Fixes three distinct failures from CI deploy run #1424 and concurrent website update failures.
Play Store job: pip install google-auth requests fails on Ubuntu 24.04 with PEP 668. Fixed by using python3 -m venv for an isolated install.
SSH key error (APK, Linux, website jobs): All SSH/rsync steps fail with Load key "/root/.ssh/id_ed25519": error in libcrypto inside the Dagger Alpine 3.21 container. This is the first time these jobs actually ran (all previous deploy runs had every job skipped). Two fixes:
setup_dagger_remote.sh: export_secret was appending an extra trailing newline to values (like SSH private keys) that already end with \n. Now only adds one when needed.
ci/main.goDeployer: mounts the key at a .raw path, strips Windows-style CRLF endings with tr -d '\r', then writes the normalised key to id_ed25519. CRLF bytes cause "error in libcrypto" in Alpine's LibreSSL-backed openssh.
Test plan
Deploy run triggers after merge; all three deploy jobs complete
Play Store verification step passes
SSH commands in Alpine load the key without error in libcrypto
## Summary
Fixes three distinct failures from CI deploy run #1424 and concurrent website update failures.
- **Play Store job**: `pip install google-auth requests` fails on Ubuntu 24.04 with PEP 668. Fixed by using `python3 -m venv` for an isolated install.
- **SSH key error (APK, Linux, website jobs)**: All SSH/rsync steps fail with `Load key "/root/.ssh/id_ed25519": error in libcrypto` inside the Dagger Alpine 3.21 container. This is the first time these jobs actually ran (all previous deploy runs had every job skipped). Two fixes:
- `setup_dagger_remote.sh`: `export_secret` was appending an extra trailing newline to values (like SSH private keys) that already end with `\n`. Now only adds one when needed.
- `ci/main.go` `Deployer`: mounts the key at a `.raw` path, strips Windows-style CRLF endings with `tr -d '\r'`, then writes the normalised key to `id_ed25519`. CRLF bytes cause "error in libcrypto" in Alpine's LibreSSL-backed openssh.
## Test plan
- [ ] Deploy run triggers after merge; all three deploy jobs complete
- [ ] Play Store verification step passes
- [ ] SSH commands in Alpine load the key without `error in libcrypto`
Closes #366
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Summary
Fixes three distinct failures from CI deploy run #1424 and concurrent website update failures.
pip install google-auth requestsfails on Ubuntu 24.04 with PEP 668. Fixed by usingpython3 -m venvfor an isolated install.Load key "/root/.ssh/id_ed25519": error in libcryptoinside the Dagger Alpine 3.21 container. This is the first time these jobs actually ran (all previous deploy runs had every job skipped). Two fixes:setup_dagger_remote.sh:export_secretwas appending an extra trailing newline to values (like SSH private keys) that already end with\n. Now only adds one when needed.ci/main.goDeployer: mounts the key at a.rawpath, strips Windows-style CRLF endings withtr -d '\r', then writes the normalised key toid_ed25519. CRLF bytes cause "error in libcrypto" in Alpine's LibreSSL-backed openssh.Test plan
error in libcryptoCloses #366