linode install failed gpg: keyserver refresh failed: General error

[colinhc]

TASK [gpg : Refresh the Streisand GPG keyring with keyserver information] ***************************************************
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (10 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (9 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (8 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (7 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (6 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (5 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (4 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (3 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (2 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (1 retries left).

fatal: [45.79.108.210]: FAILED! => {"attempts": 10, "changed": true, "cmd": ["gpg2", "--no-default-keyring", "--keyring", "/root/.gnupg/streisand/pubring.gpg", "--keyserver-options", "timeout=120", "--refresh"], "delta": "0:00:00.525127", "end": "2020-09-04 03:29:33.769627", "msg": "non-zero return code", "rc": 2, "start": "2020-09-04 03:29:33.244500", "stderr": "gpg: refreshing 10 keys from hkps://gpg.mozilla.org\ngpg: keyserver refresh failed: General error", "stderr_lines": ["gpg: refreshing 10 keys from hkps://gpg.mozilla.org", "gpg: keyserver refresh failed: General error"], "stdout": "", "stdout_lines": []}

Expected behavior:

No failure.

Actual Behavior:

The error happens in both interactive and non-interactive install.

Steps to Reproduce:

1. Select Linode
2. Select any DC.

Additional Details:

Log output from Ansible or other relevant services (link to Gist for longer output):

*Target Cloud Provider: Linode

*Operating System of target host: Ubunutu 16.04 LTS

*Operating System of client: Ubunutu

*Version of Ansible, using ansible --version : 2.8.4

*Output from git rev-parse HEAD in your Streisand directory :

[colinhc]

One work around is to add --keyserver keyserver.ubuntu.com to
https://github.com/StreisandEffect/streisand/blob/master/playbooks/roles/gpg/tasks/main.yml#L79

[Longonot]

One work around is to add --keyserver keyserver.ubuntu.com to
https://github.com/StreisandEffect/streisand/blob/master/playbooks/roles/gpg/tasks/main.yml#L79

Where exactly?

[dspaxton]

Tried this and it hung indefinitely.

[Longonot]

Tried this and it hung indefinitely.

Me too.... am awaiting @colinhc 's reply for details.

[naveensaigit]

Any workaround for this yet?

[Longonot]

Any workaround for this yet?

Root issue seems to be a general flaw with OpenGPG as a system. What is an alternative?

[naveensaigit]

Change line 88 to when:False
https://github.com/StreisandEffect/streisand/blob/master/playbooks/roles/gpg/tasks/main.yml#L88

Also, you might get a OpenVPN error. Refer to #1808 for more info

[jkeychan]

That worked for me. It was this line:

# NOTE(@cpu): We skip the keyring refresh in CI so that when the static keys
# in the repo become too stale to be used without successsful refresh the
# maintainers will notice failed builds and fix them by refreshing their own
# keyrings and updating the static repo keys until the build passes again.
when: not streisand_ci

changed the last one to:

when: False

Then I was able to re-run the Linode setup and it ignored the GPG key check as a workaround.