build-image: aptly gpg key expired
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Davlet Panech |
Bug Description
Brief Description
-----------------
Aptly uses a GPG key to sign the its repos (specifically, to sign the "Release" file). That key expired on 2024-02-23 and causes various build failures that manifest themselves in different ways depending on what state your build environment is.
Severity
--------
Critical
Steps to Reproduce
------------------
Complete delete your build env (eg stx-init-env --reset-hard)
Do a full build: downloader, build-pkgs, build-iso.
Expected Behavior
------------------
All build steps succeed
Actual Behavior
----------------
Build fails with aptly GPG errors.
Reproducibility
---------------
Reproducible.
System Configuration
-------
N/A
Branch/Pull Time/Commit
-------
master/2024-02-23
Last Pass
---------
master/2024-02-22
Timestamp/Logs
--------------
N/A
Test Activity
-------------
N/A
Workaround
----------
N/A
Changed in starlingx: | |
assignee: | nobody → Davlet Panech (dpanech) |
Changed in starlingx: | |
status: | New → In Progress |
Changed in starlingx: | |
status: | In Progress → Fix Committed |
tags: | added: stx.build stx.too |
tags: |
added: stx.tools removed: stx.too |
Changed in starlingx: | |
importance: | Undecided → High |
status: | Fix Committed → Fix Released |
tags: | added: stx.10 |
tags: |
added: stx.8.0 stx.9.0 removed: stx.10 |
Reviewed: https:/ /review. opendev. org/c/starlingx /tools/ +/910036 /opendev. org/starlingx/ tools/commit/ 14d5030d094040f 5c5fdf83c52300a 1f2791b8ac
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 14d5030d094040f 5c5fdf83c52300a 1f2791b8ac
Author: Davlet Panech <email address hidden>
Date: Fri Feb 23 21:24:47 2024 -0500
aptly: update expired GPG key
Aptly repos are signed with a GPG key embedded in environment
containers. That key expired today (2024-02-23).
Replace key with a new one that does not expire at all.
Partial-Bug: 2054862 b8c9546e99865ec f62faaf506a
Signed-off-by: Davlet Panech <email address hidden>
Change-Id: I41a5c7a785a23e