Cannot commit error: Load key "path": invalid format? - github

When I tried to commit my work I've this message :
error: Load key "/var/folders/97/8chxzhxs3n79g9b95510jwwr0000gn/T//.git_signing_key_tmp2JvaYk": invalid format?
fatal: failed to write commit object
Please can help me, I can't commit anything.
I see many topics about this with ssh-add and ss-agent but none works for my case...
I've tried to regenerate my ssh key with ssh-keygen. I've remove my id_rsa and id_rsa.pub to regenerate them.
Question : the message is -> error: Load key "/var/folders/97/8chxzhxs3n79g9b95510jwwr0000gn/T//.git_signing_key_tmp2JvaYk": invalid format?
But my key are located in ~/.ssh/id_rsa... I don't understand.

If your private key is passphrase-protected (meaning, encrypted), you would need to add your SSH key to an SSH agent.
Check also "Signing Git Commits with Your SSH Key" from Caleb Hearth.
Only then a git commit -S (signing the commit) would work.
Or you might have told Git about your SSH key:
git config --global gpg.format ssh
git config --global user.signingkey 'key::ssh-ed25519 AAAAC3(...) user#example.com'
Note that, with Git 2.40 (Q1 2023), the error message is improved when private key is not loaded in the SSH agent in the codepath to sign with an SSH key.
See commit dce7b31 (25 Jan 2023) by Adam Szkoda (adaszko).
(Merged by Junio C Hamano -- gitster -- in commit c7757b2, 03 Feb 2023)
ssh signing: better error message when key not in agent
Signed-off-by: Adam Szkoda
When signing a commit with a SSH key, with the private key missing from ssh-agent, a confusing error message is produced:
error: Load key
"/var/folders/t5/cscwwl_n3n1_8_5j_00x_3t40000gn/T//.git_signing_key_tmpkArSj7":
invalid format? fatal: failed to write commit object
The temporary file .git_signing_key_tmpkArSj7 created by Git contains a valid public key.
The error message comes from ssh-keygen -Y sign' and is caused by a fallback mechanism in ssh-keygenwhereby it tries to interpret.git_signing_key_tmpkArSj7` as a private key if it can't find in the agent.
A fix is scheduled to be released in OpenSSH 9.1.
All that needs to be done is to pass an additional backward-compatible option -U to 'ssh-keygen -Y sign' call.
With '-U', ssh-keygen always interprets the file as public key and expects to find the private key in the agent.
As a result, when the private key is missing from the agent, a more accurate error message gets produced:
error: Couldn't find key in agent

Related

GPG Check fails on CentOS Stream 9, but not on Fedora 35

I am having an issue with a lab server I am running using CentOS 9, when I'm trying to install Grafana, the GPG check fails. This is the output I get:
Importing GPG key 0x24098CB6:
Userid : "Grafana <info#grafana.com>"
Fingerprint: 4E40 DDF6 D76E 284A 4A67 80E4 8C8C 34C5 2409 8CB6
From : https://packages.grafana.com/gpg.key
Is this ok [y/N]: y
Key import failed (code 2). Failing package is: grafana-8.5.5-1.x86_64
GPG Keys are configured as: https://packages.grafana.com/gpg.key
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'dnf clean packages'.
Error: GPG check FAILED
When I try the same on my local Fedora 35 machine, I get this:
Importing GPG key 0x24098CB6:
Userid : "Grafana <info#grafana.com>"
Fingerprint: 4E40 DDF6 D76E 284A 4A67 80E4 8C8C 34C5 2409 8CB6
From : https://packages.grafana.com/gpg.key
Is this ok [y/N]: y
Key imported successfully
Running transaction check
The packages being downloaded are the same grafana-8.5.5-1.x86_64.rpm, I am using dnf for both installations, and the grafana.repo files are both the same:
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
I know I could just turn off the gpg checking, but I am not comfortable with a solution like that.
Any help resolving this would be greatly appreciated! Let me know if I should supply any more information.
I've quite recently swapped over to CentOS and Fedora, so I apologize if this has been resolved before, but I was unable to find it.
There has been some change with the default crypto policies in CentOS streams 9.
update-crypto-policies --set DEFAULT:SHA1
The packages need to be re-signed with a SHA256 or SHA521 key instead of SHA1.
Ref: https://access.redhat.com/articles/6846411

