neolynx
commented
7 months ago how are you starting aptly ? gpg might need tty access or some agent to handle input.
Open pdepaulis opened 9 months ago
neolynx
commented
7 months ago how are you starting aptly ? gpg might need tty access or some agent to handle input.
neolynx
commented
7 months ago could you share your REST call?
the Batch option is available via REST, within the Singing block:
curl -fsS -X PUT -H 'Content-Type: application/json' --data \
"{\"AcquireByHash\": true, \"Snapshots\": [{\"Component\": \"main\", \"Name\": \"$aptly_snapshot\"}],
\"Signing\": {\"Batch\": true, \"Keyring\": \"aptly.repo/aptly.pub\",
\"secretKeyring\": \"aptly.repo/aptly.sec\", \"PassphraseFile\": \"aptly.repo/passphrase\"}}" \
-u $aptly_user:$aptly_password ${aptly_api}/api/publish/$aptly_published(from: upload-artifacts.sh)
neolynx
commented
3 months ago there is a way to pass "Batch": true in the sjon data for API calls, see above...
Detailed Description
This happens when using gpg2 at least. In regular aptly command line, two options are required:
Context
When using the REST API for Publishing for the first time which requires passing the gpp passphrase to unlock the key. Note that because the key is gpg2 I cannot use the "internal" GPG provider since it looks for the legacy secring/pubring which don't exist in gpg2.
Possible Implementation
Not sure why "batch" is required, even when passing the PassPhraseFile with cmd line, but be that as it may, please provide a "batch" option for REST
Your Environment
Debian bookworm aptly version: 1.5.0+ds1-1+b4