Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding a git repository using opam remote add asks for a gpg signature #3113

Closed
anthonyclays opened this issue Nov 22, 2017 · 4 comments
Closed

Adding a git repository using opam remote add asks for a gpg signature #3113

anthonyclays opened this issue Nov 22, 2017 · 4 comments

Comments

@anthonyclays
Copy link

By running strace -f -e trace=execve opam remote add test-name https://github.com/ocaml/opam-repository.git I found that opam runs, in order:

  • git init
  • git remote add origin https://github.com/ocaml/opam-repository.git
  • git commit --allow-empty -m opam-git-init (with GIT_AUTHOR_NAME=Opam and GIT_AUTHOR_EMAIL=opam@ocaml.org)

On my machine, git tries to gpg-sign commits automatically. Getting a pop-up to cryptographically sign unspecified data when you just wanted to add a repository seems suspicious and unnecessary, but I couldn't find where exactly these commands are called in opam.

A possible workaround would be to use git's --local flag everywhere, which ignores all configuration files outside of the current repository.

I'm using opam 1.2.2:

# OPAM config report
# opam-version    1.2.2
# self-upgrade    no
# os              linux
# external-solver aspcud $in $out $criteria
# criteria        -count(removed),-notuptodate(request),-sum(request,version-lag),-count(down),-notuptodate(changed),-count(changed),-notuptodate(solution),-sum(solution,version-lag)
# jobs            4
# repositories    1* (http), 1 (version-controlled)
# pinned          0
# current-switch  4.06.0
# last-update     2017-11-22 20:41
@AltGr
Copy link
Member

AltGr commented Nov 23, 2017

Indeed, I so how that would be quite annoying!

I found that opam runs, in order:

Yes. Note that -vv would have been easier ;)

  1. We already enforce problematic options locally here, so the easiest fix would be to enforce the signing option to be disabled there. What is the exact option you are using ?
  2. The dev version doesn't need the trick of creating an empty commit locally anymore, so maybe that fixes it for you already.

A possible workaround would be to use git's --local flag everywhere, which ignores all configuration files outside of the current repository.

That would be extremely useful! But I couldn't find that flag in the manpages ?

@anthonyclays
Copy link
Author

Ah yes, the Very Verbose option would have made debugging easier :D

I found the --local flag and mistakenly assumed it would work everywhere, but apparently it's only valid as a flag under git config.
The exact option is commit.gpgsign = true, so adding git repo_root [ "config" ; "--local" ; "commit.gpgsign"; "false"]; should definitely do the trick. I'm not sure it's actually needed if you don't create empty initial commits anymore.

@rjbou
Copy link
Collaborator

rjbou commented Jun 13, 2019

@anthonyclays Do you stille have the problem with opam 2.0? From previous comment, it seems that you shouldn't.

@anthonyclays
Copy link
Author

Everything seems to work as it should now, yes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@AltGr @anthonyclays @rjbou