Skip to content

Comments

gnupg: 2.4.0 -> 2.4.1#229168

Merged
vcunat merged 1 commit intoNixOS:stagingfrom
afh:update-gnupg
May 1, 2023
Merged

gnupg: 2.4.0 -> 2.4.1#229168
vcunat merged 1 commit intoNixOS:stagingfrom
afh:update-gnupg

Conversation

@afh
Copy link
Member

@afh afh commented Apr 30, 2023

Description of changes

Please let me know if this PR's merge base should rather be master than staging.

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.05 Release Notes (or backporting 22.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@ofborg ofborg bot requested review from fpletz and vrthra April 30, 2023 20:45
@ofborg ofborg bot added 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Apr 30, 2023
marsam
marsam approved these changes Apr 30, 2023
View reviewed changes
Copy link
Contributor

@marsam marsam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Release notes: https://dev.gnupg.org/T6454

@vcunat vcunat merged commit 0905eb9 into NixOS:staging May 1, 2023
@afh afh deleted the update-gnupg branch May 1, 2023 15:27
@afh
Copy link
Member Author

afh commented May 1, 2023

Thanks for merging, @vcunat, I look forward to the ADSK support GnuPG 2.4.1 brings.

@vcunat
Copy link
Member

vcunat commented May 8, 2023

Something around pinentry input changed apparently. Our VM tests regressed around that point.
https://hydra.nixos.org/build/218897070
https://hydra.nixos.org/build/218931684
Also mentioned on #229429 (comment)

@afh
Copy link
Member Author

afh commented May 8, 2023

Thanks for raising this, @vcunat, I'll have a look.

@afh
Copy link
Member Author

afh commented May 8, 2023

What I gather from the logs is this:

  1. nixos/tests/sway (log) times out hinting at a configuration or installation issue regarding pinentry.

  2. nixos/tests/gnupg.nix (log) fails due to: gpg: agent_genkey failed: No pinentry.

At this point I'm uncertain what the underlying cause is, i.e. is pinentry not installed for some reason or is the gpg-agent misconfigured and it does not find any pinentry binaries.

How can the test environment be inspected for debugging?

  • It would be helpful to see the output of gpgconf --check-programs
  • and the gpg.conf and gpg-agent.conf files used when running the tests

@vcunat
Copy link
Member

vcunat commented May 8, 2023

I'm not very good with NixOS VM tests. They can be run easily, e.g. nix-build -QA nixosTests.gnupg but I know basically nothing about real debugging them.

@vcunat
Copy link
Member

vcunat commented May 8, 2023

I noticed a passphrase-related change in 2.4.1, but not like I've looked into details: https://dev.gnupg.org/T6093

@afh
Copy link
Member Author

afh commented May 8, 2023

Being on macOS I'll look into spinning up a NixOS VM to run the tests. I'm not sure I see the connection between the pinentry issue and https://dev.gnupg.org/T6093 can you please elaborate bit?

@vcunat
Copy link
Member

vcunat commented May 9, 2023

Either way, I think I should ping maintainers of the broken NixOS tests (sway + gnupg): @primeos, @Synthetica9, @rnhmjoj. Maybe they'll have an idea, too.

@rnhmjoj
Copy link
Contributor

rnhmjoj commented May 9, 2023

I guess this release includes https://dev.gnupg.org/rGeae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed.
I would revert and postpone the update until the NixOS module is fixed, otherwise gpg is essentially unusable.

Anyway, please, don't ignore the tests: the gnupg one was even linked to the package.

@vcunat
Copy link
Member

vcunat commented May 9, 2023

Hmm, so that was apparently a breaking change? Merged in a period when breaking changes were disallowed in nixpkgs.

@afh
Copy link
Member Author

afh commented May 9, 2023
edited
Loading

Thanks for chiming in and providing the additional context, @rnhmjoj very much appreciated. A patch release seemed innocent at the time and I wasn't aware of the profile changes and their implications for NixOS (praises sandro for their comments over on the GnuPG issue).

I assumed that any tests are triggered from changes in PRs and would catch breaking changes, this does not seem to be the case. Where would I need to look to see if nixpkgs changes from a PR break NixOS related tests?

@vcunat
Copy link
Member

vcunat commented May 9, 2023
edited
Loading

There's no such place for these particular cases. Changing package like gnupg requires really lots of CPU to even get to building such tests.

@vcunat vcunat mentioned this pull request May 10, 2023
Merged
vcunat added a commit that referenced this pull request May 10, 2023
@vcunat
Merge #231023: Revert #229168 "gnupg: 2.4.0 -> 2.4.1"
2bb62dd 
...into staging
@vcunat
Copy link
Member

vcunat commented May 11, 2023

So I reverted it to 2.4.0 for now.

@corngood
Copy link
Contributor

corngood commented Jun 14, 2023

I didn't see this issue before, but I have a change that adds the units back: #231108.

@corngood
Copy link
Contributor

corngood commented Jun 26, 2023

Here's a PR to un-revert this #231110

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vrthra vrthra Awaiting requested review from vrthra

@fpletz fpletz Awaiting requested review from fpletz

1 more reviewer

@marsam marsam marsam approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@afh @vcunat @rnhmjoj @corngood @marsam