repo deployment: errors with gpg

[inigomartinez]

When running the reconfigure.bash script with repo argument in order to deploy the repo instance, the following show up in the log:

2018-01-23 12:39:21 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_building_repo]/returns (notice): gpgme gave error Pinentry:32870:  Inappropriate ioctl for device
2018-01-23 12:39:21 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_building_repo]/returns (notice): There have been errors!
2018-01-23 12:39:21 +0100 Puppet (err): python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_building -c returned 1 instead of one of [0]
2018-01-23 12:39:21 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_building_repo]/returns (err): change from notrun to 0 failed: python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_building -c returned 1 instead of one of [0]
2018-01-23 12:39:22 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_main_repo]/returns (notice): gpgme gave error Pinentry:32870:  Inappropriate ioctl for device
2018-01-23 12:39:22 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_main_repo]/returns (notice): There have been errors!
2018-01-23 12:39:22 +0100 Puppet (err): python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_main -c returned 1 instead of one of [0]
2018-01-23 12:39:22 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_main_repo]/returns (err): change from notrun to 0 failed: python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_main -c returned 1 instead of one of [0]
2018-01-23 12:39:23 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_testing_repo]/returns (notice): gpgme gave error Pinentry:32870:  Inappropriate ioctl for device
2018-01-23 12:39:23 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_testing_repo]/returns (notice): There have been errors!
2018-01-23 12:39:23 +0100 Puppet (err): python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_testing -c returned 1 instead of one of [0]
2018-01-23 12:39:23 +0100 /Stage[main]/Profile::Ros::Repo/Exec[init_testing_repo]/returns (err): change from notrun to 0 failed: python /home/jenkins-agent/reprepro-updater/scripts/setup_repo.py ubuntu_testing -c returned 1 instead of one of [0]

They seem to be related to gpg. However, I been checking my configuration regarding private and public GPG keys and everything seems to be ok.

[gavanderhoorn]

I get many hits on Google searching for gpgme gave error Pinentry:32870: Inappropriate ioctl for device, such as: Debian Bug 789608: reprepro: no passphrase prompt.

desc/puppet-reprepro#59 seems like it is similar.

Do your keys have passphrases?

[gavanderhoorn]

Anecdotal, but I just deployed a repo host (using master) and did not run into the problem you saw @inigomartinez.

[inigomartinez]

Do your keys have passphrases?

Yes, and once I removed them, the errors have dissapeared.

Thanks for your support,

[gavanderhoorn]

I don't know whether passphrases are supposed to work, so perhaps this is something to look into.

But that would be @nuclearsandwich's call.

[inigomartinez]

Yes, I was wondering if having keys without passphrases would be sane. However, the secret keys are in plain text inside the configuration, so they are not worth protecting.

[gavanderhoorn]

The readme in buildfarm_deployment says this about 'secrets':

Since your config repository will contain secrets such as private keys and access tokens, keep it private!

so the keys are stored plain text, but no-one except you is supposed to have access to them.

Whether passphrases make sense: I don't know. It'll probably require some more trickery - as the passphrases will have to be supplied somehow (shifts the problem).