codecov-action icon indicating copy to clipboard operation
codecov-action copied to clipboard

Published 20 hours ago verified publisher icon codecov

[v4] Failing to import PGP key when updating from v3 to v4

Open ryanlambert-wk opened this issue 1 year ago • 11 comments

After upgrading to v4, the pgp key configured for our code coverage repo cannot be imported. This doesn't stop uploads from succeeding unless you set fail_ci_if_error: true

Run codecov/codecov-action@v4
==> linux OS detected
https://cli.codecov.io/latest/linux/codecov.SHA256SUM
==> Running version latest
Warning: Codecov: Error importing pgp key
undefined
==> Running version v0.4.6
==> Running command '/runner/_work/_actions/codecov/codecov-action/v4/dist/codecov create-commit'
/runner/_work/_actions/codecov/codecov-action/v4/dist/codecov create-commit -C 084604d6a338b347288b8ff5c1f0bffd229da875
gpg: Signature made Fri Feb  2 14:15:33 2024 UTC
gpg:                using RSA key ...
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: Using untrusted key!

==> Uploader SHASUM verified

ryanlambert-wk avatar Feb 07 '24 21:02 ryanlambert-wk

@thomasrockhu wonder if this is related to https://github.com/codecov/codecov-action/issues/1262

rohan-at-sentry avatar Feb 08 '24 15:02 rohan-at-sentry

@rohan-at-sentry I don't believe so, this looks like it breaks earlier in the process

Warning: Codecov: Error importing pgp key

also the ordering is strange... the gpg verification happens before create-commit should happen

thomasrockhu avatar Feb 08 '24 15:02 thomasrockhu

Hi, this also happened over at https://github.com/python-trio/trio/actions/runs/7865327122/job/21458126980?pr=2951#step:7:12

At least for us, I suspect this is just because we're running a docker container (https://github.com/python-trio/trio/blob/f071c066b21a745376579313a621b2e15fe363f0/.github/workflows/ci.yml#L186) and things differ from the ubuntu runner. This also messes with the setup-python action.

A5rocks avatar Feb 11 '24 23:02 A5rocks

We are also getting this error across all platforms. We are running self-hosted runners if it helps.

2024-02-29T04:21:28.9082577Z ==> windows OS detected
2024-02-29T04:21:30.6716992Z https://cli.codecov.io/latest/windows/codecov.exe.SHA256SUM
2024-02-29T04:21:31.1063731Z ==> Running version latest
2024-02-29T04:21:31.1132992Z ##[error]Codecov: Error importing pgp key

nmoinvaz avatar Feb 29 '24 21:02 nmoinvaz

Same error here: https://github.com/rafalwrzeszcz-wrzasqpl/pl.wrzasq.commons/actions/runs/8180236032/job/22367854463

rafalwrzeszcz avatar Mar 06 '24 23:03 rafalwrzeszcz

Looks like self-hosted Windows and macOS machines require gpg to be installed.

Windows: choco install gnupg (requires GitHub runner service restart) macOS: brew install gnupg

nmoinvaz avatar Mar 09 '24 07:03 nmoinvaz

Looks like self-hosted Windows and macOS machines require gpg to be installed.

Windows: choco install gnupg (requires GitHub runner service restart) macOS: brew install gnupg

I'll add on to this in case there's a difference between runner environments. I'm using a self-hosted amazonlinux 2 based runner, which has gnupg installed, and I still get Error: Codecov: Error importing pgp key

ryanlambert-wk avatar Mar 11 '24 23:03 ryanlambert-wk

👍 same error here

MPJHorner avatar Mar 19 '24 09:03 MPJHorner

Something very similar started happening for us today. We've been running v4 since early february on Ubuntu a github hosted runner.

info - 2024-03-19 12:00:10,230 -- Process Upload complete
gpg: directory '/home/runner/.gnupg' created
gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
gpg: key 806BB28AED779869: public key "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1

gpg: Signature made Wed Feb 28 18:01:04 2024 UTC
gpg:                using RSA key 27034E7FDB8[50](https://github.com/xlent-norr/xxxxxx-xxxxx/actions/runs/8342524907/job/22830986264#step:11:51)E0BBC2C62FF806BB28AED779869
gpg: Good signature from "Codecov Uploader (Codecov Uploader Verification Key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2703 4E7F DB85 0E0B BC2C  62FF 806B B28A ED77 9869

Error: ENOENT: no such file or directory, open '/home/runner/work/_actions/codecov/codecov-action/v4/dist/codecov'

karl-sjogren avatar Mar 19 '24 12:03 karl-sjogren

I am running into this as well.

parsonsmatt avatar Mar 29 '24 22:03 parsonsmatt

Same thing, using GitHub hosted runners, macOS-12 and macOS-13. macOS-14 is fine.

brew install gnupg didn't solve it... and which gpg points to /usr/local/bin/gpg before and after installing gnupg, so that makes sense it didn't solve it.

Saw something similar when searching around, but I don't think that's the issue here as it's already installed... https://github.com/dlang-community/setup-dlang/commit/66261c5d1256f65ab63b0003e0bcd58def8750ef

ReenigneArcher avatar Apr 09 '24 21:04 ReenigneArcher

This should be fixed now as a result of https://github.com/codecov/codecov-action/pull/1426 in 4.5.0

thomasrockhu-codecov avatar Aug 02 '24 16:08 thomasrockhu-codecov