release-plz and it's tests hangs indefinitely if automatic signing of tags is configured
zvolin opened this issue · comments
Bug description
release-plz release
as well as cargo test
hangs if someone has enabled automatic signing of tags.
From what I see release-plz
tries to create lightweight tags. If someone has automatic signing, then git will try to create an annotated tag instead and the git_cmd
will hang waiting for the tag's message. Git itself advertises lightweight tags as only to be used locally during the development and to use the annotated tags everywhere else, so it might not be bad idea to just slap there some message like: 'release {tag-name}' and have the annotated tag instead?
From git help tag
:
Tag objects (created with -a, -s, or -u) are called "annotated" tags; they contain a creation date, the tagger name and e-mail, a tagging message, and an optional GnuPG signature.
Whereas a "lightweight" tag is simply a name for an object (usually a commit object).
Also adding -m
implies -a
so bare -m "message"
would work.
- Would you like to work on a fix? [y]
To Reproduce
add following to the ~.gitconfig
[user]
...
signingkey = SIGNINGKEY
[tag]
gpgSign = true
Expected behavior
The tag should be created.
Environment
- OS: archlinux 6.6.10-zen
- release-plz version: 0.3.39
Hey 👋 sorry for the delay on this, but I can't reproduce it on my mac.
However, the release command has some issues for sure because it's hanging as well for me, but it's not related to the git tag I think 🤔
Are you able to reproduce it in a docker container?
Btw I don't remember why I'm using lightweight tags. We can move to the annotated ones if it's a best practice. But we need to make sure that they work in the same way in github actions.
I remember I has some issues in the past with GitHub actions tags, so if we do this change we need to test it very carefully.
so if you make a Dockerfile
with this content:
FROM rust:latest
RUN git clone https://github.com/MarcoIeni/release-plz
WORKDIR /release-plz
# Generate a GPG key
RUN gpg --batch --gen-key <<EOF
Key-Type: 1
Key-Length: 2048
Subkey-Type: 1
Subkey-Length: 2048
Name-Real: example
Name-Email: example@example.com
Expire-Date: 0
%no-protection
EOF
# Create a .gitconfig with signing tags
RUN cat <<EOF > /root/.gitconfig
[user]
name = example
email = example@example.com
signingkey = $(gpg --list-secret-keys --keyid-format=long | awk -F' +|/' '/sec/ {print $3}')
[commit]
gpgSign = true
[tag]
gpgSign = true
EOF
# try to run the release plz test
CMD ["cargo", "test", "-p", "git_cmd", "--", "existing_tag_is_recognized"]
You can see a reproduction:
docker buildx build . -t signing-test
docker run signing-test
running 2 tests
test tests::non_existing_tag_is_recognized ... FAILED
test tests::existing_tag_is_recognized ... FAILED
failures:
---- tests::non_existing_tag_is_recognized stdout ----
thread 'tests::non_existing_tag_is_recognized' panicked at crates/git_cmd/src/lib.rs:467:28:
called `Result::unwrap()` on an `Err` value: error while running git with args `["tag", "v1.0.0"]:
- stderr: error: Terminal is dumb, but EDITOR unset
Please supply the message using either -m or -F option.
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
---- tests::existing_tag_is_recognized stdout ----
thread 'tests::existing_tag_is_recognized' panicked at crates/git_cmd/src/lib.rs:453:27:
called `Result::unwrap()` on an `Err` value: error while running git with args `["tag", "v1.0.0"]:
- stderr: error: Terminal is dumb, but EDITOR unset
Please supply the message using either -m or -F option.
failures:
tests::existing_tag_is_recognized
tests::non_existing_tag_is_recognized
test result: FAILED. 0 passed; 2 failed; 0 ignored; 0 measured; 6 filtered out; finished in 0.11s
error: test failed, to rerun pass `-p git_cmd --lib`
here it doesn't hang as we're just executing the image. You can reproduce hanging by running
docker run -it --rm signing-test bash
apt update -y && apt install vim -y
EDITOR=vim cargo test -p git_cmd -- existing_tag
you can add the following before the CMD
in the Dockerfile
above to resolve the issue in reproduction
RUN sed -i 's/"tag", name/"tag", "-m", "anything", name/' crates/git_cmd/src/lib.rs
It's not that this is big of an issue, I just have to remember to disable the signing when working on a release-plz itself 😅 but if you agree I can open a PR with fix
oh, I see why I wasn't able to reproduce your issue.
I only had this in my config:
[commit]
gpgsign = true
but I missed
[tag]
gpgsign = true
Yeah, please open the PR to fix this and I will test it 👍