search

getsops / sops

Simple and flexible tool for managing secrets
https://getsops.io/
Mozilla Public License 2.0
15.77k stars 842 forks source link

Failing PGP tests #1297

Open Moskovych opened 9 months ago

Moskovych commented 9 months ago

Hi everyone. I've faced with unknown issue (even main branch), without touching any code.

Environment (arm64):

After cloning fresh copy of repository and launching make test, I'm getting:

--- FAIL: TestMasterKey_Encrypt (0.24s)
    --- FAIL: TestMasterKey_Encrypt/with_error (0.03s)
        keysource_test.go:204:
                Error Trace:    /home/moskovych/sops/pgp/keysource_test.go:204
                Error:          An error is expected but got nil.
                Test:           TestMasterKey_Encrypt/with_error
        keysource_test.go:205:
                Error Trace:    /home/moskovych/sops/pgp/keysource_test.go:205
                Error:          An error is expected but got nil.
                Test:           TestMasterKey_Encrypt/with_error
        keysource_test.go:206:
                Error Trace:    /home/moskovych/sops/pgp/keysource_test.go:206
                Error:          An error is expected but got nil.
                Test:           TestMasterKey_Encrypt/with_error
    --- FAIL: TestMasterKey_Encrypt/with_OpenPGP_disabled (0.01s)
        keysource_test.go:215:
                Error Trace:    /home/moskovych/sops/pgp/keysource_test.go:215
                Error:          An error is expected but got nil.
                Test:           TestMasterKey_Encrypt/with_OpenPGP_disabled
        keysource_test.go:216:
                Error Trace:    /home/moskovych/sops/pgp/keysource_test.go:216
                Error:          An error is expected but got nil.
                Test:           TestMasterKey_Encrypt/with_OpenPGP_disabled
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
    panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x34b540]

goroutine 72 [running]:
testing.tRunner.func1.2({0x380920, 0x6570b0})
    /usr/local/go/src/testing/testing.go:1526 +0x278
testing.tRunner.func1()
    /usr/local/go/src/testing/testing.go:1529 +0x448
panic({0x380920, 0x6570b0})
    /usr/local/go/src/runtime/panic.go:890 +0x248
github.com/getsops/sops/v3/pgp.TestMasterKey_Encrypt.func4(0x0?)
    /home/moskovych/sops/pgp/keysource_test.go:217 +0x160
testing.tRunner(0xc0002911e0, 0x4009a0)
    /usr/local/go/src/testing/testing.go:1576 +0x184
created by testing.(*T).Run
    /usr/local/go/src/testing/testing.go:1629 +0x5b8
FAIL    github.com/getsops/sops/v3/pgp  1.735s

Is there something missed/hidden from github workflows?

Expected result: all tests from main branch are successful.

hiddeco commented 9 months ago

Any chance that you at some point imported pgp/sops_functional_tests_key.asc into your main key ring?

Moskovych commented 9 months ago

Here what I have:

gpg --import pgp/sops_functional_tests_key.asc 2>&1 1>/dev/null || exit 0
gpg: key 3D16CEE4A27381B4: "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key 3D16CEE4A27381B4: secret key imported
gpg: key D8720D957C3D3074: "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key D8720D957C3D3074: secret key imported
gpg: key 3D16CEE4A27381B4: "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key D8720D957C3D3074: "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key 19F9B5DAEA91FF86: "SOPS Functional Tests Key 3 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: Total number processed: 5
gpg:              unchanged: 5
gpg:       secret keys read: 2
gpg:  secret keys unchanged: 2
hiddeco commented 9 months ago

Unable to reproduce on aarch64 with Ubuntu 22.04.3 LTS (6.2.0 kernel):

