Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Post-cleanup GPG action generates a warning if the same key is imported twice #93

Open
JustArchi opened this issue May 22, 2021 · 1 comment

Comments

@JustArchi
Copy link

JustArchi commented May 22, 2021

Behaviour

Post-cleanup GPG action fails if the same key is imported twice. This generates unnecessary warning that is not possible to correct from the user's perspective.

Some background: I have an action which downloads latest translations of my project from third-party service. Due to the way how it works, and the fact that it's currently impossible to set git config properties globally (see #92), I actually use your action to commit and push in two different repos in one action: a subdirectory wiki repo (which is a git submodule), and the main repo.

See https://github.com/JustArchiNET/ArchiSteamFarm/runs/2646297703 as an example.

image

Steps to reproduce this issue

Import the same key twice in two different actions.

    - name: Import GPG key for <someotherdir>
      uses: crazy-max/ghaction-import-gpg@v3
      with:
        gpg-private-key: ${{ secrets.GPG_KEY }}
        git-user-signingkey: true
        git-commit-gpgsign: true
        git-tag-gpgsign: true
        workdir: <someotherdir>

    - name: Import GPG key for root dir
      uses: crazy-max/ghaction-import-gpg@v3
      with:
        gpg-private-key: ${{ secrets.GPG_KEY }}
        git-user-signingkey: true
        git-commit-gpgsign: true
        git-tag-gpgsign: true

Expected behaviour

GPG action should not generate a warning that comes from the result of trying to remove the same key twice. One of the solutions might be to check if the key is in fact in the keystore prior to trying to remove it.

I'm unsure whether it won't be needed to deal with double agent-killing as well in this regard.

Actual behaviour

Second post-cleanup job generates this warning:

Post job cleanup.
🚿 Removing keys
Warning: gpg: key "<somekey>" not found: Not found
gpg: <somekey>: delete key failed: Not found

Configuration

name: ASF-translations

on:
  push:
  schedule:
  - cron: '0 2 * * *'

jobs:
  update:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v2
      with:
        submodules: recursive

    - name: Reset wiki to follow origin
      shell: sh
      run: |
        set -eu

        cd wiki

        git fetch --depth=1 origin master
        git reset --hard origin/master

    - name: Download latest translations from Crowdin
      uses: crowdin/[email protected]
      with:
        upload_sources: false
        download_translations: true
        skip_untranslated_strings: true
        push_translations: false
        crowdin_branch_name: main
        config: '.github/crowdin.yml'
        project_id: ${{ secrets.ASF_CROWDIN_PROJECT_ID }}
        token: ${{ secrets.ASF_CROWDIN_API_TOKEN }}

    - name: Import GPG key for wiki
      uses: crazy-max/ghaction-import-gpg@v3
      with:
        gpg-private-key: ${{ secrets.ARCHIBOT_GPG_PRIVATE_KEY }}
        git-user-signingkey: true
        git-commit-gpgsign: true
        git-tag-gpgsign: true
        workdir: wiki

    - name: Commit the changes to wiki
      shell: sh
      run: |
        set -eu

        cd wiki

        git add -A "locale"

        if ! git diff --cached --quiet; then
            git commit -m "Automatic translations update"
        fi

    - name: Push changes to wiki
      uses: ad-m/github-push-action@master
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        branch: master
        directory: wiki
        repository: ${{ github.repository }}.wiki

    - name: Import GPG key for ASF
      uses: crazy-max/ghaction-import-gpg@v3
      with:
        gpg-private-key: ${{ secrets.ARCHIBOT_GPG_PRIVATE_KEY }}
        git-user-signingkey: true
        git-commit-gpgsign: true
        git-tag-gpgsign: true

    - name: Commit the changes to ASF
      shell: sh
      run: |
        set -eu

        git add -A "ArchiSteamFarm/Localization" "ArchiSteamFarm.OfficialPlugins.SteamTokenDumper/Localization" "wiki"

        if ! git diff --cached --quiet; then
            git commit -m "Automatic translations update"
        fi

    - name: Push changes to ASF
      uses: ad-m/github-push-action@master
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        branch: ${{ github.ref }}

Logs

logs_4363.zip

Additional information

This isn't critical bug because only warning is generated and the workflow otherwise works properly, but it's definitely something that should be corrected in regards to planned use cases.

Side note: with enhancement mentioned in #92, the "proper" workaround for this issue might be "just import your key once globally instead". It'd definitely work for my case, but if somebody would indeed want to go full local with the same key in two different repos, he'll still get this warning.

Thanks in advance.

@crazy-max
Copy link
Owner

@JustArchi I hadn't thought of using this action several times in the same job and indeed it causes an issue in post step. #92 should mitigate this issue like you said but we could enhance the post step and check if the key actually exists and/or the agent is running.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants