Open MasterKrab opened 6 months ago
Hmm, i'm pretty sure this can only happen if the key and/or password you saved in the github settings is different from the one(s) you use locally.
Or really rarely, if one environment uses a vastly different tauri-cli version (in case your node_modules folder is still from the npm install
you got the package-lock.json
file from for example.
Hmm, i'm pretty sure this can only happen if the key and/or password you saved in the github settings is different from the one(s) you use locally. Or really rarely, if one environment uses a vastly different tauri-cli version (in case your node_modules folder is still from the
npm install
you got thepackage-lock.json
file from for example.
I deleted node_modules
, ran pnpm install
, set the password to empty, and checked the keys, but the issue persists.
Hmm, i looked through our discord where others reported a similar issue but all of them fixed it by either setting the secrets again (cause of a simple type or something) or by regenerating them completely.
I really can't think of anything else either. It still works for me and my keys are also super old (generated with 1.0 or 1.1 iirc) so i'm completely lost tbh.
me too tauri/target/release/bundle/macos/PagePatrol.app.tar.gz) Finished 2 bundles at: /Users/runner/work/pagepatrol/pagepatrol/src-tauri/target/release/bundle/macos/PagePatrol.app /Users/runner/work/pagepatrol/pagepatrol/src-tauri/target/release/bundle/dmg/PagePatrol_0.1.0_x64.dmg /Users/runner/work/pagepatrol/pagepatrol/src-tauri/target/release/bundle/macos/PagePatrol.app.tar.gz (updater)
Error incorrect updater private key password: Missing comment in secret key
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command. error Command failed with exit code 1. Error: Command failed with exit code 1: yarn tauri build
Hmm, i'm pretty sure this can only happen if the key and/or password you saved in the github settings is different from the one(s) you use locally. Or really rarely, if one environment uses a vastly different tauri-cli version (in case your node_modules folder is still from the
npm install
you got thepackage-lock.json
file from for example.I deleted
node_modules
, ranpnpm install
, set the password to empty, and checked the keys, but the issue persists. figure out ??
I ran into the same issue in Github Actions:
Finished release [optimized] target(s) in 3m 16s
Bundling annotator_0.2.2_amd64.deb (/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/deb/annotator_0.2.2_amd64.deb)
Bundling annotator_0.2.2_amd64.AppImage (/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/appimage/annotator_0.2.2_amd64.AppImage)
Bundling /home/runner/work/annotator/annotator/src-tauri/target/release/bundle/appimage/annotator_0.2.2_amd64.AppImage.tar.gz (/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/appimage/annotator_0.2.2_amd64.AppImage.tar.gz)
Finished 2 bundles at:
/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/deb/annotator_0.2.2_amd64.deb
/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/appimage/annotator_0.2.2_amd64.AppImage
/home/runner/work/annotator/annotator/src-tauri/target/release/bundle/appimage/annotator_0.2.2_amd64.AppImage.tar.gz (updater)
Error incorrect updater private key password: Missing comment in secret key
Error: Command failed with exit code 1: tauri build
https://github.com/snijderlab/annotator/actions/runs/8096651802/job/22125859028
Locally it works. Based on the comments above I reset my github secrets multiple times and generated new keys. This is the last of a couple of actions that failed on exactly the same reason.
I am using only the cargo-tauri-cli
and the tauri-apps/tauri-action
github action.
@douweschulte I forked your repo, regenerated the key, and it works for me: https://github.com/FabianLars/annotator/actions/runs/8097213610/job/22128304100#step:8:516
What's the exact command you used to generate the key and what version of the tauri cli are you using?
cargo tauri signer generate -w '$HOME/.tauri/annotator.key'
with my password pasted in there with tauri-cli 1.3.1
Thanks so much for looking into it!
I updated to 1.5.10
generated a new key pair and got the same error: https://github.com/snijderlab/annotator/actions/runs/8098279095/job/22131308247.