jenkins -github build issue

I have been facing issues while trying to build a project in jenkins which fetches the files from github .
Below is the error log i got :
p.s: for security reason i have removed the ssh url of git .I can able to clone from my locally but when im trying it from jenkins it fails . I have generated ssh key in linux server and its able to connect to github .Can anyone please help me on this
Building in workspace /var/lib/jenkins/jobs/tr-data-events-testing/workspace
> /usr/local/bin/git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> /usr/local/bin/git config remote.origin.url git#github.url---------git # timeout=10
Fetching upstream changes from git#github.url-----------s.git
> /usr/local/bin/git --version # timeout=10
using GIT_SSH to set credentials jenkins dxc key
> /usr/local/bin/git fetch --tags --progress git#----url--------------.git +refs/heads/*:refs/remotes/origin/*
ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from git#---url-------.git
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:766)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1022)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1053)
at hudson.scm.SCM.checkout(SCM.java:485)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1282)
at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:610)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:532)
at hudson.model.Run.execute(Run.java:1741)
at hudson.maven.MavenModuleSetBuild.run(MavenModuleSetBuild.java:529)
at hudson.model.ResourceController.execute(ResourceController.java:98)
at hudson.model.Executor.run(Executor.java:381)
Caused by: hudson.plugins.git.GitException: Command "/usr/local/bin/git fetch --tags --progress git#github.-------events.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout:
stderr: error: The requested URL returned error: 503 while accessing https://--url-----------/info/refs
fatal: HTTP request failed
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1693)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1441)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:62)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:313)
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:764)
... 11 more
ERROR: null
Started calculate disk usage of build
Finished Calculation of disk usage of build in 0 seconds
Started calculate disk usage of workspace
Finished Calculation of disk usage of workspace in 0 seconds
Finished: FAILURE
Help us localize this page
i resolved this issue by un setting the proxy in .gitconfig file . thank you for your answers
First, make sure Jenkins is running with the same user account you have created your ssh keys with.
It it does not, it would search for ~/.ssh/id_rsa in its own $HOME.
Second, to debug, you can launch Jenkins with this environment variable set first:
export GIT_SSH_COMMAND='ssh -Tv'
That way, any time it will try a git command involving ssh, you will see exactly where Jenkins/git tries to look for ssh keys, and what is the error.
Make sure you Git is recent enough to support this (Git 2.3+, Q4 2015).
But your logs show:
The requested URL returned error: 503 while accessing https://
So this has nothing to do with ssh. As mentioned, a proxy can interfere.

Jenkins Git Plugin

I am getting the below error when attempting a Jenkins build of a project from a GitHub repository for a poc. Jenkins is a local install and I am using the https address for git with thge username and password I use to login to GitHub. Can anyone offer me some pointers here as I am new to both Jenkins and GitHub
Building in workspace C:\Program Files (x86)\Jenkins\workspace\AdventureWorks2014 - 1. Build
Cloning the remote Git repository
Cloning repository https://github.com/h020905a/AdventureWorks2014.git
> git.exe init C:\Program Files (x86)\Jenkins\workspace\AdventureWorks2014 - 1. Build # timeout=10
Fetching upstream changes from https://github.com/h020905a/AdventureWorks2014.git
> git.exe --version # timeout=10
using GIT_ASKPASS to set credentials
> git.exe fetch --tags --progress https://github.com/h020905a/AdventureWorks2014.git +refs/heads/*:refs/remotes/origin/*
ERROR: Error cloning remote repo 'origin'
hudson.plugins.git.GitException: Error performing git command
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1793)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:1513)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$300(CliGitAPIImpl.java:64)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:315)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$2.execute(CliGitAPIImpl.java:512)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1057)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1097)
at hudson.scm.SCM.checkout(SCM.java:495)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1278)
at hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:604)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:86)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:529)
at hudson.model.Run.execute(Run.java:1728)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:98)
at hudson.model.Executor.run(Executor.java:404)
Caused by: org.jvnet.winp.WinpException: Failed to read RT_USER_PROCESS_PARAMETERS error=299 at envvar-cmdline.cpp:151
at org.jvnet.winp.Native.getCmdLineAndEnvVars(Native Method)
at org.jvnet.winp.WinProcess.parseCmdLineAndEnvVars(WinProcess.java:126)
at org.jvnet.winp.WinProcess.getCommandLine(WinProcess.java:102)
at hudson.util.ProcessTree$Windows$1.getArguments(ProcessTree.java:444)
at hudson.plugins.msbuild.MsBuildKillingVeto.vetoProcessKilling(MsBuildKillingVeto.java:56)
at hudson.util.ProcessTree$OSProcess.getVeto(ProcessTree.java:242)
at hudson.util.ProcessTree$Windows$1.killRecursively(ProcessTree.java:425)
at hudson.util.ProcessTree.killAll(ProcessTree.java:145)
at hudson.Proc$LocalProc.destroy(Proc.java:380)
at hudson.Proc$LocalProc.join(Proc.java:353)
at hudson.Proc.joinWithTimeout(Proc.java:166)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1780)
... 15 more
ERROR: null
Finished: FAILURE
If your github login password has special characters, then the issue you are facing might be similar to the issue described in this ticket:
https://issues.jenkins-ci.org/browse/JENKINS-38655
You can try getting your job to use JGit. Quoting from Mark Waite's answer in the above mentioned ticket:
"If you're not using TFS, but have special characters in the password of the specific user (like caret or ampersand or single quote or double quote), then this may be a duplicate of JENKINS-38194. The work around in that case may be to switch that job from using the command line git implementation to use the JGit implementation. The JGit implementation needs to be enabled globally first from "Manage Jenkins", "Global Tool Configuration", "Git", then there will be a pick list in each job which will allow you to choose whether that job should use command line git or JGit."
Resolved the issue by switching the branch in github to master and making the repo public.

