search

wied03 / cookbook-gpg

GPG cookbook for Chef, LWRP focused
2 stars 8 forks source link

Incompatible with gnupg 2.1 #5

Open bitphage opened 7 years ago

bitphage commented 7 years ago

OS: Ubuntu 16.04 gnupg2: 2.1.11-6ubuntu2

In gpg 2.1 parsing of secret keys has been removed:

# cat key.gpg |  gpg2 --with-fingerprint --with-colons
gpg: DBG: FIXME: merging secret key blocks is not anymore available
gpg: DBG: FIXME: No way to print secret key packets here

So get_key_header() in libraries/helper_gpg_interface.rb produces empty result which causes an error:

  * bsw_gpg_load_key_from_chef_vault[aptly gpg keys] action replace[2016-11-23T17:14:48+05:00] INFO: Processing bsw_gpg_load_key_from_chef_vault[aptly gpg keys] action replace (tgt-apt-repo::default line 26)

    ================================================================================
    Error executing action `replace` on resource 'bsw_gpg_load_key_from_chef_vault[aptly gpg keys]'
    ================================================================================

    NoMethodError
    -------------
    undefined method `type' for nil:NilClass

    Cookbook Trace:
    ---------------
    /var/cache/chef/cookbooks/bsw_gpg/libraries/provider_base.rb:20:in `action_replace'

    Resource Declaration:
    ---------------------
  ...

Probably may be worked around using gpg --list-packets

wied03 commented 7 years ago

Thanks for picking up on this. I don't use Chef anymore but if I get some time I'll try and look at it. Some of this could probably be done better if it used the Ruby GPG wrapper as well.

grv87 commented 7 years ago

The only Ruby GPG wrapper I could find is GPGME. GPGME doesn't work with custom keyrings. See https://bugs.g10code.com/gnupg/issue2820

wied03 commented 7 years ago

I'd be willing to accept a PR for your referenced commit but the test kitchen tests need to be updated first.