Closed dtitov closed 4 years ago
Hello, @dtitov
I am planning to add haveged
package on Ubuntu images. Could you please validate your build with the installed package - sudo apt-get install haveged
?
Hi, @al-cheb,
I tried it and it worked: https://github.com/uio-bmi/crypt4gh/runs/564321973?check_suite_focus=true 👍
Hello, @dtitov
We have pre-installed haveged
on Ubuntu images - https://github.com/actions/virtual-environments/blob/releases/ubuntu18/20200430/images/linux/Ubuntu1804-README.md
Feel free to open the thread if you have any concerns.
Describe the bug I have discovered that your Ubuntu VMs suffer from this issue: https://serverfault.com/questions/214605/gpg-does-not-have-enough-entropy
I have a cryptographic library and when I run GitHub Actions pipeline on Ubuntu, the build hangs forever, because library can’t generate encryption keys due to the issue above (FYI: MacOS VMs are not affected by this).
I have applied a workaround by installing and running
rng-tools
on the VM (as per suggestion from the link above). But it would be nice if you could fix this issue on your side.I also realize that security-wise, using
/dev/urandom
as a source of entropy is discouraged. However, I believe that it's important only for production use and it's completely fine for the testing environment, which GitHub Actions is. Also, maybe you would be able to come up with a better solution, because, again - this is just a workaround.Area for Triage:
Question, Bug, or Feature?:
Virtual environments affected
Expected behavior The build of https://github.com/uio-bmi/crypt4gh runs normally without installing
rng-tools
or performing any other additional manipulation.Actual behavior The build of https://github.com/uio-bmi/crypt4gh hangs forever if
rng-tools
are not installed.