Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
GPG Import fails for seemingly unknown reasons
See original GitHub issueExpected behaviour
The GPG should be imported
Actual behaviour
The GPG Import throws incorrect email (I’ve confirmed it’s correct), and if I don’t set the email and uses the one in the private key, it fails to sign the commits, using semantic-release.
Configuration
- Repository URL (if public): https://github.com/Colonise/Config
- Build URL (if public): https://github.com/Colonise/Config/actions
name: Node.js CI
on:
push:
branches:
- master
pull_request:
branches:
- master
env:
CI: true
CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
COLONISE_PACKAGE_NAME: ${{ secrets.COLONISE_PACKAGE_NAME }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
GIT_AUTHOR_NAME: ${{ secrets.GIT_NAME }}
GIT_AUTHOR_EMAIL: ${{ secrets.GIT_EMAIL }}
GIT_COMMITTER_NAME: ${{ secrets.GIT_NAME }}
GIT_COMMITTER_EMAIL: ${{ secrets.GIT_EMAIL }}
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v2.3.3
- name: Setup Node.js
uses: actions/setup-node@v2.1.2
with:
node-version: 14
- name: Install dependencies
run: |
# Run NPM Clean Install
npm ci
- name: Run Linters
run: |
# Run NPM lint script
npm run lint
build:
name: Build
needs: [lint]
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [12.x, 13.x, 14.x]
steps:
- name: Checkout Repository
uses: actions/checkout@v2.3.3
- name: Setup Node.js
uses: actions/setup-node@v2.1.2
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: |
# Run NPM Clean Install
npm ci
- name: Run Build
run: |
# Run NPM build script
npm run build
test:
name: Test
needs: [lint, build]
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [12.x, 13.x, 14.x]
steps:
- name: Checkout Repository
uses: actions/checkout@v2.3.3
- name: Setup Node.js with ${{ matrix.node-version }}
uses: actions/setup-node@v2.1.2
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: |
# Run NPM Clean Install
npm ci
- name: Run Unit Tests
run: |
# Run NPM test script
npm run test
coverage:
name: Test Coverage
needs: [lint, build, test]
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v2.3.3
- name: Setup Node.js
uses: actions/setup-node@v2.1.2
with:
node-version: 14
- name: Install dependencies
run: |
# Run NPM Clean Install
npm ci
- name: Run Test Coverage and Code Climate
uses: paambaati/codeclimate-action@v2.7.4
with:
coverageCommand: npm run coverage
debug: true
release:
name: Release
needs: [lint, build, test]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2.3.3
- name: Setup Node.js
uses: actions/setup-node@v2.1.2
with:
node-version: 14
- name: Install dependencies
run: npm ci
- name: Run Build
run: npm run distribute
- name: Zip Build
run: zip -r build.zip ./distribute/
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v3.0.1
with:
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
git-committer-name: ${{ secrets.GIT_NAME }}
git-committer-email: ${{ secrets.GIT_EMAIL }}
git-user-signingkey: true
git-commit-gpgsign: true
git-tag-gpgsign: true
git-push-gpgsign: true
- name: Run Semantic Release
run: npx semantic-release
Logs
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (3 by maintainers)
Top Results From Across the Web
Server creation blocked by GPG key import #1597 - GitHub
There's an issue causing gpg2 to fail to refresh keys when no "user ID" information is available. The problem here's two-fold, keys.openpgp.org ...
Read more >gpg decryption fails with no secret key error - Stack Overflow
I just ran into this issue, on the gpg CLI in Arch Linux. I needed to kill the existing "gpg-agent" process, then everything...
Read more >[SOLVED] PGP signature could not be verified!
If I use the 'public key' returned in the error message above, I get: $ pacman-key -f 919464515CCF8BB3 gpg: Note: trustdb not writable...
Read more >Error when importing GPG key - 1Password Community
I am installing 1Password on Gentoo using the tarball. I am attempting to verify the signature. When I follow the instructions, ...
Read more >Unable to add gpg key with apt-key behind a proxy
run $ gpg --list-keys for some reason (source); use another keyserver ( --keyserver pgp.mit.edu ); remove the hkp:// part ( --keyserver ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I also encountered this issue and found the problem. PR fix incoming 🚀
Verified working in my pipeline using
uses: Xunnamius/ghaction-import-gpg@v3.0.2-pr.2instead ofuses: crazy-max/ghaction-import-gpg@v3@razor-x @pathurs I will take a look thanks for your feedback