Rex and identity files

I'm trying to configure a fi-ware cloud instance using Rex. What these instances (and probably other OpenStack-based systems) prove is a "identity file", a single private key that you can use to connect to them. I have been using variations of this:
user "root";
private_key "/home/jmerelo/.ssh/jj-iv.pem";
public_key "/home/one/public/key.dsa";
key_auth;
group fiware => "130.206.x.y";
desc "Install git";
task "git", group => "fiware", sub {
install "git";
};
where the private key is the one provided by fi-ware, and the public key is, well, whatever I thought of, or nothing.
If no public key is provided, error is
[2014-11-30 11:45:45] WARN - Error running task/batch: No public_key file defined. at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/Task.pm line 621.
at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/TaskList/Base.pm line 273.
which is quite obviously true. But if I try other public keys, error is:
[2014-11-30 11:48:37] WARN - Error running task/batch: Wrong username/password or wrong key on 130.206.127.211. Or root is not permitted to login over SSH. at /home/jmerelo/perl5/perlbrew/perls/perl-5.20.0/lib/site_perl/5.20.0/Rex/TaskList/Base.pm line 273.
Using
ssh -i ~/.ssh/jj-iv.pem root#130.206.x.y
connects correctly to the instance. So maybe the question is "Can Rex use a single private key to connect to a host?"
Finally, I generated a public key from the private key using, as suggested by the documentation,
$ sshkey-gen -y -f /path/to/your/private.key >public.key
and then using that public.key in the Rexfile

hudson.plugins.git.GitException: Could not fetch from any repository

I want to configure hudson+git and want to create a build. But I am getting following exception:
Started by user nitish
Checkout:workspace / /root/.hudson/jobs/NightlyGit/workspace - hudson.remoting.LocalChannel#dd7efd
Using strategy: Default
Checkout:workspace / /root/.hudson/jobs/NightlyGit/workspace - hudson.remoting.LocalChannel#dd7efd
Fetching changes from the remote Git repository
Fetching upstream changes from https://github.com/test/eng.git
ERROR: Problem fetching from origin / origin - could be unavailable. Continuing anyway
ERROR: (Underlying report) : Error performing command: /usr/bin/git fetch -t https://github.com/test/eng.git +refs/heads/nightly:refs/remotes/origin/nightly
Command "/usr/bin/git fetch -t https://github.com/test/engile.git +refs/heads/nightly:refs/remotes/origin/nightly" returned status code 128: error: The requested URL returned error: 401 while accessing https://github.com/test/eng.git/info/refs
fatal: HTTP request failed
ERROR: Could not fetch from any repository
FATAL: Could not fetch from any repository
hudson.plugins.git.GitException: Could not fetch from any repository
at hudson.plugins.git.GitSCM$3.invoke(GitSCM.java:887)
at hudson.plugins.git.GitSCM$3.invoke(GitSCM.java:845)
at hudson.FilePath.act(FilePath.java:758)
at hudson.FilePath.act(FilePath.java:740)
at hudson.plugins.git.GitSCM.gerRevisionToBuild(GitSCM.java:845)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:622)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1483)
at hudson.model.AbstractBuild$AbstractRunner.checkout(AbstractBuild.java:507)
at hudson.model.AbstractBuild$AbstractRunner.run(AbstractBuild.java:424)
at hudson.model.Run.run(Run.java:1366)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:145)
I am newbie to the git ,I dont know what is the exact problem is there any creadentials required while using git with hudson?. Right now I have created the hudson job and providing the git repository link but it throws above exception. can somebody help me to sort out this issue.
Try this:
Go to the job's "Configure" page.
Under Source Code Management → Git → Additional Behaviors, add a behavior "Wipe out repository & force clone":
Click on Save button.
Try to Build again.
I have created the SSH key on hudson server and added it to my github account that solved my issue.
Sometimes the permission of the workspace also can cause the same error.
sudo chown -R jenkins: <workspace>