Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fallback to IPv4 pool to fix keyserver receive failed in Travis CI builds #464

Closed
wants to merge 1 commit into from
Closed

Fallback to IPv4 pool to fix keyserver receive failed in Travis CI builds #464

wants to merge 1 commit into from

Conversation

rbreslow
Copy link

@rbreslow rbreslow commented Jul 6, 2018

Overview

Travis CI builds were failing, seemingly at random in azavea/docker-django#56. After further investigation, it turned out this was happening because IPv6 networking for Docker is disabled by default, and the SKS Keyservers high-availability pool contains some IPv6-only servers:

While working on docker-django, I referenced the Travis CI builds for this repository, and saw that many of them were failing as well.

This PR adds a conditional expression to fallback to the IPv4-only SKS pool if we get an IPv6 server from the high-availability pool.

Testing

See Travis CI build: https://travis-ci.com/rbreslow/postgres/builds/78322372

https://travis-ci.com/rbreslow/postgres/jobs/133223806:

+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
gpg: keybox '/tmp/tmp.xo4ImMRNSu/pubring.kbx' created
gpg: keyserver receive failed: Cannot assign requested address
+ gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
gpg: /tmp/tmp.xo4ImMRNSu/trustdb.gpg: trustdb created
gpg: key 036A9C25BF357DD4: public key "Tianon Gravi <tianon@tianon.xyz>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu
gpg: Signature made Wed Sep 28 22:22:56 2016 UTC
gpg:                using RSA key 036A9C25BF357DD4
gpg: Good signature from "Tianon Gravi <tianon@tianon.xyz>" [unknown]
gpg:                 aka "Tianon Gravi <tianon@debian.org>" [unknown]
gpg:                 aka "Tianon Gravi <tianon@dockerproject.org>" [unknown]
gpg:                 aka "Andrew Page (tianon) <andrew@infosiftr.com>" [unknown]
gpg:                 aka "Andrew Page (tianon) <andrew@vitalroute.com>" [unknown]
gpg:                 aka "Andrew Page (Tianon Gravi) <admwiggin@gmail.com>" [unknown]
gpg:                 aka "Tianon Gravi (Andrew Page) <tianon@infosiftr.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

@tianon
Copy link
Member

tianon commented Jul 9, 2018

docker-library/php#666 has been really successful over in PHP, so I'd much rather take that approach (especially since that's exactly what all the official build servers do now also).

@tianon
Copy link
Member

tianon commented Jul 25, 2018

#471 👍

@tianon tianon closed this Jul 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rbreslow @tianon