Travis failing due to problems getting signing keys for nodejs

[sebastian]

We are seeing a very high number of build failures on travis due to it failing to get the signing keys for nodejs (i.e. the trust step). Restart the build usually works.

Maybe building in some mechanism for auto-retrying upon failure would do the trick?

[sebastian]

Forgot to attach the log: https://gist.github.com/sebastian/c979745db1a79e1f40084a697a8594e7

[sebastian]

The Travis guys did some digging for us. Turns out most of the keyservers the script links to are bad. Hence the requests frequently fail.

Here is the email I got:

Hi, Sebastian,

Could you confirm that you can reach the specified GPG/PGP key server at ipv4.pool.sks-keyservers.net?

From my experiments, this name points to a pool of IP addresses, among which the reliability of which varies greatly.

To wit, from my machine, I get:

$ for h in $(host ipv4.pool.sks-keyservers.net | awk '{print $NF}'); do
echo $h; curl -m 3 -I $h
done
207.237.164.231
HTTP/1.1 502 Bad Gateway
Server: nginx/1.2.1
Date: Fri, 07 Jul 2017 17:20:40 GMT
Content-Type: text/html
Content-Length: 172
Connection: keep-alive

176.9.51.79
HTTP/1.1 200 OK
Date: Fri, 07 Jul 2017 17:20:40 GMT
Server: Apache/2.4.10 (Debian)
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Clacks-Overhead: GNU Terry Pratchett
Content-Length: 497
Content-Type: text/html

178.254.42.45
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Jul 2017 17:20:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Location: https://deredvdienst.de/
Content-Type: text/html; charset=iso-8859-1

131.155.141.70
HTTP/1.1 302 Found
Date: Fri, 07 Jul 2017 17:20:41 GMT
Server: xs-httpd/3.7 beta/0.35
Location: http://mud.stack.nl/
Content-type: text/html
Accept-ranges: bytes
Content-length: 0

104.236.209.43
HTTP/1.1 200 OK
Server: nginx/1.13.2
Date: Fri, 07 Jul 2017 17:20:41 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 27 Jun 2017 14:44:19 GMT
Connection: keep-alive
ETag: "59526f43-264"
Accept-Ranges: bytes

192.94.109.73
HTTP/1.1 502 Proxy Error
Date: Fri, 07 Jul 2017 17:20:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
Content-Type: text/html; charset=iso-8859-1

91.121.41.109
HTTP/1.1 502 Bad Gateway
Date: Fri, 07 Jul 2017 17:20:41 GMT
Server: nginx/1.9.10
Content-Type: text/html
Content-Length: 173
Via: 1.1 key.adeti.org

46.4.212.178
HTTP/1.1 404 Not Found
Server: nginx/1.6.2
Date: Fri, 07 Jul 2017 17:20:41 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive

37.120.166.149
HTTP/1.1 302 Found
Date: Fri, 07 Jul 2017 17:20:41 GMT
Server: Apache/2.4.10 (Debian)
Location: https://fratercu.la
Content-Type: text/html; charset=iso-8859-1

45.33.82.183
HTTP/1.1 301 Moved Permanently
Server: nginx/1.13.2
Date: Fri, 07 Jul 2017 17:20:41 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://garbage-juice.com/

Notice that there are a few 4xx and 5xx reported.

So, depending on which IP address you get during your build, your attempt to retrieve the key may succeed, or may fail. Do you have another key server you can use? If not, I suggest getting in touch with the site administrators so that the issue can be addressed.

Let us know if we can be of further help.

[sebastian]

This doesn't seem to be the case anymore.