lacks a signature by a trusted key, when targetUser is other than root

[joshuacox]

colmena works great until one of my hosts has developed a "because it lacks a signature by a trusted key" error. (of note this randomly happens to one or more hosts using the alternate targetUser, but not all of them which is very inconsistent).

Performing a colmena upload-keys completes without error.

How do I force that host to update its keys, or how do I debug as to what is going wrong?

WORKAROUND: I had been using an alternate targetUser, changing this back to root enabled this host to pass the tests. However, all of my other hosts are still using the alternate user, this does seem to be a bug of some sort.

[qenya]

This happens occasionally for me too. I've discovered that if I colmena apply --build-on-remote once for the problematic host, it eliminates the error and I can build locally and apply again without issues. (Obviously this isn't feasible for all hosts - your workaround is probably more reliable.)

My suspicion is that it is caused by a version mismatch of something between the local machine and the remote - next time it happens I will attempt to isolate it.

[joshuacox]

ya I have since moved all back to using root in this particular cluster.

However, I'd be happy to lend a hand and test anything I can, or anything else I can to do to help hunt down the problem.

[bmwagner18]

I'm also having this issue. I've been getting by using --build-on-target, but I would like to figure out the root cause. If there's anything I can do to help diagnose this please let me know, because the errors basically mean nothing to me...