[
https://issues.apache.org/jira/browse/MGPG-92?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17893752#comment-17893752
]
Nick Dimiduk commented on MGPG-92:
----------------------------------
GPG appears to not permit the command line parameter {{--pinentry-mode}} when
connecting to the agent via the extra socket. I suggest that the GPG plugin not
hard-code this aspect of the command line. Maybe it exposes the command line
arguments as a configurable from the plugin config xml? Or maybe it can detect
which socket is in use and form its command line with this under consideration?
If you're interested to get started with hardware keys, this is a very thorough
reference: https://github.com/drduh/YubiKey-Guide
> `--pinentry-mode error` cannot be used with gpg-agent "extra" socket
> --------------------------------------------------------------------
>
> Key: MGPG-92
> URL: https://issues.apache.org/jira/browse/MGPG-92
> Project: Maven GPG Plugin
> Issue Type: Bug
> Reporter: Nick Dimiduk
> Priority: Major
>
> Over on HBASE-27312, we found an issue in our release automation, which
> relies on using this plugin and a GnuPG agent for performing builds inside of
> an isolated environment. With GPG version >= 2.1, the plugin will make use of
> {{--pinentry-mode error}}. This feature appears to not be available using the
> "extra" gpg-agent socket. We had to "upgrade" to using the "standard" socket,
> which probably exposes more gpg features to the isolated environment than we
> would like.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
