I am trying to publish my repo to maven central repo. I uploaded my public key to :
http://keys.gnupg.net
hkp://keyserver.ubuntu.com
hkp://pool.sks-keyservers.net
I could even receive the response from them using
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys XXXXXXXX
But while uploading the repo to maven staging, I am getting below error
No public key: Key with id: (XXXXXXXXXXXXXX)was not able to be located on <a href=http://keyserver.ubuntu.com:11371/>http://keyserver.ubuntu.com:11371/</a>. Upload your public key and try the operation again.[ERROR] * No public key: Key with id: (XXXXXXXXXXXXXX) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
I am not sure what is the mistake.
Any help would be appreciated.
I am uploading public key from Windows10.
Uninstalling and reinstalling the gpg4win app did the trick.
Related
I want to use private git repository with my config server. Here is my application.properties:
spring.application.name=PhotoAppApiConfigServer
server.port=8012
spring.cloud.config.server.git.uri=https://github.com/nasrouu/PhotoAppConfiguration.git
spring.cloud.config.server.git.username=myusername
spring.cloud.config.server.git.password=mypassword
spring.cloud.config.server.git.clone-on-start=true
spring.cloud.config.server.git.default-label=main
management.endpoints.web.exposure.include=busrefresh
spring.rabbitmq.host=localhost
spring.rabbitmq.port=5672
spring.rabbitmq.username=guest
spring.rabbitmq.password=guest
I get the following error:
Error occured cloning to base directory
org.eclipse.jgit.api.errors.TransportException:
https://github.com/nasrouu/PhotoAppConfiguration.git: not authorized
application.properties for my private github repositorie
gateway.ip=192.168.2.82
token.expiration_time=864000000
token.secret=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9eyJpZCI6IjVjOWYzYW
I2NzY2Mjg2NDYyNDY0YTczNCIsIm5hbWUiOiJSYW5keSIsImF2YXRhciI6I
i8vd3d3LmdyYXZhdGFyLmNvbS9hdmF0YXIvMTNhN2MyYzdkOGVk
NTNkMDc2MzRkOGNlZWVkZjM0NTEcz0yMDAmcj1wZyZkPW1tIiwi
aWF0IjoxNTU0NTIxNjk1LCJleHAiOjE1NTQ1MjUyOTV9SxRurShXSSI3SE11z6nme9EoaD2
9TDBFr8Qwngkg
login.url.path=/users/login
How should I fix it?
you must create a personal access token
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
then you copy the generated token as del key into the config file aplicaciĆ³n.propiedades.
For example:
spring.cloud.config.server.git.clone-on-start=true
spring.cloud.config.server.git.uri=https://github.com/joselizagaravito/RepositoryDemo
spring.cloud.config.server.git.username=myusername
spring.cloud.config.server.git.password=ghp_8ArBnIhaRUD4omMscbwOMydb4445556663
I'm trying to clone a repo using the following syntax inside a bash script
git clone "https://oauth2:[TOKEN]#github.com/[organization]/$reponame.git $REPOPATH/$reponame"
and I get the following error:
Cloning into 'protos-cusum_hmm-python'...
fatal: unable to access 'https://github.com/[organization]/protos-cusum_hmm-python.git /opt/protolangs/protos-cusum_hmm-python/': The requested URL returned error: 400
when I clone directly from command line git clone https://github.com/[organizaiton]/protos-cusum_hmm-python.git it works fine (presumable because it's using my cached credentials)
Any suggestions?
Edit:
Removed quotations around url (git clone https://oauth2:[TOKEN]#github.com/[organization]/$reponame.git $REPOPATH/$reponame) and now getting
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/fluxusinc/protos-cusum_hmm-python.git/'
EDIT2:
When hardcoded with token:
git clone "https://ghp_...O17xckH#github.com/[organization]/"$reponame".git" $REPOPATH/$reponame
it works, so seems like it's a problem with the YAML
- name: Run proto builder and deploy to repos
env:
P_TOKEN: ${{ secrets.REPO_TOKEN }}
run: |
chmod +x "${GITHUB_WORKSPACE}/build.sh"
"$GITHUB_WORKSPACE/build.sh"
shell: bash
much thanks to #torek....
turns out for whatever reason I had to put the secret in the repo rather than the organization and it worked... not sure why that was the case because github is showing it overriding
MORE INFO:
was able to figure out by setting the secret ACTIONS_STEP_DEBUG to true from here.
yielded
##[debug]Evaluating: secrets.REPO_TOKEN_GRPC
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'REPO_TOKEN_GRPC'
##[debug]=> null
##[debug]Result: null
showing that the token was empty for whatever reason
I have the following method:
def getEndpointContent(url)
return JSON.parse(open(url).read)
end
I want to use this to return the contents of a json file located in a git repo without checking out the repository.
