Enable pinentry mode to loopback for GPG signing (!1614) · Merge requests · GitLab.org / gitlab-runner

Steve Xuereb - Out of Office Back 2024-06-16 requested to merge 4751-ci-failing-to-sign-packages into master Oct 02, 2019

What does this MR do?

Enable pinentry mode to loopback

Why was this MR needed?

With !1606 (merged) we upgraded the base image used for CI, which included a OS version upgrade from Debian 8 to Debian 9. Debian 9 comes with gpg2 instead of v1 so things work a bit differently.

When --pinentry-mode=loopback is not passed we get errors like gpg: signing failed: Inappropriate ioctl for device due to the lack of TTY in CI.

Looking a deb package provided in https://gitlab-runner-downloads.s3.amazonaws.com/v12.3.0/index.html we can see the following:

gpg --verify out/deb/gitlab-runner_amd64.deb

gpg: Signature made Fri Sep 20 10:33:18 2019 CEST
gpg:                using RSA key 9CE45ABC880721D4
gpg: Can't check signature: No public key

With gpg2 now we can see the same thing

gpg: Signature made Wed Oct  2 15:03:55 2019 CEST
gpg:                using RSA key 30183AC2C4E23A409EFBE7059CE45ABC880721D4
gpg: Can't check signature: No public key

Does this MR meet the acceptance criteria?

Documentation created/updated
Added tests for this feature/bug
In case of conflicts with master - branch was rebased

What are the relevant issue numbers?

Closes #4751 (closed)

Enable pinentry mode to loopback for GPG signing

What does this MR do?

Why was this MR needed?

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Merge request reports