argocd-image-updater icon indicating copy to clipboard operation
argocd-image-updater copied to clipboard

Published 20 hours ago verified publisher icon argoproj-labs

Git write-back method and gpg-signed commits

Open vgrigoruk opened this issue 3 years ago • 3 comments

Is your feature request related to a problem? Please describe. We use git write-back method, but our repository has branch protection rules, which require all commits to main branch to be signed with a gpg key. It looks like there is partial support for passing gpg key id to the git commit command here, but I can not find a way to configure both CommitOptions.SigningKey and CommitOptions.SignOff options.

Describe the solution you'd like Support configuring these setting via --git-commit-signing-key and --git-commit-sign-offcli args and GIT_COMMIT_SIGNING_KEY and GIT_COMMIT_SIGN_OFF env vars here

Describe alternatives you've considered Disable require signed commits requirement in main branch protection rules.

vgrigoruk avatar Apr 29 '22 13:04 vgrigoruk

Any chance that the changes from the commit that referenced this issue will be ported upstream?

Den4200 avatar Jul 18 '23 22:07 Den4200

same issue, is there any solution?

time="2024-06-26T07:21:18Z" level=debug msg="Writing commit message to /tmp/image-updater-commit-msg1646947728" application=cicd-argo-application
time="2024-06-26T07:21:18Z" level=info msg="git -c gpg.format=openpgp commit -a -S -F /tmp/image-updater-commit-msg1646947728" dir=/tmp/git-cicd-argo-application3650244213 execID=06adc
time="2024-06-26T07:21:18Z" level=error msg="`git -c gpg.format=openpgp commit -a -S -F /tmp/image-updater-commit-msg1646947728` failed exit status 128: error: cannot run gpg: No such file or directory\nerror: gpg failed to sign the data:\n(no gpg output)\nfatal: failed to write commit object" execID=06adc
time="2024-06-26T07:21:18Z" level=info msg=Trace args="[git -c gpg.format=openpgp commit -a -S -F /tmp/image-updater-commit-msg1646947728]" dir=/tmp/git-cicd-argo-application3650244213 operation_name="exec git" time_ms=5.5094970000000005
time="2024-06-26T07:21:18Z" level=error
time="2024-06-26T07:21:18Z" level=info msg="Processing results: applications=1 images_considered=1 images_skipped=0 images_updated=0 errors=1"
time="2024-06-26T07:21:18Z" level=error msg="Could not update application spec: `git -c gpg.format=openpgp commit -a -S -F /tmp/image-updater-commit-msg1646947728` failed exit status 128: error: cannot run gpg: No such file or directory\nerror: gpg failed to sign the data:\n(no gpg output)\nfatal: failed to write commit object" application=cicd-argo-application

smhrazacb avatar Jun 26 '24 07:06 smhrazacb

This issue should already be resolved by https://github.com/argoproj-labs/argocd-image-updater/pull/710 . From the error above, it looks like the gpg executable is not available.

chengfang avatar Jun 26 '24 13:06 chengfang

we have the same errors. gpg executable is missing in the image of updater, shouldn't it be part of it?

zagr0 avatar Jul 03 '24 12:07 zagr0

This issue (error: cannot run gpg: No such file or directory) is fixed by https://github.com/argoproj-labs/argocd-image-updater/pull/767

chengfang avatar Jul 05 '24 14:07 chengfang