Closed leongross closed 1 year ago
EDIT: Running this in an Ubuntu 22.04
virtual machine with
$ podman version
Version: 3.4.4
API Version: 3.4.4
Go Version: go1.17.3
Built: Thu Jan 1 01:00:00 1970
OS/Arch: linux/amd64
produces the same error as docker.
Sounds like the issue is that the image we produce does not have alpine-keys
in it.
Yes, this was the case. I checked again and the current image seems to be fine. Although I couldn't figure out what happened there, do you have an answer to that?
Since we use the image in our build pipeline I would like to know where this issue came from to fix it if this happens again.
It was a regression from when we converted the image to use Wolfi. We added the missing alpine-keys package.
The next version of apko will automatically download the necessary keys from Alpine when Alpine mirrors are configured. Sorry for the inconvenience.
Thanks for finding up and fixing the error :+1:
Running the example from the documentation fails when using docker.
Running the build using
docker
fails:Since it seems the error occurs for the
x86_64
architecture, I tried it with another architecture (aarch64
) creates a similar issue (full log in appendix):Looking for the directory
/usr/share/apk/keys/x86_64/
in the file system of the container, I could find out that the named path is not a directoy but a file, containing a public key, although this directory should contain multiple public keys. This is also excpected in the code but apparently prior to that this file is created.EDIT After some research I found an image that works as expected (image ID:
sha256:61aa9cec802d5e9144eb966eea625448c993f8f9099d5bbf0aec00ee07ab3bd1
) Using either docker or podman yields the wanted result.Inspecting the image shows, that the keys are at the correct positions of the file system.
Comparing this to to images such as
cgr.dev/chainguard/alpine-base
reveals, that this image is shipped without the standard keys but with these hard coded keys with the names of the directories.Running using
podman
works:docker version:
podman version