Giters

keithly / lambda-python-custom

Use Any Python Version on AWS Lambda

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

gpg --keyserver doesn't work with AL2023 minimal

keithly opened this issue · comments

commented

gpg: keyserver receive failed: No dirmngr
amazonlinux/amazon-linux-2023#243

Minimal AL2023 versions use microdnf, which doesn't have the suggested workarounds to easily install the full gpg.

I tried to use sigstore instead. https://www.python.org/download/sigstore/ says use the python tool, etc. Uh, but you're trying to build python, right? What if it doesn't exist?
I tried using sigstore cosign instead, but using
cosign verify-blob Python-${PYTHON_VERSION}.tar.xz --bundle Python-${PYTHON_VERSION}.tar.xz.sigstore --certificate-identity=thomas@python.org --certificate-oidc-issuer=https://accounts.google.com
I get

Error: bundle does not contain cert for verification, please provide public key
main.go:74: error during command execution: bundle does not contain cert for verification, please provide public key

I'm just going to get rid of the verification for now.

commented

I am facing the same issue. I need gnupg2-full to pgp decrypt the files in lambda but it is not letting me install this package because of conflicting dependencies.
The error I get is:
Problem: problem with installed package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64

  • package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from @System conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  • package gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  • package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  • conflicting requests
  • package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from @System conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux
  • package gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux
  • package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux

Since the os has minimal packages, I haven't been able to use dnf swap as well. dnf remove gnupg2-minimal also errors out with error:
error: Could not depsolve transaction; 1 problem detected:
Problem: package gpgme-1.15.1-6.amzn2023.0.3.x86_64 from @System requires gnupg2 >= 2.2.24, but none of the providers can be installed

  • conflicting requests
  • problem with installed package gpgme-1.15.1-6.amzn2023.0.3.x86_64

Any idea to get this working will be highly appreciated.