Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to generate sign.request #697

Open
sdimitro opened this issue Oct 28, 2022 · 2 comments
Open

Failed to generate sign.request #697

sdimitro opened this issue Oct 28, 2022 · 2 comments

Comments

@sdimitro
Copy link
Contributor 

05:30:27  + cp /var/tmp/jenkins/workspace/appliance-build-stage0/post-push/appliance-build/upgrade/prepare prepare
05:30:27  + sha256sum payload.tar.gz version.info verification-version.info prepare
05:31:00  + set +o xtrace
05:31:00  curl: (22) The requested URL returned error: 404 
05:31:00  upgrade-image-from-aptly-repo.sh: failed to generate sign-request.response file
05:31:00  + die 'failed to generate upgrade image from Aptly repository'
05:31:00  ++ basename /var/tmp/jenkins/workspace/appliance-build-stage0/post-push/appliance-build/scripts/build-upgrade-image.sh
05:31:00  + echo 'build-upgrade-image.sh: failed to generate upgrade image from Aptly repository'
05:31:00  build-upgrade-image.sh: failed to generate upgrade image from Aptly repository
05:31:00  + exit 2

link: http://ops.jenkins.delphix.com/job/appliance-build-stage0/job/post-push/4745/execution/node/295/log/
@sdimitro
Copy link
Contributor Author

sdimitro commented Oct 28, 2022
edited
Loading

Problem seems to stem from here:

appliance-build/scripts/upgrade-image-from-aptly-repo.sh

Line 160 in a5936cd

if [[ -n "${DELPHIX_SIGNATURE_TOKEN:-}" ]] && [[ -n "${DELPHIX_SIGNATURE_URL:-}" ]]; then 

if [[ -n "${DELPHIX_SIGNATURE_TOKEN:-}" ]] && [[ -n "${DELPHIX_SIGNATURE_URL:-}" ]]; then
	echo "{\"data\": \"$(base64 -w 0 SHA256SUMS)\"}" >sign-request.payload ||
		die "failed to generate sigh-request.payload file"

	#
	# Here, we need to generate signature files for all of the appliance
	# versions that'll be allowed to upgrade from, using this upgrade
	# image. We rely on the user of this script to pass in this list
	# of versions; generally this will be some Jenkins automation.
	#
	for signature_version in $DELPHIX_SIGNATURE_VERSIONS; do
		curl -s -S -f -H "Content-Type: application/json" \
			-u "$DELPHIX_SIGNATURE_TOKEN" -d @sign-request.payload \
			"$DELPHIX_SIGNATURE_URL/upgrade/keyVersion/${signature_version}/sign" \
			>sign-request.response ||
			die "failed to generate sign-request.response file"

We got a 404 from the $DELPHIX_SIGNATURE_URL/...etc.../${signature_version}/sign. Unfortunately the logs don't tell us where this came from so I'll probably need to rerun the job in a bootstrap VM.

@pcd1193182
Copy link
Contributor

That means that the signing server threw a 404 when you tried to get the signature... Possibly the signing server removed support for an old key version that the appliance-build repo still tries to use?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pcd1193182 @sdimitro