[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Authenticating maintenance.git
From: |
Ludovic Courtès |
Subject: |
Re: Authenticating maintenance.git |
Date: |
Tue, 29 Jun 2021 16:36:36 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hi,
Maxime Devos <maximedevos@telenet.be> skribis:
> Chris Marusich schreef op wo 23-06-2021 om 18:01 [-0700]:
>> Although I was now able to run the pre-push hook, it seems unaware of my
>> PGP key. I tried making the attached change to the README and testing a
>> push via "git push -n origin", and it complained about the signature:
>>
>> --8<---------------cut here---------------start------------->8---
>> $ git push -n origin
>> Authenticating commits 8a7e10b to 413b8f1 (1 new commits)...
>> [##############################################################################]guix
>> git: error: could not authenticate commit
>> 413b8f1c6d9ca2160d7aa8d80db181a6f39d3d82:
>> key CBF5 9755 CBE7 E7EF EF18 3FB1 DD40 9A15 D822 469D is missing
>> error: failed to push some refs to
>> 'git.savannah.gnu.org:/srv/git/guix/maintenance.git'
>> --8<---------------cut here---------------end--------------->8---
[...]
> The public key is in .guix-authorization
> (see
> https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/.guix-authorizations#n32).
> But is it on the keyring branch?
>
> It would appear it isn't. There is a marusich-D822469D.key, but
> that appears to be a different key (DD40 9A15 D822 469D).
> Perhaps you need to add your key to the keyring branch?
> IIUC, commits to the keyring branch are unauthenticated, so
> you could do that yourself. (It is secure because .guix-authorizations
> contains a whitelist of allowed key fingerprints.)
Oh, do you think I added Chris’ key to ‘.guix-authorizations’ but not to
the keyring branch? That would mean there were no commits with that key
in the history so far.
Thanks,
Ludo’.