Hello Matthias, On Sat 02 Jan 2021 at 07:04PM +01, Matthias Urlichs wrote:
> My subsequent command > > $ DGIT_DRS_EMAIL_NOREPLY=sm...@debian.org dgit-repos-server debian . > /usr/share/keyrings/debian-keyring.gpg,a --tag2upload > https://salsa.debian.org/smurf/knxd.git debian/0.14.41-1 > > resulted in a "push-to-upload failed" email that ends with > > dpkg-source: warning: extracting unsigned source package > (/tmp/fileX2LZaA/work/../bpd/knxd_0.14.41-1.dsc) > dpkg-source: info: extracting knxd in knxd-0.14.41 > dpkg-source: info: unpacking knxd_0.14.41.orig.tar.xz > dpkg-source: info: unpacking knxd_0.14.41-1.debian.tar.xz > ../bpd/knxd_0.14.41-1_source.changes already has appropriate .orig(s) (if any) > gpg: skipped "Matthias Urlichs<matth...@urlichs.de>": Unusable secret key > gpg: signing failed: Unusable secret key > dgit: failed command: gpg --detach-sign --armor -u 'Matthias > Urlichs<matth...@urlichs.de>'/tmp/fileX2LZaA/work/.git/dgit/tag.tmp > > dgit: error: subprocess failed with error exit status 2 > > which is strange because why would the server try to sign anything with > my personal key? It's trying to use your personal key because what you are using is a local demo of tag2upload. The real thing would have its own key with upload rights. Are you doing something to prevent tag2upload from making use of your personal key? -- Sean Whitton
