Thanks for the report! It looks like a recent update to pyca/cryptography v3.0 causes our test code (only) to break. I just filed an issue upstream, because I am not fully sure if the change was made intentionally: https://github.com/pyca/cryptography/issues/5373
If it was, I will update our test code. Cheers, Lukas On 03.08.2020 10:32 AM, Lucas Nussbaum wrote: > Source: in-toto > Version: 0.4.0-2 > Severity: serious > Justification: FTBFS on amd64 > Tags: bullseye sid ftbfs > Usertags: ftbfs-20200802 ftbfs-bullseye > > Hi, > > During a rebuild of all packages in sid, your package failed to build > on amd64. > > Relevant part (hopefully): >> make[1]: Entering directory '/<<PKGBUILDDIR>>' >> python3 tests/runtests.py >> gpg (GnuPG) 2.2.20 >> libgcrypt 1.8.6 >> Copyright (C) 2020 Free Software Foundation, Inc. >> License GPLv3+: GNU GPL version 3 or later >> <https://urldefense.proofpoint.com/v2/url?u=https-3A__gnu.org_licenses_gpl.html&d=DwIBaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=2YMLsMLCML1EOEAeVc1Mhx6J99vqRVHSnZUnatehIDg&m=DoOD8xFlVZmGKyAn9JKxzjiYHsiCPqe7GspXlCQo8OU&s=fSBJ8hIVCyfPpuKZwDWediuo_2vUHe7w3rKvCfdZQL0&e= >> > >> This is free software: you are free to change and redistribute it. >> There is NO WARRANTY, to the extent permitted by law. >> >> Home: /sbuild-nonexistent/.gnupg >> Supported algorithms: >> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA >> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, >> CAMELLIA128, CAMELLIA192, CAMELLIA256 >> Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 >> Compression: Uncompressed, ZIP, ZLIB, BZIP2 >> /<<PKGBUILDDIR>>/in_toto/gpg/functions.py:101: SyntaxWarning: "is not" with >> a literal. Did you mean "!="? >> if process.returncode is not 0: >> test_load_repr_string_as_json (tests.models.test_common.TestSignable) >> Test load string returned by `Signable.repr` as JSON ... ok >> test_set_run_from_string >> (tests.models.test_inspection.TestInspectionValidator) >> Test shelx parse command string to list. ... ok >> test_wrong_run (tests.models.test_inspection.TestInspectionValidator) >> Test that the run validators catch malformed values. ... ok >> test_wrong_type (tests.models.test_inspection.TestInspectionValidator) >> Test the type field within Validate(). ... ok >> test_functionary_keys (tests.models.test_layout.TestLayoutMethods) >> Test adding and listing functionary keys (securesystemslib and gpg). ... ok >> test_get_inspection_by_name (tests.models.test_layout.TestLayoutMethods) >> Test getting inspection by name. ... ok >> test_get_inspection_name_list (tests.models.test_layout.TestLayoutMethods) >> Test getting list of inspection names. ... ok >> test_get_step_by_name (tests.models.test_layout.TestLayoutMethods) >> Test getting step by name. ... ok >> test_get_step_name_list (tests.models.test_layout.TestLayoutMethods) >> Test getting list of step names. ... ok >> test_remove_inspection_by_name (tests.models.test_layout.TestLayoutMethods) >> Test removing inspection by name. ... ok >> test_remove_step_by_name (tests.models.test_layout.TestLayoutMethods) >> Test removing step by name. ... ok >> test_set_relative_expiration (tests.models.test_layout.TestLayoutMethods) >> Test adding expiration date relative from today. ... ok >> test_import_step_metadata_wrong_type >> (tests.models.test_layout.TestLayoutValidator) ... ok >> test_repeated_step_names (tests.models.test_layout.TestLayoutValidator) >> Check that only unique names exist in the steps and inspect lists ... ok >> test_validate_readme_field (tests.models.test_layout.TestLayoutValidator) >> Tests the readme field data type validator. ... ok >> test_wrong_expires (tests.models.test_layout.TestLayoutValidator) >> Test the expires field is properly populated. ... ok >> test_wrong_inspect_list (tests.models.test_layout.TestLayoutValidator) >> Check that the validate method checks the inspections' correctness. ... ok >> test_wrong_key_dictionary (tests.models.test_layout.TestLayoutValidator) >> Test that the keys dictionary is properly populated. ... ok >> test_wrong_pubkeys (tests.models.test_layout.TestLayoutValidator) >> Check validate pubkeys fails with wrong keys. ... ok >> test_wrong_steps_list (tests.models.test_layout.TestLayoutValidator) >> Check that the validate method checks the steps' correctness. ... ok >> test_wrong_type (tests.models.test_layout.TestLayoutValidator) >> Test that the type field is validated properly. ... ok >> test_validate_byproducts (tests.models.test_link.TestLinkValidator) >> Test `byproducts` field. Must be a `dict` ... ok >> test_validate_command (tests.models.test_link.TestLinkValidator) >> Test `command` field. Must be either a `list` ... ok >> test_validate_environment (tests.models.test_link.TestLinkValidator) >> Test `environment` field. Must be a `dict` ... ok >> test_validate_materials (tests.models.test_link.TestLinkValidator) >> Test `materials` field. Must be a `dict` of HASH_DICTs ... ok >> test_validate_products (tests.models.test_link.TestLinkValidator) >> Test `products` field. Must be a `dict` of HASH_DICTs ... ok >> test_validate_type (tests.models.test_link.TestLinkValidator) >> Test `_type` field. Must be "link" ... ok >> test_validate_signatures (tests.models.test_metadata.TestMetablockValidator) >> Test validate Metablock's 'signatures' property. ... ok >> test_validate_signed (tests.models.test_metadata.TestMetablockValidator) >> Test validate Metablock's 'signed' property. ... ok >> test_set_expected_command_from_string >> (tests.models.test_step.TestStepValidator) >> Test shelx parse command string to list. ... ok >> test_wrong_expected_command (tests.models.test_step.TestStepValidator) >> Test that the expected command validator catches malformed ones. ... ok >> test_wrong_pubkeys (tests.models.test_step.TestStepValidator) ... ok >> test_wrong_threshold (tests.models.test_step.TestStepValidator) >> Test that the threshold value is correctly checked. ... ok >> test_wrong_type (tests.models.test_step.TestStepValidator) >> Test the type field within Validate(). ... ok >> test_add_rule_from_string >> (tests.models.test_supply_chain_item.TestSupplyChainItem) >> Test that add_rule_from string methods set property correctly. ... ok >> test_repr (tests.models.test_supply_chain_item.TestSupplyChainItem) >> Test repr returns a JSON parseable string. ... ok >> test_wrong_expected_materials >> (tests.models.test_supply_chain_item.TestSupplyChainItem) >> Test that the material rule validators catch malformed ones. ... ok >> test_wrong_expected_products >> (tests.models.test_supply_chain_item.TestSupplyChainItem) >> Test that the product rule validators catch malformed values. ... ok >> test_assign_certified_key_info_errors (tests.test_gpg.TestCommon) >> Test _assign_certified_key_info errors with manually crafted data ... ok >> test_assign_certified_key_info_expiration (tests.test_gpg.TestCommon) >> Test assignment of key expiration date in ... ok >> test_get_pubkey_bundle_errors (tests.test_gpg.TestCommon) >> Pass wrong keyid with valid gpg data to trigger KeyNotFoundError. ... ok >> test_get_verified_subkeys (tests.test_gpg.TestCommon) >> Test correct assignment of subkey expiration date in ... ok >> test_get_verified_subkeys_errors (tests.test_gpg.TestCommon) >> Test _get_verified_subkeys errors with manually crafted data based on ... ok >> test_parse_pubkey_bundle (tests.test_gpg.TestCommon) >> Assert presence of packets expected returned from `parse_pubkey_bundle` ... >> ok >> test_parse_pubkey_bundle_errors (tests.test_gpg.TestCommon) >> Test parse_pubkey_bundle errors with manually crafted data partially ... ok >> test_parse_pubkey_payload_errors (tests.test_gpg.TestCommon) >> Test parse_pubkey_payload errors with manually crafted data. ... ok >> test_parse_signature_packet_errors (tests.test_gpg.TestCommon) >> Test parse_signature_packet errors with manually crafted data. ... ok >> test_gpg_export_pubkey (tests.test_gpg.TestGPGDSA) >> export a public key and make sure the parameters are the right ones: ... >> ERROR >> test_gpg_sign_and_verify_object (tests.test_gpg.TestGPGDSA) >> Create a signature using a specific key on the keyring ... ok >> test_gpg_sign_and_verify_object_with_default_key (tests.test_gpg.TestGPGDSA) >> Create a signature using the default key on the keyring ... ok >> test_gpg_export_pubkey (tests.test_gpg.TestGPGRSA) >> export a public key and make sure the parameters are the right ones: ... ok >> test_gpg_sign_and_verify_object (tests.test_gpg.TestGPGRSA) >> Create a signature using a specific key on the keyring ... ok >> test_gpg_sign_and_verify_object_default_keyring (tests.test_gpg.TestGPGRSA) >> Sign/verify using keyring from envvar. ... ok >> test_gpg_sign_and_verify_object_with_default_key (tests.test_gpg.TestGPGRSA) >> Create a signature using the default key on the keyring ... ok >> test_gpg_sign_object_with_expired_key (tests.test_gpg.TestGPGRSA) >> Test signing with expired key raises gpg CommandError. ... ok >> test_gpg_verify_signature_with_expired_key (tests.test_gpg.TestGPGRSA) >> Test sig verification with expired key raises KeyExpirationError. ... ok >> test_get_hashing_class (tests.test_gpg.TestUtil) ... ok >> test_parse_packet_header (tests.test_gpg.TestUtil) >> Test parse_packet_header with manually crafted data. ... ok >> test_parse_subpacket_header (tests.test_gpg.TestUtil) >> Test parse_subpacket_header with manually crafted data. ... ok >> test_version_utils_return_types (tests.test_gpg.TestUtil) >> Run dummy tests for coverage. ... ok >> test_create_and_import_encrypted_rsa >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> Create ecrypted RSA key and import private and public key separately. ... ok >> test_create_and_import_encrypted_rsa_nondefault_length >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) ... ok >> test_in_toto_keygen_generate_and_write_ed25519_keypair >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> in_toto_keygen_generate_and_write_ed25519_keypair run through. ... ok >> test_in_toto_keygen_generate_and_write_rsa_keypair >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> in_toto_keygen_generate_and_write_rsa_keypair run through. ... ok >> test_in_toto_keygen_prompt_generate_and_write_ed25519_keypair >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> in_toto_keygen_prompt_generate_and_write_ed25519_keypair run through. ... ok >> test_in_toto_keygen_prompt_generate_and_write_rsa_keypair >> (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> in_toto_keygen_prompt_generate_and_write_rsa_keypair run through. ... ok >> test_main_optional_args (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> Test CLI command keygen with optional arguments. ... ok >> test_main_required_args (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> Test in-toto-keygen CLI tool with required arguments. ... ok >> test_main_wrong_args (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> Test CLI command with missing arguments. ... ok >> test_prompt_password (tests.test_in_toto_keygen.TestInTotoKeyGenTool) >> Call password prompt. ... ok >> test_main_bad_cmd (tests.test_in_toto_mock.TestInTotoMockTool) >> Test CLI command with non-existing command. ... ok >> test_main_required_args (tests.test_in_toto_mock.TestInTotoMockTool) >> Test CLI command with required arguments. ... ok >> test_main_wrong_args (tests.test_in_toto_mock.TestInTotoMockTool) >> Test CLI command with missing arguments. ... ok >> test_glob_no_unfinished_files >> (tests.test_in_toto_record.TestInTotoRecordTool) >> Test record stop with missing unfinished files when globbing (gpg). ... ok >> test_glob_to_many_unfinished_files >> (tests.test_in_toto_record.TestInTotoRecordTool) >> Test record stop with to many unfinished files when globbing (gpg). ... ok >> test_missing_unfinished_link (tests.test_in_toto_record.TestInTotoRecordTool) >> Error exit with missing unfinished link file. ... ok >> test_no_key (tests.test_in_toto_record.TestInTotoRecordTool) >> Test if no key is specified, argparse error exists with 2 ... ok >> test_start_stop (tests.test_in_toto_record.TestInTotoRecordTool) >> Test CLI command record start/stop with various arguments. ... ok >> test_wrong_key (tests.test_in_toto_record.TestInTotoRecordTool) >> Test CLI command record with wrong key exits 1 ... ok >> test_main_no_command_arg (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with --no-command argument. ... ok >> test_main_optional_args (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with optional arguments. ... ok >> test_main_required_args (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with required arguments. ... ok >> test_main_with_default_gpg_key (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with default gpg key. ... ok >> test_main_with_encrypted_ed25519_key >> (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with encrypted ed25519 key. ... ok >> test_main_with_specified_gpg_key (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with specified gpg key. ... ok >> test_main_with_unencrypted_ed25519_key >> (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with ed25519 key. ... ok >> test_main_wrong_args (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with missing arguments. ... ok >> test_main_wrong_key_exits (tests.test_in_toto_run.TestInTotoRunTool) >> Test CLI command with wrong key argument, exits and logs error ... ok >> test_bad_args (tests.test_in_toto_sign.TestInTotoSignTool) >> Fail with