Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error Signing Git Commits with Keyless Github OIDC #291

Open
santhoshinty opened this issue Apr 18, 2023 · 3 comments · Fixed by #292
Open

Error Signing Git Commits with Keyless Github OIDC #291

santhoshinty opened this issue Apr 18, 2023 · 3 comments · Fixed by #292
Labels
bug Something isn't working

Comments

@santhoshinty
Copy link

santhoshinty commented Apr 18, 2023

Description
I am experiencing an issue while using gitsign. I encountered the following error:
error: gpg failed to sign the data and
fatal: failed to write commit object.

To debug the issue, I tried to set the GITSIGN_LOG environment variable to log gitsign's output to a file called gitsign.log in my current working directory. I set the GITSIGN_LOG environment variable correctly and verified that it was set by running echo $GITSIGN_LOG in my terminal.

However, even after running gitsign again, the gitsign.log file was not created and I was unable to view its contents using the cat or ls commands.

I would like to know why the log file is not being created and how to resolve the original issue with gitsign. Any help or guidance would be greatly appreciated.

Version
v0.6.0

@santhoshinty santhoshinty added the bug Something isn't working label Apr 18, 2023
@wlynch wlynch reopened this Apr 18, 2023
@wlynch
Copy link
Member

wlynch commented Apr 18, 2023

Thanks for raising this!

Could you paste the full output of the command as well as the output of gitsign version? Were you running this in an environment with a TTY - e.g. locally on your machine or on automation/CI?

Looking at this made me realize we weren't closing io streams properly - #292 to fix.

However, if the log file is not being created at all then this likely means the running process doesn't have permissions to write the file you're trying to create, since the first thing we try to do is create the file if the env var is present. We would expect the file to still exist even if no content was being written to it. This error would unfortunately not be written out because Git consumes stdout/stderr, and we don't have a debug file to write to because we failed to create the debug file. 😅

Separately, today Gitsign will prefer writing a TTY over the log file if it's present. We can change this so it outputs to both, but just an FYI in if a TTY is present you're getting the same information.

@santhoshinty
Copy link
Author

santhoshinty commented Apr 19, 2023

Thank you for your response @wlynch. I am currently executing this command in my local Mac terminal. Please find below the complete output, which is identical to the previously shared output:

error: gpg failed to sign the data
fatal: failed to write commit object

Below is the output of gitsign version:

gitsign version v0.6.0
parsed config:
{
  "Fulcio": "https://fulcio.sigstore.dev",
  "FulcioRoot": "",
  "Rekor": "https://rekor.sigstore.dev",
  "ClientID": "sigstore",
  "RedirectURL": "",
  "Issuer": "https://oauth2.sigstore.dev/auth",
  "ConnectorID": "",
  "TimestampURL": "",
  "TimestampCert": "",
  "LogPath": "",
  "CommitterName": "<name>",
  "CommitterEmail": "<email@example.com>",
  "MatchCommitter": false
}

@ducthinh993
Copy link

ducthinh993 commented Sep 14, 2023

Hi @santhoshinty not sure if it could help. I experienced the same before. In my case, it was a misconfig in .gitconfig file

user.signingKey = ""

added by default. Let's remove them and you be able to sign using gitsign

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants