Closed stevedlawrence closed 3 months ago
Looks like those job logs need to be a gist in the future.
What can be done to get the last version of sbt-native-packager for the last version of sbt? Should I add a dependency on the Github repo?
@muuki88 do you mind if I tag a new release?
@dwickern please do ❤️❤️
@muuki88 I'm trying to figure out the release workflow. It looks like we make a release by pushing a tag like v1.9.19
. Unfortunately I don't have permission to push tags.
The issue seems to be that the release doesn't work anymore
[info] gpg: no default secret key: No secret key
[info] gpg: signing failed: No secret key
[error] java.lang.RuntimeException: Failure running 'gpg --batch --pinentry-mode loopback --passphrase *** --detach-sign --armor --use-agent --output /home/runner/work/sbt-native-packager/sbt-native-packager/target/scala-2.12/sbt-1.0/sbt-native-packager_2.12_1.0.pom.asc /home/runner/work/sbt-native-packager/sbt-native-packager/target/scala-2.12/sbt-1.0/sbt-native-packager_2.12_1.0.pom'. Exit code: 2
[error] at scala.sys.package$.error(package.scala:30)
[error] at com.jsuereth.sbtpgp.CommandLineGpgSigner.sign(PgpSigner.scala:74)
[error] at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$2(PgpSettings.scala:151)
[error] at scala.collection.TraversableLike.$anonfun$flatMap$1(TraversableLike.scala:293)
[error] at scala.collection.immutable.HashMap$HashMap1.foreach(HashMap.scala:400)
[error] at scala.collection.immutable.HashMap$HashTrieMap.foreach(HashMap.scala:728)
[error] at scala.collection.TraversableLike.flatMap(TraversableLike.scala:293)
[error] at scala.collection.TraversableLike.flatMap$(TraversableLike.scala:290)
[error] at scala.collection.AbstractTraversable.flatMap(Traversable.scala:108)
[error] at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$1(PgpSettings.scala:146)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:49)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:62)
[error] at sbt.std.Transform$$anon$4.work(Transform.scala:68)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:282)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:23)
[error] at sbt.Execute.work(Execute.scala:291)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:282)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:265)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:64)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error] at java.lang.Thread.run(Thread.java:748)
[error] (signedArtifacts) Failure running 'gpg --batch --pinentry-mode loopback --passphrase *** --detach-sign --armor --use-agent --output /home/runner/work/sbt-native-packager/sbt-native-packager/target/scala-2.12/sbt-1.0/sbt-native-packager_2.12_1.0.pom.asc /home/runner/work/sbt-native-packager/sbt-native-packager/target/scala-2.12/sbt-1.0/sbt-native-packager_2.12_1.0.pom'. Exit code: 2
[error] Total time: 26 s, completed Mar 21, 2024 8:11:45 AM
https://github.com/sbt/sbt-native-packager/actions/runs/8371636269/job/22921031611#step:6:1091
I started working on upgrading all dependencies and got stuck by https://github.com/sbt/sbt-ghpages/issues/132
@dwickern you should now have permissions to push tags
I think #1566 will unblock the release
Tags are now pushed so this ticket can be closed :+1: (sorry I was wrong, see next comment)
@muuki88 Please look at
I think it fixes the problems you experience.
Sorry, I was wrong... I thought this issue is about pushing the missing tags, but I see that the tags are here but the releases are not:
Sorry!
I have removed tags before and re-added them to force a new publish.
@ekrich There still doesn't seem to be any version published after 1.9.16
I didn't mean on this repo. I just meant that the tags can be removed and tagged again if that helps for publishing the versions that didn't "really" get published.
I hope after merging #1566 (which upgrades sbt-ci-release to the latest version) new releases will go through...
@dwickern you should now have permissions to push tags
I'm still not able to. @muuki88 if you could push a new tag, we'll see if the release action is working now.
