Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Boostrap fails with encrypted GPG signing subkey #4519

Open
TristanCottam opened this issue Dec 29, 2023 · 0 comments
Open

Boostrap fails with encrypted GPG signing subkey #4519

TristanCottam opened this issue Dec 29, 2023 · 0 comments

Comments

@TristanCottam
Copy link

TristanCottam commented Dec 29, 2023
edited

Describe the bug

Bootstrapping fails when specifying an encrypted GPG master key for commit signing which delegates signing to a subkey. Specifying an encrypted GPG master key which is capable of signing directly fixes the issue.

Bootstrap log:

► cloning branch "main" from Git repository "[REPOSITORY URL]"
✔ cloned repository
► generating component manifests
✔ generated component manifests
✗ failed to commit component manifests: openpgp: invalid argument: signing key is encrypted

Steps to reproduce

  1. Create an encrypted GPG master key with the Certify capability only.
  2. Create a GPG subkey of it with the Signing capability.
  3. Run flux boostrap [PROVIDER] with the relevant --gpg-key-ring, --gpg-key-id, and --gpg-key-passphrase arguments.

Expected behavior

Flux successfully bootstraps the cluster.

OS / Distro

Debian 12

Flux version

v2.2.2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TristanCottam