However, if I pass in, for example, https://github.com/MyRep/myFile.json for the url parameter, I get the following error:
`connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
Is what I'm trying to do possible, and if so, how?
You won't be able to access the file using that URL.
GitHub provides raw file access using a different domain, and you haven't included your user or organization name. Also remember that a Git repository isn't simply a directory; you'll also have to provide a branch name or commit hash or something similar to tell GitHub which version of the file you want to see.
Something like this should work:
https://raw.githubusercontent.com/MyUser/MyRepo/master/myFile.json
You can find the raw link for a file by browsing to it in the GitHub UI and clicking the "Raw" link in the file's header.
Ruby doesn't trust the Github SSL certificate probably because it's too new for your version of Ruby and/or your OS.
Try the following from the command-line (assuming linux/OSX):
wget http://curl.haxx.se/ca/cacert.pem
Now in your Ruby code:
ENV['SSL_CERT_FILE'] = "/path/to/your/download/cacert.pem" # where you downloaded file to
require 'open-uri' # ensure this is after the above line.
def getEndpointContent(url)
return JSON.parse(open(url).read)
end
I'm using the "mavenDeployer" to use ssh/scp during "uploadArchives" task,
with the wagon ssh utilities.
Rather than code a password into the build.gradle, I'd like to rely on proper ssh setup. Specifically, I want to have the user specify their private key, and have that private key loaded in their environment (ssh-agent, ssh-add, etc). The maven repo has a shared userid,
and all real users have their .pub key properly added to the "authorized_keys" file
of shared userid.
Although maven/ant seem to have a "privateKey" attribute, and the Gradle DSL
accepts it, it doesn't seem to have any effect when I set it:
mavenDeployer {
configuration = pr.configurations.publishJars
String keyFile = System.properties["user.mavenKey"]
repository(url: "scp://maven.company.com/path/to/maven") {
logger.info("Using SSH key: ${keyFile}")
authentication(userName: "maven", privateKey: keyFile)
}
If I code in the actual password as per the example in gradle documentation,
it does work, so I know that things are working. Also, changing privateKey
to privatekey (all lower case) causes a property error, so I know the
property exists and is recognized at some level.
And I know the ssh key itself is working:
% ssh -i ~/.ssh/mavenKey maven#maven.company.com ls /
[ no errors, output trimmed ]
But when I run it, I get prompted for shared userid's password:
% gradle uploadArchives
[... stuff ...]
Using SSH key: /homes/klash/.ssh/mavenKey
Password for maven#evomaven.englab.juniper.net:
As you can see, it is NOT prompting for passphrase for the key.
Make sure that your private key doesn't require a pass phrase.
Can you access the remote from command line using ssh maven#evomaven.englab.juniper.net without being prompted for password?
If not use ssh-copy-id to send your public key to the server.
node 0.2.6 way:
var credentials = crypto.createCredentials({ "key": SSLKey, "cert": SSLCert, "ca": Ca, "password": SSLKeyPass })
var client = http.createClient(apiPort, host, true, credentials)
node 0.4 way:
var options = {
host: apiHost,
port: apiPort,
method: 'GET',
path: uri,
headers: {host: host},
key:SSLKey,
cert:SSLCert,
ca:Ca,
password:SSLKeyPass
}
var request = https.request(options, function (response) {
As you can see there is a password needed, I don't know where the password is supposed to go in node 0.4.
Where does SSLKeyPass go on node 0.4?
So even in the node 0.2.6 source code, the crypto.js module is not looking for a password property in the object you pass to createCredentials. Here's the createCredentials source from node 0.2.6. In version 0.4.8 there is still no mention of the word password in the crypto.js module. Did your 0.2.6 code really work?
As a general comment, use openssl to decrypt your private key, keep that secured on disk, and have your node code read that file. This seems to be the most commonly used option. The other options being A) have to manually type the passphrase to decrypt your private key whenever you launch your node server (pretty much nobody does this) or B) keep your cleartext passphrase on disk, which is not any different that just keeping the cleartext private key on disk, so AFAIK this is also a very uncommon solution to the problem of private key security.
You can decrypt your private key with the openssl command line like this:
openssl rsa -in your_encrypted_private.ekey -out your_private.key
openssl will prompt your for the passphrase interactively.
For the record, you can provide a passphrase when creating a Credentials object in Node.js. This section of Node.js documentation on the crypto module states that the passphrase option can be provided, for either the private key or PFX file. You do not have to keep your private key in clear text on disk somewhere for Node.