search

microsoft / vscode-remote-release

Visual Studio Code Remote Development: Open any folder in WSL, in a Docker container, or on a remote machine using SSH and take advantage of VS Code's full feature set.
https://aka.ms/vscode-remote
Other
3.69k stars 296 forks source link

GPG not working with dev containers. It finds and tries to use my keys but gets "No such file or directory" errors #10496

Open red8888 opened 4 days ago

red8888 commented 4 days ago

Version: 1.95.2 (Universal) Commit: e8653663e8840adaf45af01eab5c627a5af81807 Date: 2024-11-07T11:07:22.054Z Electron: 32.2.1 ElectronBuildId: 10427718 Chromium: 128.0.6613.186 Node.js: 20.18.0 V8: 12.8.374.38-electron.0 OS: Darwin arm64 23.4.0

Dev container extension version: v0.388.0

Steps to Reproduce:

  1. Try to commit with gpg key while host is mac with keyboxd

After the last fix for this I still could not get it to work. I can see the agent is working in the container and reads the keys though.

# Inside container (mcr.microsoft.com/devcontainers/python:3.12-bullseye)
> uname -a 
Linux 350a5e7c7939 6.5.0-15-generic #15-Ubuntu SMP PREEMPT_DYNAMIC Tue Jan  9 22:39:36 UTC 2024 aarch64 GNU/Linux

> gpg --version
gpg (GnuPG) 2.2.27
libgcrypt 1.8.8

> gpg --list-secret-keys --keyid-format=long
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   4  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: next trustdb check due at 2025-02-18
/root/.gnupg/pubring.kbx
------------------------
<It shows all my keys from the host here>

# when I try to commit it finds the right key 
> export GIT_TRACE=1
> git commit -am 'sdfsdfsdf'  
21:51:32.572311 git.c:463               trace: built-in: git commit -am sdfsdfsdf
21:51:32.594160 run-command.c:657       trace: run_command: gpg --status-fd=2 -bsau <CORRECT KEY>
error: gpg failed to sign the data:
[GNUPG:] KEY_CONSIDERED <CORRECT KEY> 2
[GNUPG:] BEGIN_SIGNING H8
gpg: signing failed: No such file or directory
[GNUPG:] FAILURE sign 83918929
gpg: signing failed: No such file or directory

fatal: failed to write commit object

I also tried this with the latest ubuntu image with the latest gpg version and setting "use-keyboxd" in ~/.gnupg/common.conf in the dev container. It doesn't matter what it finds the right key but throws "No such file or directory".

I should add my gpg key is password protected.

Does this issue occur when you try this locally?: Yes/No Does this issue occur when you try this locally and all extensions are disabled?: Yes/No

chrmarti commented 2 days ago

Please check in the dev container:

Does signing without Git work:

echo "test" | gpg --clear-sign

Check if the config is correct:

git config --global user.signingkey
git config --global gpg.program
red8888 commented 1 day ago

Please check in the dev container:

Does signing without Git work:

echo "test" | gpg --clear-sign

Check if the config is correct:

git config --global user.signingkey
git config --global gpg.program

Thanks for helping me with this, maybe I'm just doing something wrong, I keep getting that same error:

> echo "test" | gpg --clear-sign

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

test
gpg: signing failed: No such file or directory
gpg: [stdin]: clear-sign failed: No such file or directory

Shows my correct key:

git config --global user.signingkey
14:32:07.720173 git.c:463               trace: built-in: git config --global user.signingkey
XXXXXXXXXXXXXX

This command returns nothing inside dev container and on the host: git config --global gpg.program

I said before my key is password protected. I fought with a ton of pinentry settings, but nothing I do seems to work I keep getting that "No such file or directory" error in the dev container.

chrmarti commented 1 day ago

I have pinentry-program /opt/homebrew/bin/pinentry-mac in my local ~/.gnupg/gpg-agent.conf.

Please also append the Dev Containers log from when this happens. (F1 > Dev Containers: Show Container Log)