make git work behind proxies

[lhirlimann]

My install is behind a proxy. Making git use proxy setting helped a lot.

[lhirlimann]

This might be set earlier in the process - but this is where I had to use it.

[juju4]

I added the extra proxy configuration https://github.com/juju4/ansible-MISP/commit/e37f1e72d9502fe87667375b1953912b198be521. Please confirm if working fine.

Also, don't remove gpg/security check or commented code unless needed.

[lhirlimann]

Also, don't remove gpg/security check or commented code unless needed.

Can you update the code with a working / existing key. I was unable to retrieve the key from any key server.

[juju4]

This key is from https://github.com/MISP/MISP/commits?author=adulau&since=2018-03-01T00:00:00Z&until=2018-04-01T00:00:00Z who seems for now the only one to consistently sign his commits. As said in comment, you need '0x' prefix to search it https://pgp.mit.edu/pks/lookup?search=0x09E2CD4944E6CBCD&op=index

retrieving key works fine in travis https://travis-ci.org/juju4/ansible-MISP/jobs/438120092#L7040

else, does proxy code works?

[lhirlimann]

I'll try this week @ my next reinstall :)

Ludo

On Sun, Oct 7, 2018 at 8:56 PM Julien notifications@github.com wrote:

This key is from https://github.com/MISP/MISP/commits?author=adulau&since=2018-03-01T00:00:00Z&until=2018-04-01T00:00:00Z who seems for now the only one to consistently sign his commits. As said in comment, you need '0x' prefix to search it https://pgp.mit.edu/pks/lookup?search=0x09E2CD4944E6CBCD&op=index

retrieving key works fine in travis https://travis-ci.org/juju4/ansible-MISP/jobs/438120092#L7040

else, does proxy code works?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/juju4/ansible-MISP/pull/3#issuecomment-427677585, or mute the thread https://github.com/notifications/unsubscribe-auth/AAZYB9yXlB6QptDKqFmasQXU1qqTK83qks5uik55gaJpZM4XIE68 .

-- https://www.hirlimann.net/Ludovic/carnet/

[lhirlimann]

TASK [ansible-MISP : recover gpg key to check git signed commit - proxy] *** failed: [misp1..com] (item=09E2CD4944E6CBCD) => {"changed": false, "cmd": ["gpg", "--keyserver", "pgp.uni-mainz.de", "--recv-keys", "09E2CD4944E6CBCD", "--keyserver-options", "timeout=10 http-proxy=http://proxy..com:3128"], "delta": "0:00:00.210171", "end": "2018-10-10 09:44:39.627606", "item": "09E2CD4944E6CBCD", "msg": "non-zero return code", "rc": 2, "start": "2018-10-10 09:44:39.417435", "stderr": "gpg: directory /root/.gnupg' created\ngpg: new configuration file/root/.gnupg/gpg.conf' created\ngpg: WARNING: options in /root/.gnupg/gpg.conf' are not yet active during this run\ngpg: keyring/root/.gnupg/secring.gpg' created\ngpg: keyring /root/.gnupg/pubring.gpg' created\ngpg: \"--keyserver-options\" not a key ID: skipping\ngpg: \"timeout=10 http-proxy=http://proxy..com:3128\" not a key ID: skipping\ngpg: requesting key 44E6CBCD from hkp server pgp.uni-mainz.de\ngpg: no valid OpenPGP data found.\ngpg: Total number processed: 0", "stderr_lines": ["gpg: directory/root/.gnupg' created", "gpg: new configuration file /root/.gnupg/gpg.conf' created", "gpg: WARNING: options in/root/.gnupg/gpg.conf' are not yet active during this run", "gpg: keyring /root/.gnupg/secring.gpg' created", "gpg: keyring/root/.gnupg/pubring.gpg' created", "gpg: \"--keyserver-options\" not a key ID: skipping", "gpg: \"timeout=10 http-proxy=http://proxy..com:3128\" not a key ID: skipping", "gpg: requesting key 44E6CBCD from hkp server pgp.uni-mainz.de", "gpg: no valid OpenPGP data found.", "gpg: Total number processed: 0"], "stdout": "gpgkeys: key 09E2CD4944E6CBCD can't be retrieved", "stdout_lines": ["gpgkeys: key 09E2CD4944E6CBCD can't be retrieved"]}

[juju4]

I update the role to either network download, either local import pgp keys. latter is default and should solved in a reliable way this. Please check.

As a reminder, until all misp developers are using pgp signed commit and that git signing check is enabled, it's not really blocking to miss this.

[juju4]

closing as addressed in a different way