[
Date Prev][Date Next][
Thread Prev][Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [p2-dev] P2 repository update failure
|
Please ask questions here:
https://github.com/eclipse-equinox/p2/discussions
Your problem sounds more like an issue where the signature was present
but the key was not present. Some of the very early implementation
details for the PGP key support was a bit flawed with respect to how and
where the keys were maintained, i.e., originally only as a property on
the root of the repository. In the later versions we always stored both
the key and the signature on each artifact and ensured that
mirroring/downloading always transferred/copied these properties properly.
On 06.03.2025 05:40, Amit Patil via p2-dev wrote:
Hello devs,
I am working on a product, which is a client application starter.
Server side is AIX and GUI is windows. We use migration scripts to
migrate the application from one version to another.
Here, in version 20.4 of my application, I am using p2 repository
version 2021-06, and in version 21.4 of my application, p2 repository
version 2023-03 is used. Now the difference here is obviously the p2
repository, but 2021-06 p2 repo does not have any pgp signatures in
its artifacts.xml file and 2023-03 does have pgp signatures in it.
When I start the application, the update gets stuck and it freezes.
When I debugged it, the error was this: P2 update finished but not
successful. Event result: Status ERROR: org.eclipse.equinox.p2.engine
code=4 An error occurred while collecting items to be installed ...
Public key not found for 8074478291308066379.
It says public key not found. Now, I updated the p2 repository to
2022-06 which was the first p2 version to use pgp signatures. And the
error was gone and the application got successfully updated. I want to
make sure that the older p2 repository was the issue because it did
not have any pgp signatures.
If the old release does not have any signatures, why should it
suddenly ask for signatures during an update to a newer version? That
does not make sense. For years I have updated my private Eclipse
version via p2 through all the changes (introduction of signatures,
bundling the JRE with Eclipse) without problems. Only once I had to do
something manually because they disabled http repositories by default.
Though I do every update, so it might be that the situation is
different if one jumps over four+ releases.
Can someone please help me here to confirm that not having the pgp
signatures in the old p2 release was the actual root cause or was
there anything else?
Thanks,
Amit Patil
_______________________________________________
p2-dev mailing list
p2-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/p2-dev