.

Fixes #1055 and adds a new scenario test.

Note: I believe this fix may need to be applied to all features modified in #1016.

@trxcllnt trxcllnt requested a review from a team as a code owner July 23, 2024 15:53
@trxcllnt trxcllnt changed the title Add latest git from PPA in bionic scenario test Fix installing latest git from PPA in bionic Jul 23, 2024
@trxcllnt
Copy link
Contributor Author

It appears mirrorlist.centos.org no longer exists, and that's why the centos-7 scenario tests are failing.

samruddhikhandale
samruddhikhandale approved these changes Jul 25, 2024
View reviewed changes
Copy link
Member

@samruddhikhandale samruddhikhandale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fix, appreciate it.

Let's merge once the tests are green!

src/git/install.sh Show resolved Hide resolved
src/git/install.sh Show resolved Hide resolved
src/git/install.sh Show resolved Hide resolved
@samruddhikhandale
Copy link
Member

samruddhikhandale commented Jul 25, 2024
edited
Loading

Note: I believe this fix may need to be applied to all features modified in #1016.

Most likely, yes!
Let's see how this PR works and we could add similar fix for others. Opened #1062 for tracking

@samruddhikhandale samruddhikhandale mentioned this pull request Jul 25, 2024
Open
@samruddhikhandale samruddhikhandale merged commit 788017f into devcontainers:main Jul 26, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samruddhikhandale samruddhikhandale samruddhikhandale approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Installing latest git from PPA in bionic fails fetching GPG keys
2 participants
@trxcllnt @samruddhikhandale