I'll check the permissions 🫠
@dwickern you have maintain writes and should work. There are not tag protection rules
I just pushed v1.10.0
- hope for the best :pray:
https://github.com/sbt/sbt-native-packager/actions/runs/8659945418/job/23746832718
[info] set current project to sbt-native-packager (in build file:/home/runner/work/sbt-native-packager/sbt-native-packager/)
Running ci-release.
branch=refs/tags/v1.10.0
gpg (GnuPG) 2.2.19
java.lang.RuntimeException: base64: invalid input
at com.geirsson.PipeFail$PipeFailOps.$hash$bar$bang(PipeFail.scala:28)
at com.geirsson.CiReleasePlugin$.setupGpg(CiReleasePlugin.scala:96)
at com.geirsson.CiReleasePlugin$.$anonfun$globalSettings$4(CiReleasePlugin.scala:144)
not entirely as planned :cry:
@muuki88 Did you change the secrets in https://github.com/sbt/sbt-native-packager/settings/secrets/actions?
Looks like they are availabe but not correctly encoded?
Run sbt ci-release
sbt ci-release
shell: /usr/bin/bash -e {0}
env:
CI: true
JAVA_HOME: /home/runner/.jabba/jdk/adopt@1.8.0-292
PGP_PASSPHRASE: ***
PGP_SECRET: ***
SONATYPE_PASSWORD: ***
SONATYPE_USERNAME: ***
See https://github.com/sbt/sbt-ci-release?tab=readme-ov-file#secrets and further
PGP_PASSPHRASE
: The randomly generated password you used to create a fresh gpg key.
Did you add your own pgp key or did Eugene add one?
@mkurz this one I created for sbt-native-packager only. I'll check it
Hmm yeah I just checked, yours was used for the 1.9.16 release:
$ wget https://repo1.maven.org/maven2/com/github/sbt/sbt-native-packager_2.12_1.0/1.9.16/sbt-native-packager-1.9.16.jar.asc
...
$ wget https://repo1.maven.org/maven2/com/github/sbt/sbt-native-packager_2.12_1.0/1.9.16/sbt-native-packager-1.9.16.jar
...
$ gpg --verify sbt-native-packager-1.9.16.jar.asc sbt-native-packager-1.9.16.jar
gpg: Signature made Mo 20 Feb 2023 18:51:13 CET
gpg: using RSA key 804B121465E4D6F46817FFB56B36C28F8F2C3E51
gpg: Can't check signature: No public key
$ gpg --keyserver pgp.mit.edu --recv-key 804B121465E4D6F46817FFB56B36C28F8F2C3E51
gpg: key 6B36C28F8F2C3E51: public key "sbt-native-packager ci release bot <nepomuk.seiler@mukis.de>" imported
gpg: Total number processed: 1
gpg: imported: 1
This is where it's failing, the setupGpg
method:
https://github.com/sbt/sbt-ci-release/blob/v1.5.12/plugin/src/main/scala/com/geirsson/CiReleasePlugin.scala#L85-L97
@muuki88 Maybe also first try to clean the caches? https://github.com/sbt/sbt-native-packager/actions/caches
There had to be some change in the environment after the 1.9.16 release, because 1.9.17 started to fail: https://github.com/sbt/sbt-native-packager/actions/workflows/release.yml Also there was not related change the publishing in 1.9.17: https://github.com/sbt/sbt-native-packager/compare/v1.9.16...v1.9.17
@muuki88 I am pretty sure you just have to update the PGP_SECRET
secret following the docs: https://github.com/sbt/sbt-ci-release?tab=readme-ov-file#secrets
There was an issue: https://github.com/sbt/sbt-ci-release/issues/226
Just be aware of: https://github.com/sbt/sbt-ci-release/pull/230/files
@muuki88 It seems the PGP_SECRET
contains an invalid character, I can reproduce the error with:
$ echo "%" | base64 --decode
base64: invalid input
I created anew pgp key and updated the key according to the instructions (thanks for the hint with zsh, I like triple checked this ), but the error remains.
gpg --armor --export-secret-keys 21E544EF6876D582ED5498E9745A8C6ED65E9E2D | base64 | base64 --decode
this does also work.