@douweschulte no issues on my side using dev
(source) action and no password, but I see you are using v0
(source) and a password.
https://github.com/Hacksore/overlayed/blob/master/.github/workflows/release.yaml#L91-L92
Possible things to try.
still can't reproduce it. How about a more drastic approach, can you post a private key, public key, and password combination that fails for you? (make sure it's not something you actually use in one of your apps)
I updated @tauri-apps/cli
to 1.5.10
, set action to tauri-apps/tauri-action@v0.5
and used a password.
Same error: https://github.com/MasterKrab/Penguin-Writer/actions/runs/8100511692
then i set action to tauri-apps/tauri-action@dev
.
Same error: https://github.com/MasterKrab/Penguin-Writer/actions/runs/8100607610/job/22138995188
then i set an empty password:
Same error: https://github.com/MasterKrab/Penguin-Writer/actions/runs/8100774078
Created new keys:
Same error: https://github.com/MasterKrab/Penguin-Writer/actions/runs/8100949483/job/22140028433
So I actually do get this so adding my analysis to the issue.
I see this on people making pull requests from a fork will not allow the TAURI_PRIVATE_KEY
and TAURI_PUBLIC_KEY
env vars to be pulled from my repos secrets.
🛑 Issue = Workflow Run (PR) - This is a user creating a pull request from a forked repo.
✅ No Issue = Workflow Run (PR) - This is me creating a pull request in the same repo.
So in my cause I think my issue was in my ci.yaml
workflow I was exposing the signing vars there. When someone made a PR from a fork Github intentionally does not allow those vars to be exposed.
I fixed it via the following commits https://github.com/Hacksore/overlayed/commit/969f4ea919bae23a9058cc3da66deb9c00edff0a https://github.com/Hacksore/overlayed/commit/2e67de4e701d89c4e5c5c6a01ec5ea5f6db3d583
Unsure if this is what @MasterKrab and others are experiencing though.
I have exactly the same problem... Did you found a solution ?
Here is a private/public key generated just for testing: private: dW50cnVzdGVkIGNvbW1lbnQ6IHJzaWduIGVuY3J5cHRlZCBzZWNyZXQga2V5ClJXUlRZMEl5VTFzZjIxbnNCWWFLYnBrLzJhUFVDOUZEV1FKZVhrVWRSWXc2eFpRODBaSUFBQkFBQUFBQUFBQUFBQUlBQUFBQUhlc2ovS0VrbTVqRmlQVW1yMndFNWg4bHVVc01pM3E3SEpGNnVhWFhVRUxDN1pDd0hJRmU2WThycjhydkJvMjlUR0t3YThGSHdyWnFPV0F6VmlCakFObzRUYWNWMlNnWWN1WUZYS09WUlBZMUxNUVJ3QXd2V2pSaEZsVHFQM21JbXlPb0NlNmJlY2s9Cg==
public: dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IDZFNkIwMEE2REJDRDg2RUYKUldUdmhzM2JwZ0JyYmo5eVNYMFBQLzFTVTN2R1lkb1ZndWp1RE13c0Q3ZlV4ekxXRTRxOUUwcFoK
password: no
My repo: https://github.com/Ziltosh/trading-bot-manager
Thank you.
Hello everyone
I had the same error and tried everything:
I hadn't seen in the previous comments "Don't set a password", so I always used one (also in Github's secret values), but I still managed to get the updater configuration to work.
All I had to do was limit the targets to those allowing the updater:
"targets": ["msi", "app", "appimage"]
And then my Github workflow worked!
As a suggestion, regarding this problem, I'd suggest excluding the updater configuration (even if it means putting a warning) from all targets that don't support it, so as to avoid any more errors of this kind.
Note also that the error message is not very explicit. I fumbled for a long time before finding the solution...
However, no binary for macOS? An app.tar.gz is generated, so do you have to compile them by hand? If so, that's promising >_<"
All I had to do was limit the targets to those allowing the updater:
That honestly makes no sense to. not saying you're wrong, but i don't think this is the actual root cause. Tauri won't try to sign bundle types that don't support the updater and i also had all bundles enabled in my testing. I'm not saying you're wrong, just that this can't be the only thing, there must be something else on top.
