p2 repository update failure #739
Replies: 2 comments
-
|
It sounds much like this: We don't actually exploit (so it's not well tested) but it's possible to specify In any case, this sounds like a problem where the artifact has a property for an associated PGP signature but that artifact does not have property for an associated PGP key nor does the repository have a property for the associated PGP key. Maybe that artifact is already in the installation making it kind of confusing because it's not being downloaded at all... |
Beta Was this translation helpful? Give feedback.
-
|
Please see https://help.eclipse.org/latest/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Fguide%2Fp2_pgp.html . For an installation of a PGP-signed artifact to be successful, the full PGP signer (for 8074478291308066379 here) key must be available to p2 at the time of installation. One of the available p2 repository must declare the key in the metadata (recommended), or the key must be declared at application level in one of the plugins using the https://help.eclipse.org/latest/topic/org.eclipse.platform.doc.isv/reference/extension-points/org_eclipse_equinox_p2_engine_pgp.html extension point. If the key is not accessible anywhere, the installation of PGP-signed artifact must fail, because the artifact cannot be authentified.
A note about it would be welcome in https://help.eclipse.org/latest/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Fguide%2Fp2_pgp.html ;) |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello devs,
I am working on a product, which is a client application starter. Server side is AIX and GUI is windows. We use migration scripts to migrate the application from one version to another. Here, in an old version of my application, I am using p2 repository version 2021-06, and in my target version of my application, p2 repository version 2023-03 is used. Now the difference here is obviously the p2 repository version, but 2021-06 p2 repo does not have any pgp signatures in its artifacts.xml file and 2023-03 does have pgp signatures in it. When I start the application after migration, technically it should update itself but the update gets stuck and it freezes. When I debugged it, the error was this: P2 update finished but not successful. Event result: Status ERROR: org.eclipse.equinox.p2.engine code=4 An error occurred while collecting items to be installed ... Public key not found for 8074478291308066379.
It says public key not found. Now, I updated the p2 repository to 2022-06 which was the first p2 version to use pgp signatures. And the error was gone and the application got successfully updated. I want to make sure that the older p2 repository was the issue because it did not have any pgp signatures.
If the old release does not have any signatures, why should it suddenly ask for signatures during an update to a newer version? That does not make sense. For years I have updated my private Eclipse version via p2 through all the changes (introduction of signatures, bundling the JRE with Eclipse) without problems. Only once I had to do something manually because they disabled http repositories by default. Though I do every update, so it might be that the situation is different if one jumps over four+ releases.
Can someone please help me here to confirm that not having the pgp signatures in the old p2 release was the actual root cause or was there anything else?
Thanks,
Amit Patil
Beta Was this translation helpful? Give feedback.
All reactions