Hi,
I faced the problem with publishing to Sonatype recently. I used publishSigned, but something had changed. Now, gpg subprocess throws weird errors. Some of them are:
[don't know]: invalid packet (ctb=2d)
no default secret key: No secret key
signing failed: No secret key
I carefully went through https://www.scala-sbt.org/sbt-pgp/usage.html
I even tried every workaround listed at https://github.com/sbt/sbt-pgp/issues/72 and
https://github.com/sbt/sbt-pgp/issues/98
I tried with gpg 2.2.3 and gpg 2.0.31 on both OSX 10.13.4 and Ubuntu 14.04. But nothing worked out.
Could somebody share the step-by-step manual on how to publish artifact to Sonatype from SBT today?
I can’t claim any particular expertise on the topic, but here is my gorily-detailed writeup of the process, which I wrote after publishing my first couple of libraries. (It’s written in terms of Scala.js, but I think nearly everything is applicable regardless of your target.)
From the errors, I would particularly look at the step marked Set up your public/private keypair – if I had to guess, I would say that something’s happened to your keypairs in ~/.sbt/gpg, or possibly to the published public key…
@jducoeur did you check if your manual works for SBT 1.x?
This step throws error as follows:
> pgp-cmd gen-key
Failed to run pgp-cmd: GeneratePgpKey(). Please report this issue at http://github.com/sbt/sbt-pgp/issues
My article shouldn’t be interpreted as any sort of manual – it’s basically a very in-depth blog entry by an end user. And no, I haven’t even looked into what needs to change for sbt 1.x yet.
@jducoeur, please, tell me your OS with the version and gpg tool with the version that you use for publishing.
@jducoeur I got further with your blog post. Still, I have the error in the end as follows:
sbt> pgp-cmd gen-key
Please enter the name associated with the key: ???????
Please enter the email associated with the key: [email protected]
Please enter the passphrase for the key: ***********
Please re-enter the passphrase for the key: ***********
[info] Creating a new PGP key, this could take a long time.
[info] Public key := /home/auser/.sbt/gpg/pubring.asc
[info] Secret key := /home/auser/.sbt/gpg/secring.asc
[info] Please do not share your secret key. Your public key is free to share.
sbt> pgp-cmd send-key [email protected] hkp://pool.sks-keyservers.net
[info] Sending PublicKeyRing(PublicKey(b286898b766fcfc2, ??????? <[email protected]>, RSA@2048)) to HkpServer(http://pool.sks-keyservers.net:11371)
sbt> module/publishSigned
[info] Wrote /home/auser/gnmodule/module/target/scala-2.11/gnmodule_2.11-0.1.2-SNAPSHOT.pom
[error] gpg: directory `/home/auser/.gnupg' created
[error] gpg: new configuration file `/home/auser/.gnupg/gpg.conf' created
[error] gpg: WARNING: options in `/home/auser/.gnupg/gpg.conf' are not yet active during this run
[error] gpg: keyring `/home/auser/.gnupg/secring.gpg' created
[error] gpg: no default secret key: secret key not available
[error] gpg: signing failed: secret key not available
[error] java.lang.RuntimeException: Failure running gpg --detach-sign. Exit code: 2
Seems like SBT becomes broken when gnupg folder with files is created. Environment:
➜ $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.5 LTS
Release: 14.04
Codename: trusty
➜ $ gpg --version
gpg (GnuPG) 1.4.16
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
Any ideas how to fix that?
Sorry – I’m using the same OS and gpg versions, so I’m out of suggestions…
I reproduced the problem in the open source project: https://gitter.im/sirthias/parboiled2?at=5b159d607cb6a231358bd10f . Please, help to solve it.
Having spent more hours, I finally found the working configuration. My observations:
-
sbt 1.1.6 and sbt-pgp 1.1.1 fails with the error:
[error] gpg: [don't know]: invalid packet (ctb=2d)
[error] gpg: keydb_search failed: Invalid packet
[error] gpg: no default secret key: Invalid packet
[error] gpg: signing failed: Invalid packet
[error] java.lang.RuntimeException: Failure running gpg --detach-sign. Exit code: 2
[error] at scala.sys.package$.error(package.scala:27)
[error] at com.typesafe.sbt.pgp.CommandLineGpgSigner.sign(PgpSigner.scala:27)
[error] at com.typesafe.sbt.pgp.PgpSettings$.$anonfun$signingSettings$2(PgpSettings.scala:157)
[error] at scala.collection.TraversableLike.$anonfun$flatMap$1(TraversableLike.scala:241)
[error] at scala.collection.immutable.Map$Map4.foreach(Map.scala:233)
[error] at scala.collection.TraversableLike.flatMap(TraversableLike.scala:241)
[error] at scala.collection.TraversableLike.flatMap$(TraversableLike.scala:238)
[error] at scala.collection.AbstractTraversable.flatMap(Traversable.scala:104)
[error] at com.typesafe.sbt.pgp.PgpSettings$.$anonfun$signingSettings$1(PgpSettings.scala:154)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:44)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:39)
[error] at sbt.std.Transform$$anon$4.work(System.scala:66)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:263)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:16)
[error] at sbt.Execute.work(Execute.scala:272)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:263)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:174)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error] at java.lang.Thread.run(Thread.java:748)
