Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix RPM/Debian signature key creation #28352

Merged
merged 3 commits into from
Dec 5, 2023
Merged

Fix RPM/Debian signature key creation #28352

merged 3 commits into from
Dec 5, 2023

Conversation

KN4CK3R
Copy link
Member

@KN4CK3R KN4CK3R commented Dec 4, 2023

Fixes #28324

The name parameter can't contain some characters (https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680) but is optional. Therefore just use an empty string.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 4, 2023
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Dec 4, 2023
@KN4CK3R KN4CK3R changed the title Fix 28324 debian Fix RPM/Debian signature key creation Dec 4, 2023
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Dec 4, 2023
@jolheiser
Copy link
Member

It seems like ideally this would have something set, but is there a more predictable setting we could use?
That is, this wants to set a UID like jolheiser (a comment) <john.olheiser@gmail.com and without a name would just be (a comment) <john.olheiser@gmail.com

I don't know much about RPM/Debian or where this signature is used/shown, so maybe it's of no consequence, but it seems like a full signature would be ideal if possible.

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Dec 4, 2023

I thought about using the owner name here but I don't think you "see" this key somewhere. It's only used to check the repository files for consistency. Email was already empty, therefore I removed the name too.

@jolheiser
Copy link
Member

It's only used to check the repository files for consistency.

Changing this doesn't cause breakage, then?

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Dec 4, 2023

Only new generated keys are affected. Once generated the key is stored as a user setting.

@jolheiser
Copy link
Member

Once generated the key is stored as a user setting.

Ah, right, packages are user/org level. In that case maybe the owner name would be good for this like you said.

I think this is tentatively lgtm, but I would like if someone more familiar with debian packages could confirm whether it's the right strategy here.

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Dec 4, 2023

In my mind exists a page where you can provide your own key-pair instead of generating one. Then you could reuse an existing key. If you don't need that, a generated key is fine.

The docs don't specify what info a key should contain:
https://wiki.debian.org/DebianRepository/UseThirdParty
There is just

Repositories MUST be signed with an OpenPGP certificate.

@techknowlogick techknowlogick added the backport/v1.21 This PR should be backported to Gitea 1.21 label Dec 4, 2023
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 5, 2023
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Dec 5, 2023
@lunny lunny enabled auto-merge (squash) December 5, 2023 00:24
@lunny lunny merged commit dfa77ac into go-gitea:main Dec 5, 2023
25 checks passed
@GiteaBot GiteaBot added this to the 1.22.0 milestone Dec 5, 2023
@GiteaBot GiteaBot mentioned this pull request Dec 5, 2023
Merged
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request Dec 5, 2023
@KN4CK3R @GiteaBot
Fix RPM/Debian signature key creation (go-gitea#28352)
1865f17 
Fixes go-gitea#28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
@GiteaBot GiteaBot added backport/done All backports for this PR have been created and removed reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. labels Dec 5, 2023
pangliang pushed a commit to pangliang/gitea that referenced this pull request Dec 5, 2023
@KN4CK3R @pangliang
Fix RPM/Debian signature key creation (go-gitea#28352)
5069ef7 
Fixes go-gitea#28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
lunny pushed a commit that referenced this pull request Dec 5, 2023
@GiteaBot @KN4CK3R
Fix RPM/Debian signature key creation (#28352) (#28353)
b71d4c3 
Backport #28352 by @KN4CK3R

Fixes #28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
zjjhot added a commit to zjjhot/gitea that referenced this pull request Dec 5, 2023
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
8fcd936 
* giteaofficial/main:
  Convert git commit summary to valid UTF8. (go-gitea#28356)
  Fix RPM/Debian signature key creation (go-gitea#28352)
  Refactor template empty checks (go-gitea#28351)
@williamdes
Copy link

It would be nice to have an ENV to change the value of the key.
Debian uses names like Debian Archive Automatic Signing Key (10/buster)

@KN4CK3R KN4CK3R deleted the fix-28324-debian branch December 19, 2023 18:09
fuxiaohei pushed a commit to fuxiaohei/gitea that referenced this pull request Jan 17, 2024
@KN4CK3R @fuxiaohei
Fix RPM/Debian signature key creation (go-gitea#28352)
f2376f8 
Fixes go-gitea#28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
silverwind pushed a commit to silverwind/gitea that referenced this pull request Feb 20, 2024
@KN4CK3R @silverwind
Fix RPM/Debian signature key creation (go-gitea#28352)
1b8d6cb 
Fixes go-gitea#28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Mar 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lunny lunny lunny approved these changes

@jolheiser jolheiser jolheiser approved these changes

@delvh delvh delvh approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/v1.21 This PR should be backported to Gitea 1.21 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. topic/packages type/bug
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.

openpgp error on Debian package upload
7 participants
@KN4CK3R @jolheiser @williamdes @lunny @delvh @techknowlogick @GiteaBot