Comments (7)
Update. This appears to be an issue with GPG keys with subkeys.
When a key without a subkey was configured, then everything worked great.
I am still really curious about why the original key, which was valid, didn't work.
I am also concerned that I was presented with a NullPointerException
in the UI instead of a meaningful message that my configured signing key had an issue.
from nexus-repository-apt.
Thanks for the detailed info!
I wonder if at some point you removed the master private key from your keyring (like is suggested here: https://wiki.debian.org/Subkeys). Or perhaps gpg requires additional incantations to export the private portion of a master key.
As far as why the NPE instead of a meaningful message: this is simply not a case that I've encountered before and didn't realize was possible. This plugin is not a Sonatype product, it's a volunteer effort, so it can definitely lack some of the polish that a commercial product might have. Personally I don't have a great amount of time to devote to this plugin, so I probably won't get around to writing a fix to handle this case in a less confusing way any time soon, but I'm happy to review and merge patches!
from nexus-repository-apt.
@mpoindexter I'll take a look at the subkeys thing and see what is going on there. We found that we actually didn't need to use it, but I would like to know what is going on there.
I fully understand the lack of polish and how only what is currently painful is what bubbles to the top. My team is currently maintaining a couple of Gradle plugins ourselves.
I'm going through the hoops on my end to get approval to sign the Sonatype Contributor License Agreement and submit a PR. It should be inbound this week.
from nexus-repository-apt.
@wdschei do you have any updates on this?
from nexus-repository-apt.
@macalinao I finally got approval and will be submitting a PR to provide a better message other than the NPE shortly.
from nexus-repository-apt.
Just passing by ...
I've recently submitted a PR that fixes a similar issue in Gradle.
Here it is: gradle/gradle#10366.
The main issue was that the keyring (multiple keys) was treated as a single key.
from nexus-repository-apt.
APT is now part of Nexus Repository Manager. Version 3.17.0 includes the APT plugin by default.
If this is still an issue if using 3.17.0 or later please file an issue at https://issues.sonatype.org/.
Links to the new source code location are in the top level README.md
from nexus-repository-apt.
Related Issues (20)
- Upgrade from 3.14.0-04 to 3.15.2-01 fails HOT 2
- Add docker image to Docker Hub with CI HOT 11
- Does not compile HOT 2
- 'all' arch apparently not honored by repo HOT 3
- Where is 1.0.10 release? HOT 2
- problem during apt update HOT 3
- Update to 3.16.1 HOT 2
- How to update the version HOT 1
- Could not upload asset HOT 1
- Having trouble using nexus as apt-repo HOT 2
- Support PUT in addition to POST so maven-deploy-plugin and maven-wagon-plugin can be used HOT 4
- Feature Request: Cleanup Task HOT 2
- missing requirements on install
- New APT features won't work for existing users
- [DepShield] (CVSS 9.8) Vulnerability due to usage of com.fasterxml.jackson.core:jackson-databind:2.9.2 HOT 2
- Update to use Nexus Repo 3.15 HOT 2
- Auto startup HOT 1
- Incorrect format of Date field in Release file
- No packages/pool folder generation HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nexus-repository-apt.