wrong combination of arguments. ... ok >> test_bad_metadata (tests.test_in_toto_sign.TestInTotoSignTool) >> Fail with wrong metadata. ... ok >> test_fail_signing (tests.test_in_toto_sign.TestInTotoSignTool) >> Fail signing with an invalid key. ... ok >> test_fail_verification (tests.test_in_toto_sign.TestInTotoSignTool) >> Fail signature verification. ... ok >> test_sign_and_verify (tests.test_in_toto_sign.TestInTotoSignTool) >> Test signing and verifying Layout and Link metadata with ... ok >> test_main_failing_bad_layout_path >> (tests.test_in_toto_verify.TestInTotoVerifyTool) >> Test in-toto-verify CLI tool with bad layout path. ... ok >> test_main_link_dir (tests.test_in_toto_verify.TestInTotoVerifyTool) >> Test in-toto-verify CLI tool with explicit link dir. ... ok >> test_main_multiple_keys (tests.test_in_toto_verify.TestInTotoVerifyTool) >> Test in-toto-verify CLI tool with multiple keys. ... ok >> test_main_required_args (tests.test_in_toto_verify.TestInTotoVerifyTool) >> Test in-toto-verify CLI tool with required arguments. ... ok >> test_main_wrong_args (tests.test_in_toto_verify.TestInTotoVerifyTool) >> Test in-toto-verify CLI tool with wrong arguments. ... ok >> test_gpg_signed_layout_with_gpg_functionary_keys >> (tests.test_in_toto_verify.TestInTotoVerifyToolGPG) >> Successfully test demo supply chain where the layout lists gpg keys ... ok >> test_main_multiple_keys >> (tests.test_in_toto_verify.TestInTotoVerifyToolMixedKeys) >> Test in-toto-verify CLI tool with multiple keys. ... ok >> test_set_level_verbose_or_quiet (tests.test_log.TestInTotoLogger) >> Test set level convenience method. ... ok >> test_substitute (tests.test_param_substitution.Test_SubstituteArtifacts) >> Do a simple substitution on the expected_command field ... ok >> test_substitute_no_var >> (tests.test_param_substitution.Test_SubstituteArtifacts) >> Raise an error if the parameter is not filled-in ... ok >> test_substitute >> (tests.test_param_substitution.Test_SubstituteExpectedCommand) >> Do a simple substitution on the expected_command field ... ok >> test_substitute_no_var >> (tests.test_param_substitution.Test_SubstituteExpectedCommand) >> Raise an error if the parameter is not filled-in ... ok >> test_substitute (tests.test_param_substitution.Test_SubstituteOnVerify) >> Do a simple substitution on the expected_command field ... ok >> test_inspection_fail_with_non_zero_retval >> (tests.test_param_substitution.Test_SubstituteRunField) >> Check that the substitution raises TypeError if the key is missing ... ok >> test_substitute (tests.test_param_substitution.Test_SubstituteRunField) >> Check that the substitution is performed on the run field. ... ok >> test_run_duplicate_streams (tests.test_process.Test_Process) >> Test output as streams and as returned. ... ok >> test_run_duplicate_streams_arg_return_code (tests.test_process.Test_Process) >> Test command arg as string and list and return code. ... ok >> test_run_duplicate_streams_timeout (tests.test_process.Test_Process) >> Test raise TimeoutExpired. ... ok >> test_run_input_vs_stdin (tests.test_process.Test_Process) >> Test that stdin kwarg is only used if input kwarg is not supplied. ... ok >> test_pack_rule_wrong_types (tests.test_rulelib.TestArtifactRuleUnpack) >> Test argument validation for pack_rule. ... ok >> test_unpack_and_pack_generic_rule (tests.test_rulelib.TestArtifactRuleUnpack) >> Test generic rule proper packing and unpacking. ... ok >> test_unpack_and_pack_match_rule (tests.test_rulelib.TestArtifactRuleUnpack) >> Check match rule proper packing and unpacking. ... ok >> test_unpack_generic_rule_too_long (tests.test_rulelib.TestArtifactRuleUnpack) >> Test generic rule syntax error, too many arguments. ... ok >> test_unpack_match_rule_wrong_destination_type >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Check match rule syntax error, wrong destination type. ... ok >> test_unpack_match_rule_wrong_length >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Check match rule syntax error, too few or many arguments. ... ok >> test_unpack_match_rule_wrong_types >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Check match rule syntax error, wrong data type in variable arguments. ... ok >> test_unpack_rule_not_enough_keywords >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Test rule syntax error, too little arguments. ... ok >> test_unpack_rule_not_list (tests.test_rulelib.TestArtifactRuleUnpack) >> Test rule syntax error, not a list. ... ok >> test_unpack_rule_pattern_not_string >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Test rule syntax error, pattern not a string. ... ok >> test_unpack_rule_unknown_rule_type >> (tests.test_rulelib.TestArtifactRuleUnpack) >> Test generic rule syntax error, too many arguments. ... ok >> test_UNFINISHED_FILENAME_FORMAT (tests.test_runlib.TestInTotoRecordStart) >> Test if the unfinished filname format. ... ok >> test_create_unfininished_metadata_verify_signature >> (tests.test_runlib.TestInTotoRecordStart) >> Test record start creates metadata with expected signature. ... ok >> test_create_unfinished_metadata_with_expected_material >> (tests.test_runlib.TestInTotoRecordStart) >> Test record start creates metadata with expected material. ... ok >> test_no_key_arguments (tests.test_runlib.TestInTotoRecordStart) >> Test record start without passing one required key argument. ... ok >> test_create_metadata_verify_signature >> (tests.test_runlib.TestInTotoRecordStop) >> Test record start creates metadata with expected signature. ... ok >> test_create_metadata_with_expected_cwd >> (tests.test_runlib.TestInTotoRecordStop) >> Test record start/stop run, verify cwd. ... ok >> test_create_metadata_with_expected_product >> (tests.test_runlib.TestInTotoRecordStop) >> Test record stop records expected product. ... ok >> test_missing_unfinished_file (tests.test_runlib.TestInTotoRecordStop) >> Test record stop exits on missing unfinished file, no link recorded. ... ok >> test_no_key_arguments (tests.test_runlib.TestInTotoRecordStop) >> Test record stop without passing one required key argument. ... ok >> test_normalize_line_endings (tests.test_runlib.TestInTotoRecordStop) >> Test cross-platform line ending normalization. ... ok >> test_replace_unfinished_metadata (tests.test_runlib.TestInTotoRecordStop) >> Test record stop removes unfinished file and creates link file. ... ok >> test_wrong_signature_in_unfinished_metadata >> (tests.test_runlib.TestInTotoRecordStop) >> Test record stop exits on wrong signature, no link recorded. ... ok >> test_in_toto_bad_signing_key_format (tests.test_runlib.TestInTotoRun) >> Fail run, passed key is not properly formatted. ... ok >> test_in_toto_run_compare_dumped_with_returned_link >> (tests.test_runlib.TestInTotoRun) >> Successfully run, compare dumped link is equal to returned link. ... ok >> test_in_toto_run_no_signature (tests.test_runlib.TestInTotoRun) >> Successfully run, verify empty signature field. ... ok >> test_in_toto_run_verify_recorded_artifacts (tests.test_runlib.TestInTotoRun) >> Successfully run, verify properly recorded artifacts. ... ok >> test_in_toto_run_verify_signature (tests.test_runlib.TestInTotoRun) >> Successfully run, verify signed metadata. ... ok >> test_in_toto_run_verify_workdir (tests.test_runlib.TestInTotoRun) >> Successfully run, verify cwd. ... ok >> test_in_toto_run_with_byproduct (tests.test_runlib.TestInTotoRun) >> Successfully run, verify recorded byproduct. ... ok >> test_in_toto_run_without_byproduct (tests.test_runlib.TestInTotoRun) >> Successfully run, verify byproduct is not recorded. ... ok >> test_in_toto_wrong_key (tests.test_runlib.TestInTotoRun) >> Fail run, passed key is a public key. ... ok >> test_normalize_line_endings (tests.test_runlib.TestInTotoRun) >> Test cross-platform line ending normalization. ... ok >> test_bad_artifact_exclude_patterns_setting >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Raise exception with bogus artifact exclude patterns settings. ... ok >> test_bad_base_path_setting (tests.test_runlib.TestRecordArtifactsAsDict) >> Raise exception with bogus base path settings. ... ok >> test_base_path_is_child_dir (tests.test_runlib.TestRecordArtifactsAsDict) >> Test path of recorded artifacts and cd back with child as base. ... ok >> test_base_path_is_parent_dir (tests.test_runlib.TestRecordArtifactsAsDict) >> Test path of recorded artifacts and cd back with parent as base. ... ok >> test_empty_artifacts_list_record_nothing >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Empty list passed. Return empty dict. ... ok >> test_exclude_patterns (tests.test_runlib.TestRecordArtifactsAsDict) >> Test excluding artifacts using passed pattern or setting. ... ok >> test_hash_artifact_passing_algorithm >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Test _hash_artifact passing hash algorithm. ... ok >> test_lstrip_paths_invalid_prefix_directory >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_non_unique_key >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_non_unique_key_file >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_substring_prefix_directory >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_valid_prefix_directory >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_valid_prefix_file >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_lstrip_paths_valid_unicode_prefix_file >> (tests.test_runlib.TestRecordArtifactsAsDict) ... ok >> test_not_existing_artifacts_in_list_record_nothing >> (tests.test_runlib.TestRecordArtifactsAsDict) >> List with not existing artifact passed. Return empty dict. ... ok >> test_record_dot_check_files_hash_dict_schema >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Traverse dir and subdirs. Record three files. ... ok >> test_record_files_and_subdirs (tests.test_runlib.TestRecordArtifactsAsDict) >> Explicitly record files and subdirs. ... ok >> test_record_follow_symlinked_directories >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Record files in symlinked dirs if follow_symlink_dirs is True. ... ok >> test_record_symlinked_files (tests.test_runlib.TestRecordArtifactsAsDict) >> Symlinked files are always recorded. ... ok >> test_record_without_dead_symlinks >> (tests.test_runlib.TestRecordArtifactsAsDict) >> Dead symlinks are never recorded. ... ok >> test_apply_exclude_all (tests.test_runlib.Test_ApplyExcludePatterns) ... ok >> test_apply_exclude_explict (tests.test_runlib.Test_ApplyExcludePatterns) ... >> ok >> test_apply_exclude_multiple_star >> (tests.test_runlib.Test_ApplyExcludePatterns) ... ok >> test_apply_exclude_neg_seq (tests.test_runlib.Test_ApplyExcludePatterns) ... >> ok >> test_apply_exclude_question_mark >> (tests.test_runlib.Test_ApplyExcludePatterns) ... ok >> test_apply_exclude_seq (tests.test_runlib.Test_ApplyExcludePatterns) ... ok >> test_debug_not_true (tests.test_settings.TestSettings) >> in_toto.settings.DEBUG should not be commited with True. ... ok >> test_get_env (tests.test_user_settings.TestUserSettings) >> Test environment variables parsing, prefix and colon splitting. ... ok >> test_get_rc (tests.test_user_settings.TestUserSettings) >> Test rcfile parsing in CWD. ... ok >> test_set_settings (tests.test_user_settings.TestUserSettings) >> Test precedence of rc over env and whitelisting. ... ok >> test_create_and_import_ed25519 (tests.test_util.TestUtil) >> Create ed25519 key and import private and public key separately. ... ok >> test_create_and_import_encrypted_ed25519 (tests.test_util.TestUtil) >> Create encrypted ed25519 key and import private and public key ... ok >> test_create_and_import_encrypted_ed25519_no_password >> (tests.test_util.TestUtil) >> Try import encrypted ed25519 key without or wrong pw, raises ... ok >> test_create_and_import_encrypted_rsa (tests.test_util.TestUtil) >> Create ecrypted RSA key and import private and public key separately. ... ok >> test_create_and_import_encrypted_rsa_no_password (tests.test_util.TestUtil) >> Try import encrypted RSA key without or wrong pw, raises exception. ... ok >> test_create_and_import_rsa (tests.test_util.TestUtil) >> Create RS key and import private and public key separately. ... ok >> test_import_ed25519_public_keys_from_files_as_dict (tests.test_util.TestUtil) >> Create and import multiple Ed25519 public keys and return KEYDICT. ... ok >> test_import_gpg_public_keys_from_keyring_as_dict (tests.test_util.TestUtil) >> Import gpg public keys from keyring and return KEYDICT. ... ok >> test_import_non_existing_rsa (tests.test_util.TestUtil) >> Try import non-existing RSA key, raises exception. ... ok >> test_import_rsa_public_keys_from_files_as_dict (tests.test_util.TestUtil) >> Create and import multiple rsa public keys and return KEYDICT. ... ok >> test_import_rsa_wrong_format (tests.test_util.TestUtil) >> Try import wrongly formatted RSA key, raises exception. ... ok >> test_prompt_create_and_import_encrypted_rsa (tests.test_util.TestUtil) >> Create and import password encrypted RSA using prompt input. ... ok >> test_prompt_password (tests.test_util.TestUtil) >> Call password prompt. ... ok >> test_unrecognized_key_type (tests.test_util.TestUtil) >> Trigger UnsupportedKeyTypeError. ... ok >> test_get_summary_link_from_demo_layout >> (tests.test_verifylib.TestGetSummaryLink) >> Create summary link from demo link files and compare properties. ... ok >> test_verify_failing_bad_signature (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with bad layout signature. ... ok >> test_verify_failing_inspection_exits_non_zero >> (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with inspection returning non-zero. ... ok >> test_verify_failing_inspection_rules (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with failing inspection artifact rule. ... ok >> test_verify_failing_layout_expired (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with expired layout. ... ok >> test_verify_failing_link_metadata_files >> (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with link metadata files not found. ... ok >> test_verify_failing_step_rules (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with failing step artifact rule. ... ok >> test_verify_failing_wrong_key (tests.test_verifylib.TestInTotoVerify) >> Test fail verification with wrong layout key. ... ok >> test_verify_layout_signatures_fail_with_malformed_signature >> (tests.test_verifylib.TestInTotoVerify) >> Layout signature verification fails with malformed signatures. ... ok >> test_verify_layout_signatures_fail_with_no_keys >> (tests.test_verifylib.TestInTotoVerify) >> Layout signature verification fails when no keys are passed. ... ok >> test_verify_passing (tests.test_verifylib.TestInTotoVerify) >> Test pass verification of single-signed layout. ... ok >> test_verify_passing_double_signed_layout >> (tests.test_verifylib.TestInTotoVerify) >> Test pass verification of double-signed layout. ... ok >> test_verify_passing_empty_layout (tests.test_verifylib.TestInTotoVerify) >> Test pass verification of layout without steps or inspections. ... ok >> test_verify_multi_level_sublayout >> (tests.test_verifylib.TestInTotoVerifyMultiLevelSublayouts) ... ok >> test_threshold_constraints_fail_with_not_enough_links >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Fail with not enough links. ... ok >> test_threshold_constraints_fail_with_unequal_links >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Test that the links for a step recorded the same artifacts. ... ok >> test_threshold_constraints_pas_with_equal_links >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Pass threshold constraint verification with equal links. ... ok >> test_thresholds_fail_with_not_enough_valid_links >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Fail with not enough authorized links. ... ok >> test_thresholds_skip_links_with_failing_signature >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Ignore links with failing signatures. ... ok >> test_thresholds_skip_unauthorized_links >> (tests.test_verifylib.TestInTotoVerifyThresholds) >> Ignore links with unauthorized signatures. ... ok >> test_verify_link_signature_thresholds__M_M_M >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Normal scenario. ... ok >> test_verify_link_signature_thresholds__M_M_S__M_S_M__M_S_S >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Cannot sign with master key if subkey is present. ... ok >> test_verify_link_signature_thresholds__S_M_M >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Allowed trust delegation. ... ok >> test_verify_link_signature_thresholds__S_M_S >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Cannot associate keys. ... ok >> test_verify_link_signature_thresholds__S_S_M >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> No trust delegation and can find key in key store. ... ok >> test_verify_link_signature_thresholds__S_S_S >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Generalizes to normal scenario. ... ok >> test_verify_subkey_thresholds >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Subkeys of same main key count only once towards threshold. ... ok >> test_verify_thresholds_skip_expired_key >> (tests.test_verifylib.TestInTotoVerifyThresholdsGpgSubkeys) >> Verify that a link signed with an expired key is skipped. ... ok >> test_inpsection_artifacts_with_base_path_ignored >> (tests.test_verifylib.TestRunAllInspections) >> Create new dummy test dir and set as base path, must ignore. ... ok >> test_inspection_fail_with_non_zero_retval >> (tests.test_verifylib.TestRunAllInspections) >> Test fail run inspections with non-zero return value. ... ok >> test_verify_sublayout_match_rule >> (tests.test_verifylib.TestSublayoutVerificationMatchRule) ... ok >> test_pass_verify_all_inspection_rules >> (tests.test_verifylib.TestVerifyAllItemRules) >> Pass rule verification for dummy supply chain Inspections. ... ok >> test_pass_verify_all_step_rules (tests.test_verifylib.TestVerifyAllItemRules) >> Pass rule verification