-
sbt 1.1.6 and sbt-pgp 1.1.0 fails with the error:
[error] java.net.ProtocolException: Too many follow-up requests: 21
[error] at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:165)
[error] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
[error] at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
[error] at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:185)
[error] at okhttp3.RealCall.execute(RealCall.java:69)
[error] at sbt.internal.librarymanagement.ivyint.GigahorseUrlHandler.upload(GigahorseUrlHandler.scala:186)
[error] at org.apache.ivy.util.url.URLHandlerDispatcher.upload(URLHandlerDispatcher.java:82)
[error] at org.apache.ivy.util.FileUtil.copy(FileUtil.java:150)
[error] at org.apache.ivy.plugins.repository.url.URLRepository.put(URLRepository.java:84)
[error] at sbt.internal.librarymanagement.ConvertResolver$LocalIfFileRepo.put(ConvertResolver.scala:366)
[error] at org.apache.ivy.plugins.repository.AbstractRepository.put(AbstractRepository.java:130)
[error] at sbt.internal.librarymanagement.ConvertResolver$ChecksumFriendlyURLResolver.put(ConvertResolver.scala:118)
[error] at sbt.internal.librarymanagement.ConvertResolver$ChecksumFriendlyURLResolver.put$(ConvertResolver.scala:105)
[error] at sbt.internal.librarymanagement.ConvertResolver$$anonfun$defaultConvert$lzycompute$1$PluginCapableResolver$1.put(ConvertResolver.scala:165)
[error] at org.apache.ivy.plugins.resolver.RepositoryResolver.publish(RepositoryResolver.java:216)
[error] at sbt.internal.librarymanagement.IvyActions$.$anonfun$publish$5(IvyActions.scala:499)
[error] at sbt.internal.librarymanagement.IvyActions$.$anonfun$publish$5$adapted(IvyActions.scala:498)
[error] at scala.collection.TraversableLike$WithFilter.$anonfun$foreach$1(TraversableLike.scala:789)
[error] at scala.collection.Iterator.foreach(Iterator.scala:944)
[error] at scala.collection.Iterator.foreach$(Iterator.scala:944)
[error] at scala.collection.AbstractIterator.foreach(Iterator.scala:1432)
[error] at scala.collection.IterableLike.foreach(IterableLike.scala:71)
[error] at scala.collection.IterableLike.foreach$(IterableLike.scala:70)
[error] at scala.collection.AbstractIterable.foreach(Iterable.scala:54)
[error] at scala.collection.TraversableLike$WithFilter.foreach(TraversableLike.scala:788)
[error] at sbt.internal.librarymanagement.IvyActions$.publish(IvyActions.scala:498)
[error] at sbt.internal.librarymanagement.IvyActions$.$anonfun$publish$3(IvyActions.scala:144)
[error] at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:12)
[error] at sbt.internal.librarymanagement.IvyActions$.withChecksums(IvyActions.scala:157)
[error] at sbt.internal.librarymanagement.IvyActions$.withChecksums(IvyActions.scala:151)
[error] at sbt.internal.librarymanagement.IvyActions$.$anonfun$publish$1(IvyActions.scala:144)
[error] at sbt.internal.librarymanagement.IvyActions$.$anonfun$publish$1$adapted(IvyActions.scala:134)
[error] at sbt.internal.librarymanagement.IvySbt$Module.$anonfun$withModule$1(Ivy.scala:243)
[error] at sbt.internal.librarymanagement.IvySbt.$anonfun$withIvy$1(Ivy.scala:204)
[error] at sbt.internal.librarymanagement.IvySbt.sbt$internal$librarymanagement$IvySbt$$action$1(Ivy.scala:70)
[error] at sbt.internal.librarymanagement.IvySbt$$anon$3.call(Ivy.scala:77)
[error] at xsbt.boot.Locks$GlobalLock.withChannel$1(Locks.scala:95)
[error] at xsbt.boot.Locks$GlobalLock.xsbt$boot$Locks$GlobalLock$$withChannelRetries$1(Locks.scala:80)
[error] at xsbt.boot.Locks$GlobalLock$$anonfun$withFileLock$1.apply(Locks.scala:99)
[error] at xsbt.boot.Using$.withResource(Using.scala:10)
[error] at xsbt.boot.Using$.apply(Using.scala:9)
[error] at xsbt.boot.Locks$GlobalLock.ignoringDeadlockAvoided(Locks.scala:60)
[error] at xsbt.boot.Locks$GlobalLock.withLock(Locks.scala:50)
[error] at xsbt.boot.Locks$.apply0(Locks.scala:31)
[error] at xsbt.boot.Locks$.apply(Locks.scala:28)
[error] at sbt.internal.librarymanagement.IvySbt.withDefaultLogger(Ivy.scala:77)
[error] at sbt.internal.librarymanagement.IvySbt.withIvy(Ivy.scala:199)
[error] at sbt.internal.librarymanagement.IvySbt.withIvy(Ivy.scala:196)
[error] at sbt.internal.librarymanagement.IvySbt$Module.withModule(Ivy.scala:242)
[error] at sbt.internal.librarymanagement.IvyActions$.publish(IvyActions.scala:134)
[error] at sbt.Classpaths$.$anonfun$publishTask$4(Defaults.scala:2255)
[error] at sbt.Classpaths$.$anonfun$publishTask$4$adapted(Defaults.scala:2254)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:44)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:39)
[error] at sbt.std.Transform$$anon$4.work(System.scala:66)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:263)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:16)
[error] at sbt.Execute.work(Execute.scala:272)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:263)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:174)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
[error] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
[error] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[error] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[error] at java.lang.Thread.run(Thread.java:748)
-
sbt 0.13.17 and sbt-pgp 1.1.1 fails with the same error as in (1)
-
sbt 0.13.17 and sbt-pgp 1.1.0 published successfully.