diff options
| author | Scott Moser <smoser@ubuntu.com> | 2018-06-28 15:36:50 -0400 |
|---|---|---|
| committer | Scott Moser <smoser@brickies.net> | 2018-06-28 15:36:50 -0400 |
| commit | bb2cc5dde5f2c70c3a6b6c1c1834fa8780677038 (patch) | |
| tree | 415eaa12b1d1f2429420dc8ec6d930bd13fd0486 /tests/cloud_tests/testcases | |
| parent | c42a926ae730994f66fe87c264b65f6e4dca69a1 (diff) | |
| download | vyos-cloud-init-bb2cc5dde5f2c70c3a6b6c1c1834fa8780677038.tar.gz vyos-cloud-init-bb2cc5dde5f2c70c3a6b6c1c1834fa8780677038.zip | |
Retry on failed import of gpg receive keys.
When cloud-init tries to read a key from a keyserver, it will now
retry twice with 1 second in between each.
Retries of import are done by default because keyservers can be
unreliable. Additionally, there is no way to determine the difference
between a non-existant key and a failure. In both cases gpg (at least
2.2.4) exits with status 2 and stderr: "keyserver receive failed: No data"
It is assumed that a key provided to cloud-init exists on the keyserver so
re-trying makes better sense than failing.
Examples of things that made receive keys particularly unreliable:
https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
https://bitbucket.org/skskeyserver/sks-keyserver/issues/60
There is also a change here from 'gpg --recv' to the longer
'gpg --recv-keys'. That option is functional and working back to
centos 6 (gpg 2.0.14) and ubuntu 14.04 (gpg 1.4.16).
Diffstat (limited to 'tests/cloud_tests/testcases')
0 files changed, 0 insertions, 0 deletions