Skip to content

Commit

Permalink
dbg(git): Add more logging #192
Browse files Browse the repository at this point in the history
  • Loading branch information
@imAsparky
imAsparky committed Dec 13, 2024
1 parent 7147cc6 commit ec3af44
Showing 1 changed file with 65 additions and 109 deletions.
174 changes: 65 additions & 109 deletions .github/workflows/main_PR.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -269,133 +269,89 @@ jobs:
python -m pip install --upgrade pip
pip install PyGithub tenacity
- name: Setup GPG with Debug
- name: Setup GPG
run: |
echo "=== Starting GPG Setup with Extensive Debugging ==="
echo "Date: $(date)"
echo "Hostname: $(hostname)"
echo "User: $(whoami)"
echo "Current directory: $(pwd)"
echo "Environment variables:"
env | sort
echo "=== Starting GPG Setup ==="
echo "\n=== System Information ==="
echo "Operating System:"
cat /etc/os-release
echo "\nGPG Version:"
gpg --version
echo "\nGit Version:"
git --version
echo "\n=== Creating GNUPGHOME ==="
echo "Current HOME: $HOME"
echo "Current GNUPGHOME (if any): $GNUPGHOME"
# Create GNUPGHOME
export GNUPGHOME="$(mktemp -d)"
echo "New GNUPGHOME: $GNUPGHOME"
echo "\n=== Setting GNUPGHOME Permissions ==="
ls -la "$GNUPGHOME" || echo "Directory doesn't exist yet"
echo "GNUPGHOME=$GNUPGHOME" >> $GITHUB_ENV
chmod 700 "$GNUPGHOME"
ls -la "$GNUPGHOME"
echo "Directory permissions set"
echo "\n=== Creating GPG Configuration ==="
echo "=== Creating GPG Agent Configuration ==="
mkdir -p "$GNUPGHOME/private-keys-v1.d"
chmod 700 "$GNUPGHOME/private-keys-v1.d"
cat > "$GNUPGHOME/gpg-agent.conf" << EOF
allow-loopback-pinentry
allow-preset-passphrase
enable-ssh-support
default-cache-ttl 1800
daemon
debug-level basic
log-file $GNUPGHOME/gpg-agent.log
EOF
echo "=== Creating GPG Configuration ==="
cat > "$GNUPGHOME/gpg.conf" << EOF
no-tty
use-agent
pinentry-mode loopback
batch
no-autostart
trust-model always
no-random-seed-file
no-permission-warning
quiet
no-tty
EOF
echo "GPG config contents:"
cat "$GNUPGHOME/gpg.conf"
echo "=== Starting GPG Agent ==="
gpg-agent --daemon --homedir "$GNUPGHOME" --allow-preset-passphrase --debug-level basic --log-file "$GNUPGHOME/gpg-agent.log"
echo "\n=== GPG Directory Structure Before Import ==="
find "$GNUPGHOME" -type f -ls
# Wait for agent to start
sleep 2
echo "\n=== Importing GPG Key ==="
echo "Content of SGK secret (length only):"
echo "Length of SGK: $(echo "${{ secrets.SGK }}" | wc -c) bytes"
echo "First line of SGK:"
echo "${{ secrets.SGK }}" | head -n1
echo "=== GPG Agent Status ==="
gpg-agent --homedir "$GNUPGHOME" --gpgconf-test
echo "\n=== Attempting Key Import ==="
# Save key to temp file for debugging
KEY_FILE="$GNUPGHOME/temp_key"
echo "${{ secrets.SGK }}" > "$KEY_FILE"
echo "Temporary key file contents (first line):"
head -n1 "$KEY_FILE"
echo "Key file permissions:"
ls -l "$KEY_FILE"
echo "=== Importing Key ==="
# First save the key to a file with proper permissions
echo "${{ secrets.SGK }}" > "$GNUPGHOME/secret.key"
chmod 600 "$GNUPGHOME/secret.key"
echo "\nImporting key with full output:"
gpg --batch --import "$KEY_FILE" 2>&1
IMPORT_STATUS=$?
echo "Import exit status: $IMPORT_STATUS"
# Import the key
gpg --homedir "$GNUPGHOME" --batch --import "$GNUPGHOME/secret.key"
KEY_IMPORT_STATUS=$?
echo "\n=== GPG Directory Structure After Import ==="
find "$GNUPGHOME" -type f -ls
if [ $KEY_IMPORT_STATUS -ne 0 ]; then
echo "Key import failed with status: $KEY_IMPORT_STATUS"
echo "Agent log:"
cat "$GNUPGHOME/gpg-agent.log"
exit $KEY_IMPORT_STATUS
fi
echo "\n=== GPG Key List After Import ==="
gpg --list-secret-keys --keyid-format LONG
gpg --list-keys --keyid-format LONG
echo "=== Setting Trust ==="
SIGNING_KEY="8C26627214B80016"
echo "SIGNING_KEY=$SIGNING_KEY" >> $GITHUB_ENV
echo "$SIGNING_KEY:6:" | gpg --homedir "$GNUPGHOME" --import-ownertrust
if [ $IMPORT_STATUS -eq 0 ]; then
echo "\n=== Setting Up Trust ==="
SIGNING_KEY="8C26627214B80016"
echo "Setting up trust for key: $SIGNING_KEY"
echo "$SIGNING_KEY:6:" | gpg --import-ownertrust
echo "Trust import status: $?"
echo "\n=== Trust DB Contents ==="
gpg --export-ownertrust
echo "\n=== Configuring Git ==="
git config --local user.signingkey "$SIGNING_KEY"
git config --local commit.gpgsign true
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
echo "\nGit config:"
git config --list
echo "\n=== Testing GPG Signing ==="
echo "test" > "$GNUPGHOME/test.txt"
echo "Attempting to sign test file:"
gpg --clearsign "$GNUPGHOME/test.txt" 2>&1
echo "Signing exit status: $?"
if [ -f "$GNUPGHOME/test.txt.asc" ]; then
echo "\nSigned file contents:"
cat "$GNUPGHOME/test.txt.asc"
else
echo "No signed file was created"
fi
echo "\n=== Final GPG Status ==="
echo "GPG agent status:"
gpg-agent --gpgconf-test
echo "\nGPG keys available:"
gpg --list-secret-keys --keyid-format LONG
echo "\nGPG public keys:"
gpg --list-public-keys --keyid-format LONG
else
echo "\n=== ERROR: Key Import Failed ==="
echo "Contents of GNUPGHOME:"
ls -laR "$GNUPGHOME"
echo "\nGPG agent status:"
gpg-agent --gpgconf-test || echo "GPG agent test failed"
exit 1
fi
echo "=== Configuring Git ==="
git config --local user.signingkey "$SIGNING_KEY"
git config --local commit.gpgsign true
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
echo "=== Testing Signing ==="
echo "test" | gpg --homedir "$GNUPGHOME" --batch --clearsign
echo "\n=== Setup Complete ==="
echo "Final timestamp: $(date)"
echo "=== Final Key List ==="
gpg --homedir "$GNUPGHOME" --list-secret-keys --keyid-format LONG
# Cleanup sensitive debug file
rm -f "$KEY_FILE"
# Cleanup sensitive files
rm -f "$GNUPGHOME/secret.key"
- name: Cleanup GPG
if: always()
run: |
if [ -n "$GNUPGHOME" ] && [ -d "$GNUPGHOME" ]; then
gpgconf --kill gpg-agent
rm -rf "$GNUPGHOME"
fi
- name: Run Update Changelog Script
id: update_changelog
Expand Down

0 comments on commit ec3af44

Please sign in to comment.