There had to be some change in the environment after the 1.9.16 release, because 1.9.17 started to fail:
The last PGP key expired last year. Probably this is the reason why things started to fail.
Can you try to use
gpg --armor --export-secret-keys 21E544EF6876D582ED5498E9745A8C6ED65E9E2D | base64 | sed -z 's;\n;;g'
? It removes all the new lines, this is what I am using (under arch linux)
Running all the commands from the sbt ci plugin works locally for me. This is weird.
It removes all the new lines, this is what I am using (under arch linux)
Yeah... it just did that as well (but without the cool sed
magic :smile: )
Are you on Windows, macOS, Linux?
Linux
It's working now!!! https://github.com/sbt/sbt-native-packager/actions/runs/8660949696/job/23749860386 :partying_face: :partying_face: :partying_face: :partying_face: What did you do in the end? Using sed?
Basically yes :+1: However with this helper :sweat_smile: https://plugins.jetbrains.com/plugin/2162-string-manipulation
Next problem:
2024-04-12 10:55:22.857Z error [SonatypeClient] Activity name:close, started:2024-04-12T10:54:12.608Z - (SonatypeClient.scala:466)
2024-04-12 10:55:22.858Z error [SonatypeClient] Failed: signature-staging, failureMessage:No public key: Key with id: (745a8c6ed65e9e2d) was not able to be located on <a href="http://pgp.mit.edu:11371/">http://pgp.mit.edu:11371/</a>. Upload your public key and try the operation again. - (SonatypeClient.scala:384)
2024-04-12 10:55:22.859Z error [Sonatype] [STAGE_FAILURE] Failed to close the repository. - (Sonatype.scala:440)
You need to submit your key, see screenshot:
Sorry do this:
gpg --keyserver hkp://keyserver.ubuntu.com --send-key 21E544EF6876D582ED5498E9745A8C6ED65E9E2D && \
gpg --keyserver hkp://pgp.mit.edu --send-key 21E544EF6876D582ED5498E9745A8C6ED65E9E2D && \
gpg --keyserver hkp://pool.sks-keyservers.net --send-key 21E544EF6876D582ED5498E9745A8C6ED65E9E2D
You are too good to me :joy: Thanks a lot. I'll be out now .
v1.10.3
- three times the charm!
Alright, here we go. 1.10.0 got published (first release since 14 months!)
So... why 1.10.0 and not 1.10.3... That is because sbt-ci-release is using sbt-dynver to detect the latest tag, but if multiple tags point to the same commit then sbt-dynver has a hard time to figure out the correct order. This is a known issue:
Anyway, for us here it does not matter, it's even nicer to have a nice version number now :wink:
@dwickern @muuki88 You probably want to publish a GitHub release: https://github.com/sbt/sbt-native-packager/releases
@dwickern @muuki88 After you published the GitHub release, you can close this issue.
Also the publish process failed to push the github pages: https://github.com/sbt/sbt-native-packager/actions/runs/8661198045/job/23750625200
I opened
for that
Thanks a lot for @mkurz and also @dwickern for your time and patience🙏😊🥰🦄✨
I set v1.10.0 as the latest release. Thanks everyone for helping to make this happen! 🎉
So... why 1.10.0 and not 1.10.3... That is because sbt-ci-release is using sbt-dynver to detect the latest tag, but if multiple tags point to the same commit then sbt-dynver has a hard time to figure out the correct order. This is a known issue:
In theory, the GH action knows which tag triggered it, so we could pass it as an argument or environment variable to sbt. But it's not a big deal either way.
Tags have been created for v1.9.17 and v1.9.18 but no releases have been created, in either the GitHub releases (https://github.com/sbt/sbt-native-packager/releases) or published to the maven repos (https://central.sonatype.com/artifact/com.github.sbt/sbt-native-packager)
It looks like the github actions failed due to a gpg issue with sbt-ci-release:
v1.9.17: https://github.com/sbt/sbt-native-packager/actions/runs/5641807357/job/15280486680
v1.9.18: https://github.com/sbt/sbt-native-packager/actions/runs/5642779942/job/15283307724