$ gpg --version
gpg (GnuPG) 2.2.27
libgcrypt 1.9.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/0x686868/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$ go version
go version go1.20.8 linux/arm64
$ make test
GOPROXY=https://proxy.golang.org go mod tidy
GOPROXY=https://proxy.golang.org go mod vendor
gpg --import pgp/sops_functional_tests_key.asc 2>&1 1>/dev/null || exit 0
gpg: directory '/home/0x686868/.gnupg' created
gpg: keybox '/home/0x686868/.gnupg/pubring.kbx' created
gpg: /home/0x686868/.gnupg/trustdb.gpg: trustdb created
gpg: key 3D16CEE4A27381B4: public key "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" imported
gpg: key 3D16CEE4A27381B4: secret key imported
gpg: key D8720D957C3D3074: public key "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" imported
gpg: key D8720D957C3D3074: secret key imported
gpg: key 3D16CEE4A27381B4: "SOPS Functional Tests Key 1 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key D8720D957C3D3074: "SOPS Functional Tests Key 2 (https://github.com/mozilla/sops/) <secops@mozilla.com>" not changed
gpg: key 19F9B5DAEA91FF86: public key "SOPS Functional Tests Key 3 (https://github.com/mozilla/sops/) <secops@mozilla.com>" imported
gpg: Total number processed: 5
gpg:               imported: 3
gpg:              unchanged: 2
gpg:       secret keys read: 2
gpg:   secret keys imported: 2
GOPROXY=https://proxy.golang.org go test -race -coverprofile=profile.out -covermode=atomic ./...
ok      github.com/getsops/sops/v3      0.124s  coverage: 51.9% of statements
ok      github.com/getsops/sops/v3/aes  0.301s  coverage: 77.5% of statements
?       github.com/getsops/sops/v3/audit        [no test files]
ok      github.com/getsops/sops/v3/age  0.094s  coverage: 87.8% of statements
?       github.com/getsops/sops/v3/cmd/sops     [no test files]
?       github.com/getsops/sops/v3/cmd/sops/codes       [no test files]
?       github.com/getsops/sops/v3/cmd/sops/common      [no test files]
?       github.com/getsops/sops/v3/cmd/sops/subcommand/exec     [no test files]
?       github.com/getsops/sops/v3/cmd/sops/subcommand/groups   [no test files]
?       github.com/getsops/sops/v3/cmd/sops/subcommand/keyservice       [no test files]
?       github.com/getsops/sops/v3/cmd/sops/subcommand/publish  [no test files]
?       github.com/getsops/sops/v3/cmd/sops/subcommand/updatekeys       [no test files]
ok      github.com/getsops/sops/v3/azkv 1.832s  coverage: 60.9% of statements
ok      github.com/getsops/sops/v3/cmd/sops/formats     0.032s  coverage: 100.0% of statements
ok      github.com/getsops/sops/v3/config       0.091s  coverage: 72.9% of statements
ok      github.com/getsops/sops/v3/decrypt      0.081s  coverage: 0.0% of statements [no tests to run]
ok      github.com/getsops/sops/v3/gcpkms       0.056s  coverage: 73.8% of statements
?       github.com/getsops/sops/v3/keys [no test files]
?       github.com/getsops/sops/v3/logging      [no test files]
?       github.com/getsops/sops/v3/publish      [no test files]
ok      github.com/getsops/sops/v3/hcvault      28.728s coverage: 86.1% of statements
ok      github.com/getsops/sops/v3/keyservice   0.065s  coverage: 3.0% of statements
ok      github.com/getsops/sops/v3/kms  1.532s  coverage: 94.5% of statements
ok      github.com/getsops/sops/v3/pgp  2.499s  coverage: 82.6% of statements
ok      github.com/getsops/sops/v3/shamir       0.045s  coverage: 96.2% of statements
ok      github.com/getsops/sops/v3/stores       0.063s  coverage: 36.8% of statements
ok      github.com/getsops/sops/v3/stores/dotenv        0.069s  coverage: 54.9% of statements
ok      github.com/getsops/sops/v3/stores/ini   0.067s  coverage: 37.0% of statements
ok      github.com/getsops/sops/v3/stores/json  0.064s  coverage: 64.1% of statements
ok      github.com/getsops/sops/v3/stores/yaml  0.066s  coverage: 68.8% of statements
ok      github.com/getsops/sops/v3/version      0.050s  coverage: 65.7% of statements