ci: kill stale gpg-agent before wiping /root/.gnupg

`rm -rf /root/.gnupg` removes the homedir and its socket file but does not kill the gpg-agent process that was watching the original inode. The next gpg invocation on the fresh homedir then races a half-dead agent: `gpg --import-ownertrust` reports "can't connect to the gpg-agent: IPC connect call failed" and the import-key step exits non-zero under set -e, killing the job. Run 78 lmcp-any landed on this. The previous run's ffmpeg job spawned an agent at /root/.gnupg/S.gpg-agent and was still alive when lmcp-any prep ran. Add `gpgconf --homedir /root/.gnupg --kill all` immediately before each of the six `rm -rf /root/.gnupg /root/repo_pass` sites. `|| true` keeps the first-ever run's missing-agent case quiet.
2026-05-08 21:30:59 +00:00
parent c2e40dbf9a
commit 6738fabea0
1 changed files with 6 additions and 0 deletions
@@ -28,6 +28,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass
@@ -193,6 +194,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass
@@ -293,6 +295,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass
@@ -396,6 +399,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass
@@ -508,6 +512,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass
@@ -618,6 +623,7 @@ jobs:
          PASS: ${{ secrets.MARFRIT_REPO_PASSPHRASE }}
        run: |
          set -e
+          gpgconf --homedir /root/.gnupg --kill all 2>/dev/null || true
          rm -rf /root/.gnupg /root/repo_pass
          mkdir -m700 -p /root/.gnupg
          printf '%s' "$PASS" > /root/repo_pass