I also have a bit time today so i'm checking @Ziltosh examples (thank you btw!!)
Sooo, i forked https://github.com/Ziltosh/trading-bot-manager from the comment above https://github.com/tauri-apps/tauri-action/issues/658#issuecomment-2182821662, copied the provided private key into a repo secret and the pubkey into tauri.conf.json and it worked fine... https://github.com/FabianLars/trading-bot-manager/actions/runs/9694702927/job/26752906291
Sooo, i forked https://github.com/Ziltosh/trading-bot-manager from the comment above #658 (comment), copied the provided private key into a repo secret and the pubkey into tauri.conf.json and it worked fine... https://github.com/FabianLars/trading-bot-manager/actions/runs/9694702927/job/26752906291
Thank you for testing. I don't understand... Same code, same key: https://github.com/Ziltosh/trading-bot-manager/actions/runs/9696156866/job/26757480151
Always the same error.
Ok, I finally found it! I was incorrectly entering the TAURI_PRIVATE_KEY in the repository settings. You need to go to Secrets and variables > Actions, and directly click on Add repository secret.
Personally, I was adding an environment secret...
Thank you.
Yes, I had the same problem (I had defined a secret in an environment and not a secret in my repository).
That said, it wasn't enough on its own to fix the bug. What I was missing, and the error message was quite explicit, was the yarn tauri run dev
command.
Declare the updater function in the Cargo.toml file:
...
[dependencies]
tauri = { version = "1", features = [ "updater", "shell-open"] }
...
After running the yarn tauri run dev
command locally, it added this to my Cargo.toml and the build worked on Github.
On the other hand, I've never managed to create a Gitlab pipeline (sorry if I'm talking about the competition here, but I'm used to having my repositories on Gitlab, an old habit I picked up back in the days when you had to pay to have several private repositories on Github - that was a long time ago).
Now I generate all types of output correctly (nsis, wix, deb, AppImage, dmg, app.tar.gz) with the added bonus of a double update asset for nsis (Tauri.Base_0.0.2_x64-setup.nsis.zip and Tauri.Base_0.0.2_x64-setup.nsis.zip. sig - Tauri Base is the name of my application, I wanted a skeleton to clone for any new application -) which are however not used, unless I am mistaken (according to the documentation, the updater, for windows, only concerns installations via wix, and the latest.json file does not seem to list these nsis packages).
If anyone has an explanation, I'd love to hear it (as to why and how these two assets were created, and how to integrate them into the update process).
In the meantime, I've started to develop a website using the Phalcon framework, which will be responsible for managing all the applications using the update system (currently my site only manages the update part, but eventually I'm planning to have a showcase for downloading the installer, an administration panel to check the number of downloads, for example, or to delete applications, all activated via github webhooks).
Once I've got a viable project, I'll make its repository public (right now it's hosted on a private repository on Gitlab). And if by then a working pipeline for Gitlab is proposed, I'll try to come up with a system that works with both ;)
Now I generate all types of output correctly (nsis, wix, deb, AppImage, dmg, app.tar.gz) with the added bonus of a double update asset for nsis (Tauri.Base_0.0.2_x64-setup.nsis.zip and Tauri.Base_0.0.2_x64-setup.nsis.zip. sig - Tauri Base is the name of my application, I wanted a skeleton to clone for any new application -) which are however not used, unless I am mistaken (according to the documentation, the updater, for windows, only concerns installations via wix, and the latest.json file does not seem to list these nsis packages).
The updater itself supports both wix and nsis, but only one at a time because it can't detect which one the app was installed with.
tauri-action
will use the updaterJsonPreferNsis
(default false) config to decide which package to use in latest.json - unless only one type was built of course, then it uses that.
I'm building my app with the updater. I already tried putting a password or not, and it keeps giving me that error in the action, but locally, it works.
https://github.com/MasterKrab/Penguin-Writer/actions/runs/7379835021/job/20076548977