Snapcraft

when a validation already exists, the error message is not nice and is displayed after entering the password

Bug #1636981 reported by Leo Arias on 2016-10-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Snapcraft	New	Undecided	Unassigned

Bug Description

I tried to create the same validation twice. The second time it fails displaying an error; but this error is shown after I entered my password. I think the error should be shown before signing the validation.

$ snapcraft validate u1test20161026 ubuntu-core=3
Getting details for ubuntu-core
Signing validation ubuntu-core=3

You need a passphrase to unlock the secret key for
user: "default"
4096-bit RSA key, ID D017FEB3, created 2016-01-01

Received error 409: 'There is already a validation assertion stored for snap-id y8gqFXGKAfN5NoZtNRZHqWhB1C4jt3Gi in this context.'

In addition to that, the error is not for humans. It shows the error code, the snap-id, and it's not nicely formatted.

Tags:

Revision history for this message

Natalia Bidart (nataliabidart) wrote on 2021-01-20:

Python3 helper to revoke an existing validation assertion Edit (4.7 KiB, text/x-python)

Attaching a script to act as a workaround for this issue. Instructions to use it:

1- be sure to have handy the snap ID of the gating snap, the account ID of the publisher of the gating snap, the snap ID of the gated snap and the gated revision that it's being revoked

2- be sure you have access to a valid, store-registered key belonging to the publisher of the gating snap

3- install "surl" (source code at https://github.com/Roadmaster/surl/), which is a CLI helper to make macaroon-authenticated requests against the store APIs

$ sudo snap install surl

3- obtain a suitable macaroon with the right permissions to (later) upload the new assertion to the store:

$ surl -a store-token -e <publisher-email> -p package_access -p package_release -s production

4- generate and sign a new (local) revision of the validation assertion revoking a previous validation (this will create a file that you can review later, nothing will be pushed to the store yet):

$ python3 revoke_assertion.py <publisher-account-id> <gating-snap-id> <gated-snap-id> <gated-revision> --key <key-name>

5- Review the output and execute the printed surl command

Example of a run:

$ python3 revoke_assertion.py AfdTtIZrrGjK2D0xQgvZmGJiVIt6Y3cd ivnP3NKZiyReJIJdlzXBRxxl4n3SkcnC 99T7MUlRhtI3U0QFgl5mXXESAiSwt776 9437 --key validations-test

** Please review the assertion before submitting it to the store, assertion was signed and stored in:

/home/nessita/ivnP3NKZiyReJIJdlzXBRxxl4n3SkcnC-99T7MUlRhtI3U0QFgl5mXXESAiSwt776-9437-r3.assertion

** After assertion review, submit it to the store with:

surl -a store-token -X PUT https://dashboard.snapcraft.io//dev/api/snaps/ivnP3NKZiyReJIJdlzXBRxxl4n3SkcnC/validations -d '{"assertion": "type: validation\nauthority-id: AfdTtIZrrGjK2D0xQgvZmGJiVIt6Y3cd\nrevision: 3\nseries: 16\nsnap-id: ivnP3NKZiyReJIJdlzXBRxxl4n3SkcnC\napproved-snap-id: 99T7MUlRhtI3U0QFgl5mXXESAiSwt776\napproved-snap-revision: 9437\nrevoked: true\ntimestamp: 2021-01-20T14:28:59.663730Z\nsign-key-sha3-384: 39Yykj3WyH-fL3h-Q_3YSlDlEj-XUlT-SxYd6qTJL4dN3BP2Q0rGRO2lQm7XZiEm\n\nAcLBcwQAAQoAHRYhBJAtR/3peIgjQB/uhd0t1+KrVFrbBQJgCD4rAAoJEN0t1+KrVFrbyfMP/j1g\nWnUDvSMpuAJ4hOzI5U3Qt/j9mzhNnpXKw/OuLH3rYGRWEQFMlRZHRc6myOlEZovhORkhy/WJjszR\nP9WA4uNXOzFnZc/dfj74AQwBio5JqMqBcGoIMZi6AgmJ4tyJAJkvxz/lrGLqXftMa9/Yv+bC9tN8\nqHnyBaKc7rjxEjXfeAljBhZbl/ovUlPb+/cCrYIS4gc3rvoAhB8SDboG6h4SVCCzyquyU+MogZQ9\nH3GYw8jKhjrfVMJd/jexanLH2dhAfu4vL7so7yO6VnkEeDMg8W00EA75i8vXUnHi4XrboUvu2tF2\njbJmbPAiyL/C3XDo6eCOZovZE3q7KJaNIwhkig278x1VzCiy+yhq0rbrMgXx8/AqGkGIHE80d3Th\n5Z95QiUObTkW3kIjyDhUYLuy4dG5ikstE7DUC1pL0mzNMZwhTwJzhXZM7HYbwXGFtZC8Jx+CxuMR\nPql1k0jOk4NKHktFaQ5D8ARR0rdU9HGuzkqpOOas9D9tuigOXw8U2gIEdHpWHJJCvPkG1PzRblkx\nBAf45pob9ujVZckUAtBGsmyGrNsJoGk7JitYEhcgJd9KQqU21sZeV/XyGgW4wd8L9X7DJJxdwutP\n1qbxzgCaSFCtDRv7MJWHnhnBkWAoEDGXThdEWLXesPEKNDn1bGpL9lDldqhHumAdsXnSKaET\n"}'