Closed Bug 1565013 Opened 3 months ago Closed 3 months ago

HACL image builder times out while fetching gpg key


(NSS :: Test, defect, P1)



(Not tracked)



(Reporter: kjacobs, Assigned: kjacobs)



(1 file)

HACL image builder is failing in, due to a timeout while fetching a gpg key for clang/llvm package verification:

curl -LO
+ curl -LO
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100   543  100   543    0     0   2004      0 --:--:-- --:--:-- --:--:--  2003
# Verify the signature.
gpg --keyserver --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D
+ gpg --keyserver --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key 345AD05D from hkp server
gpgkeys: key B6C8F98282B944E3B0D5C2530FC3042E345AD05D can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver helper general error
gpg: keyserver communications error: unknown pubkey algorithm
gpg: keyserver receive failed: unknown pubkey algorithm
INFO[0145] The command [/bin/sh -c bash /tmp/] returned a non-zero code: 2 
[taskcluster 2019-07-10 19:36:13.933Z] === Task Finished ===```

ugh, can we check in that key as part of the tooling? That seems safer.

This patch adds a copy of the expected key for clang+llvm package verification, rather than fetching it each time we build.

Closed: 3 months ago
Resolution: --- → FIXED
Target Milestone: --- → 3.46
You need to log in before you can comment on or make changes to this bug.