Hi, I’m trying to setup the sign of my project artifacts before releasing them.
But I’m getting a failure while trying to download a key from a key server:
( gpg --keyserver hkp://pgp.mit.edu --recv-keys "$C8TECH_GPG_KEY_ID" \
|| gpg --keyserver hkp://keyserver.pgp.com --recv-keys
"$C8TECH_GPG_KEY_ID" \
|| gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys
"$C8TECH_GPG_KEY_ID" \
)
I need to do anything to setup firewall or port or something to make this work?
The annoying thing is that this sometime does works and sometimes does not.
halfer
October 17, 2018, 9:09pm
2
Port 80 should be open outbound. Is there a verbose mode in this executable you can use to see a log of the problem?
Hi,
the unique log that I was receiving was this:
gpg: directory '/home/circleci/.gnupg' created
gpg: keybox '/home/circleci/.gnupg/pubring.kbx' created
gpg: keyserver receive failed: Cannot assign requested address
gpg: keyserver receive failed: No data
gpg: keyserver receive failed: Connection timed out
Exited with code 2
well, the best solution now, since getting a key from a keyserver was no reliable, was to download the key, encode each of them as base64 string and add it as environment variable.
The in the job I decode the key and import them locally:
echo $GPG_KEY | base64 --decode > import-key
gpg --import import-key
1 Like
system
Closed
October 29, 2018, 12:35pm
5
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.