for dummy supply chain Steps. ... ok >> test_commands_align (tests.test_verifylib.TestVerifyCommandAlignment) >> Cmd and expected cmd are equal, passes. ... ok >> test_commands_do_not_align_at_all_log_warning >> (tests.test_verifylib.TestVerifyCommandAlignment) >> Cmd and expected cmd differ completely. ... ok >> test_commands_do_not_fully_align_log_warning >> (tests.test_verifylib.TestVerifyCommandAlignment) >> Cmd and expected cmd differ slightly. ... ok >> test_fail_disallow_not_consumed_artifacts >> (tests.test_verifylib.TestVerifyItemRules) >> Fail with not consumed artifacts and terminal DISALLOW. ... ok >> test_fail_wrong_source_type (tests.test_verifylib.TestVerifyItemRules) >> Fail with wrong source_type. ... ok >> test_pass_not_consumed_artifacts (tests.test_verifylib.TestVerifyItemRules) >> Pass with not consumed artifacts and implicit terminal ALLOW * ... ok >> test_pass_rules_with_each_rule_type >> (tests.test_verifylib.TestVerifyItemRules) >> Pass with list of rules of each rule type. ... ok >> test_verify_match_rule (tests.test_verifylib.TestVerifyMatchRule) ... ok >> test_verify_allow_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_allow_rule. ... ok >> test_verify_create_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_create_rule. ... ok >> test_verify_delete_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_delete_rule. ... ok >> test_verify_disallow_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_disallow_rule. ... ok >> test_verify_modify_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_modify_rule. ... ok >> test_verify_require_rule (tests.test_verifylib.TestVerifyRule) >> Test verifylib.verify_require_rule. ... ok >> test_verify_demo_as_sublayout (tests.test_verifylib.TestVerifySublayouts) >> Test super layout's passing sublayout verification. ... ok >> test_non_int_return_value (tests.test_verifylib.Test_RaiseOnBadRetval) >> Raise exception on non-int return value. ... ok >> test_non_zero_return_value (tests.test_verifylib.Test_RaiseOnBadRetval) >> Raise exception on non-zero return value. ... ok >> test_zero_return_value (tests.test_verifylib.Test_RaiseOnBadRetval) >> Don't raise exception on zero return value. ... ok >> >> ====================================================================== >> ERROR: test_gpg_export_pubkey (tests.test_gpg.TestGPGDSA) >> export a public key and make sure the parameters are the right ones: >> ---------------------------------------------------------------------- >> Traceback (most recent call last): >> File "/<<PKGBUILDDIR>>/tests/test_gpg.py", line 663, in >> test_gpg_export_pubkey >> ssh_key = serialization.load_ssh_public_key(keydata, >> File >> "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/ssh.py", >> line 655, in load_ssh_public_key >> public_key, data = kformat.load_public(key_type, data, backend) >> File >> "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/ssh.py", >> line 296, in load_public >> self._validate(public_numbers) >> File >> "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/ssh.py", >> line 333, in _validate >> raise ValueError("SSH supports only 1024 bit DSA keys") >> ValueError: SSH supports only 1024 bit DSA keys >> >> ---------------------------------------------------------------------- >> Ran 240 tests in 9.805s >> >> FAILED (errors=1) >> make[1]: *** [debian/rules:12: override_dh_auto_test] Error 1 > > The full build log is available from: > > https://urldefense.proofpoint.com/v2/url?u=http-3A__qa-2Dlogs.debian.net_2020_08_02_in-2Dtoto-5F0.4.0-2D2-5Funstable.log&d=DwIBaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=2YMLsMLCML1EOEAeVc1Mhx6J99vqRVHSnZUnatehIDg&m=DoOD8xFlVZmGKyAn9JKxzjiYHsiCPqe7GspXlCQo8OU&s=4SlRooRpLorYtFgAKTxF5bWZhQTX6yzM6wJ2WbqAsIo&e= > > > A list of current common problems and possible solutions is available at > https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.debian.org_qa.debian.org_FTBFS&d=DwIBaQ&c=slrrB7dE8n7gBJbeO0g-IQ&r=2YMLsMLCML1EOEAeVc1Mhx6J99vqRVHSnZUnatehIDg&m=DoOD8xFlVZmGKyAn9JKxzjiYHsiCPqe7GspXlCQo8OU&s=pVWIYuGY2AwrijwLcIBu4YEGpSwPkN8s3xq6B5cD2UY&e= > . You're welcome to contribute! > > About the archive rebuild: The rebuild was done on EC2 VM instances from > Amazon Web Services, using a clean, minimal and up-to-date chroot. Every > failed build was retried once to eliminate random failures. > -- lukas.puehrin...@nyu.edu PGP fingerprint: 8BA6 9B87 D43B E294 F23E 8120 89A2 AD3C 07D9 62E8
signature.asc
Description: OpenPGP digital signature
