-
-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check the existence and version of Sigstore CLI #194
Conversation
Looks good, thanks. Testing, first I uninstalled sigstore CLI from the server: ✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
💥 Checking Sigstore CLI
Traceback (most recent call last):
File "/Users/hugo/github/release-tools/run_release.py", line 1333, in <module>
main()
File "/Users/hugo/github/release-tools/run_release.py", line 1329, in main
automata.run()
File "/Users/hugo/github/release-tools/run_release.py", line 245, in run
raise e from None
File "/Users/hugo/github/release-tools/run_release.py", line 242, in run
self.current_task(self.db)
File "/Users/hugo/github/release-tools/release.py", line 126, in __call__
return getattr(self, "function")(db)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/hugo/github/release-tools/run_release.py", line 327, in check_sigstore_client
raise ReleaseException(
ReleaseException: Sigstore version not detected or not valid. Expecting 3.x: Then installed sigstore<3 (2.1.5) on the server: ✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
💥 Checking Sigstore CLI
Traceback (most recent call last):
File "/Users/hugo/github/release-tools/run_release.py", line 1333, in <module>
main()
File "/Users/hugo/github/release-tools/run_release.py", line 1329, in main
automata.run()
File "/Users/hugo/github/release-tools/run_release.py", line 245, in run
raise e from None
File "/Users/hugo/github/release-tools/run_release.py", line 242, in run
self.current_task(self.db)
File "/Users/hugo/github/release-tools/release.py", line 126, in __call__
return getattr(self, "function")(db)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/hugo/github/release-tools/run_release.py", line 327, in check_sigstore_client
raise ReleaseException(
ReleaseException: Sigstore version not detected or not valid. Expecting 3.x: sigstore 2.1.5 Then installed sigstore==3.4.0 on the server: ✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
✅ Checking Sigstore CLI Re: #177 (comment): now #193 has been merged (to send Sigstore CLI verification to stdout, not stderr), is sigstore 3.x enough? And we don't need 3.5+? |
You're right, we should make sure it's up-to-date to avoid last-second issues. Let me make the version check handle that. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Testing again, not installed:
✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
💥 Checking Sigstore CLI
Traceback (most recent call last):
File "/Users/hugo/github/release-tools/run_release.py", line 1336, in <module>
main()
File "/Users/hugo/github/release-tools/run_release.py", line 1332, in main
automata.run()
File "/Users/hugo/github/release-tools/run_release.py", line 245, in run
raise e from None
File "/Users/hugo/github/release-tools/run_release.py", line 242, in run
self.current_task(self.db)
File "/Users/hugo/github/release-tools/release.py", line 126, in __call__
return getattr(self, "function")(db)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/hugo/github/release-tools/run_release.py", line 330, in check_sigstore_client
raise ReleaseException(
ReleaseException: Sigstore version not detected or not valid. Expecting 3.5.x or later:
sigstore-2.1.5:
✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
💥 Checking Sigstore CLI
Traceback (most recent call last):
File "/Users/hugo/github/release-tools/run_release.py", line 1336, in <module>
main()
File "/Users/hugo/github/release-tools/run_release.py", line 1332, in main
automata.run()
File "/Users/hugo/github/release-tools/run_release.py", line 245, in run
raise e from None
File "/Users/hugo/github/release-tools/run_release.py", line 242, in run
self.current_task(self.db)
File "/Users/hugo/github/release-tools/release.py", line 126, in __call__
return getattr(self, "function")(db)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/hugo/github/release-tools/run_release.py", line 330, in check_sigstore_client
raise ReleaseException(
ReleaseException: Sigstore version not detected or not valid. Expecting 3.5.x or later: sigstore 2.1.5
sigstore-3.4.0:
✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
💥 Checking Sigstore CLI
Traceback (most recent call last):
File "/Users/hugo/github/release-tools/run_release.py", line 1336, in <module>
main()
File "/Users/hugo/github/release-tools/run_release.py", line 1332, in main
automata.run()
File "/Users/hugo/github/release-tools/run_release.py", line 245, in run
raise e from None
File "/Users/hugo/github/release-tools/run_release.py", line 242, in run
self.current_task(self.db)
File "/Users/hugo/github/release-tools/release.py", line 126, in __call__
return getattr(self, "function")(db)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/hugo/github/release-tools/run_release.py", line 330, in check_sigstore_client
raise ReleaseException(
ReleaseException: Sigstore version not detected or not valid. Expecting 3.5.x or later: sigstore 3.4.0
sigstore-3.5.1:
✅ Checking autoconf is available
✅ Validating ssh connection to downloads.nyc1.psf.io and docs.nyc1.psf.io
✅ Checking Sigstore CLI
Closes #179, long-term solution is to do all the signing on the RM machine. This will do for now to catch fixable mistakes.