Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GPG: Proactively stop to avoid "GPG keepalive failed" error in pypy ci jobs #1258

Merged
merged 2 commits into from
Feb 10, 2024
Merged

GPG: Proactively stop to avoid "GPG keepalive failed" error in pypy ci jobs #1258

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d7115d1
GPG: Proactively stop to avoid "GPG keepalive failed" error in pypy c…
zmedico Feb 9, 2024
03be12e
GPG: Use threading.Event for thread safety
zmedico Feb 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
13 changes: 8 additions & 5 deletions bin/quickpkg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/usr/bin/env python
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

import argparse
Expand Down Expand Up @@ -341,10 +341,6 @@ def quickpkg_main(options, args, eout):
portage.settings.features.remove("xattr")
portage.settings.lock()

if portage.settings.get("BINPKG_GPG_SIGNING_KEY", None):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't sure if this was OK because of unmerge-backup and downgrade-backup but it looks like they just call the entrypoint normally.

gpg = GPG(portage.settings)
gpg.unlock()

infos = {}
infos["successes"] = []
infos["missing"] = []
Expand Down Expand Up @@ -444,11 +440,18 @@ if __name__ == "__main__":
def sigwinch_handler(signum, frame):
lines, eout.term_columns = portage.output.get_term_size()

gpg = None
if portage.settings.get("BINPKG_GPG_SIGNING_KEY", None):
gpg = GPG(portage.settings)
gpg.unlock()

signal.signal(signal.SIGWINCH, sigwinch_handler)
try:
retval = quickpkg_main(options, args, eout)
finally:
os.umask(old_umask)
signal.signal(signal.SIGWINCH, signal.SIG_DFL)
if gpg is not None:
gpg.stop()
global_event_loop().close()
sys.exit(retval)
10 changes: 7 additions & 3 deletions lib/_emerge/actions.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright 1999-2023 Gentoo Authors
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

import collections
Expand Down Expand Up @@ -548,8 +548,10 @@ def action_build(
mergelist_shown = True
if retval != os.EX_OK:
return retval
return os.EX_OK

else:
gpg = None
try:
if not mergelist_shown:
# If we haven't already shown the merge list above, at
# least show warnings about missed updates and such.
Expand Down Expand Up @@ -688,8 +690,10 @@ def action_build(
ldpath_mtimes,
autoclean=1,
)

return retval
finally:
if gpg is not None:
gpg.stop()


def action_config(settings, trees, myopts, myfiles):
Expand Down
14 changes: 8 additions & 6 deletions lib/portage/gpg.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
# Copyright 2001-2020 Gentoo Authors
# Copyright 2001-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

import subprocess
import sys
import threading
import time

from portage import os
from portage.const import SUPPORTED_GENTOO_BINPKG_FORMATS
Expand All @@ -24,6 +23,7 @@ def __init__(self, settings):
"""
self.settings = settings
self.thread = None
self._terminated = None
self.GPG_signing_base_command = self.settings.get(
"BINPKG_GPG_SIGNING_BASE_COMMAND"
)
Expand Down Expand Up @@ -73,6 +73,7 @@ def unlock(self):
self.GPG_unlock_command = shlex_split(
varexpand(self.GPG_unlock_command, mydict=self.settings)
)
self._terminated = threading.Event()
self.thread = threading.Thread(target=self.gpg_keepalive, daemon=True)
self.thread.start()

Expand All @@ -81,16 +82,17 @@ def stop(self):
Stop keepalive thread.
"""
if self.thread is not None:
self.keepalive = False
self._terminated.set()

def gpg_keepalive(self):
"""
Call GPG unlock command every 5 mins to avoid the passphrase expired.
"""
count = 0
while self.keepalive:
while not self._terminated.is_set():
if count < 5:
time.sleep(60)
if self._terminated.wait(60):
break
count += 1
continue
else:
Expand All @@ -102,5 +104,5 @@ def gpg_keepalive(self):
stdout=subprocess.DEVNULL,
stderr=subprocess.STDOUT,
)
if proc.wait() != os.EX_OK:
if proc.wait() != os.EX_OK and not self._terminated.is_set():
raise GPGException("GPG keepalive failed")
23 changes: 22 additions & 1 deletion lib/portage/tests/gpkg/test_gpkg_gpg.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright Gentoo Foundation 2006-2020
# Copyright 2022-2024 Gentoo Authors
# Portage Unit Testing Functionality

import io
Expand Down Expand Up @@ -26,6 +26,7 @@ def test_gpkg_missing_manifest_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand Down Expand Up @@ -68,6 +69,8 @@ def test_gpkg_missing_manifest_signature(self):
InvalidSignature, binpkg_2.decompress, os.path.join(tmpdir, "test")
)
finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -81,6 +84,7 @@ def test_gpkg_missing_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand Down Expand Up @@ -112,6 +116,8 @@ def test_gpkg_missing_signature(self):
)

finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -133,6 +139,7 @@ def test_gpkg_ignore_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand All @@ -151,6 +158,8 @@ def test_gpkg_ignore_signature(self):
binpkg_2 = gpkg(settings, "test", os.path.join(tmpdir, "test-1.gpkg.tar"))
binpkg_2.decompress(os.path.join(tmpdir, "test"))
finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -165,6 +174,7 @@ def test_gpkg_auto_use_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand Down Expand Up @@ -195,6 +205,8 @@ def test_gpkg_auto_use_signature(self):
MissingSignature, binpkg_2.decompress, os.path.join(tmpdir, "test")
)
finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -208,6 +220,7 @@ def test_gpkg_invalid_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand Down Expand Up @@ -264,6 +277,8 @@ def test_gpkg_invalid_signature(self):
InvalidSignature, binpkg_2.decompress, os.path.join(tmpdir, "test")
)
finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -285,6 +300,7 @@ def test_gpkg_untrusted_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand All @@ -306,6 +322,8 @@ def test_gpkg_untrusted_signature(self):
)

finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()

Expand All @@ -319,6 +337,7 @@ def test_gpkg_unknown_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None

try:
settings = playground.settings
Expand Down Expand Up @@ -370,5 +389,7 @@ def test_gpkg_unknown_signature(self):
)

finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()
5 changes: 4 additions & 1 deletion lib/portage/tests/gpkg/test_gpkg_metadata_url.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright Gentoo Foundation 2006-2020
# Copyright 2022-2024 Gentoo Authors
# Portage Unit Testing Functionality

import io
Expand Down Expand Up @@ -98,6 +98,7 @@ def test_gpkg_get_metadata_url_unknown_signature(self):
}
)
tmpdir = tempfile.mkdtemp()
gpg = None
try:
settings = playground.settings
gpg = GPG(settings)
Expand Down Expand Up @@ -156,5 +157,7 @@ def test_gpkg_get_metadata_url_unknown_signature(self):
"http://127.0.0.1:" + str(port) + "/test-2.gpkg.tar",
)
finally:
if gpg is not None:
gpg.stop()
shutil.rmtree(tmpdir)
playground.cleanup()