search

opendevstack / ods-quickstarters

Contains project quickstarters (boilerplates) for Nginx, Go, Java (Spring Boot), Python (Flask), Rust (Axum), Scala (Play), TypeScript (Express), Angular, Ionic, Jupyter, RShiny - all including CI/CD integration & Jenkins build agents
Apache License 2.0
26 stars 39 forks source link

Jenkins Agent NodeJS20 fails when using helm secrets as it is not able to find the gpg keyring #1001

Closed matzehecht closed 5 months ago

matzehecht commented 5 months ago

Describe the bug The build fails while trying to deploy using helm secrets, as helm secrets searches for the gpg keyring to be able to load the decryption key. As the group does not have permissions to list the contents of the /home/jenkins/.gnupg/ directory, it is not able to find the /home/jenkins/.gnupg/pubring.kbx keyring. This was already reported in the past for the older NodeJS agents (see #945) and fixed in August (see #946 ).

To Reproduce Steps to reproduce the behavior:

  1. Go to start a build with jenkins-agent-nodejs20 and helm secrets.

Expected behavior It should not fail.

Screenshots N/A

Affected version (please complete the following information):

Log Output (ensure to remove any confidential information like tokens, project names, etc.

gpg: WARNING: unsafe ownership on homedir '/home/jenkins/.gnupg'
gpg: failed to create temporary file '/home/jenkins/.gnupg/.#lk0x000055cdf4aea630.pod-a9f2400a-43e3-4e43-a689-d3d8e99846eb-2q12k-lp876.1536': Permission denied
gpg: keyblock resource '/home/jenkins/.gnupg/pubring.kbx': Permission denied
gpg: no writable keyring found: Not found
gpg: key 5C7B5D6E8D98EF46: failed to re-lookup public key: No public key
gpg: error reading ****: No public key
gpg: import from **** failed: No public key
gpg: Total number processed: 0
gpg:       secret keys read: 1

Additional context N/A