crw
commented
1 year ago Thanks for this report. Do you also experience this issue in the 1.3.7 image?
Open craigmiskell-gitlab opened 1 year ago
crw
commented
1 year ago Thanks for this report. Do you also experience this issue in the 1.3.7 image?
craigmiskell-gitlab
commented
1 year ago Thanks for this report. Do you also experience this issue in the
1.3.7image?
I do not; that version works fine.
b-quentin
commented
1 year ago Curl version does not match with libcurl.
curl --version
curl 7.87.0 (x86_64-alpine-linux-musl) libcurl/7.86.0 OpenSSL/3.0.7 zlib/1.2.13 brotli/1.0.9 nghttp2/1.51.0
apk upgrade
(1/7) Upgrading ca-certificates-bundle (20220614-r2 -> 20220614-r3)
(2/7) Upgrading libcrypto3 (3.0.7-r0 -> 3.0.7-r2)
(3/7) Upgrading libssl3 (3.0.7-r0 -> 3.0.7-r2)
(4/7) Upgrading ca-certificates (20220614-r2 -> 20220614-r3)
(5/7) Upgrading libcurl (7.86.0-r1 -> 7.87.0-r0)
(6/7) Upgrading pcre2 (10.40-r0 -> 10.42-r0)
(7/7) Upgrading git (2.38.1-r0 -> 2.38.2-r0)
Executing busybox-1.35.0-r29.trigger
Executing ca-certificates-20220614-r3.trigger
OK: 23 MiB in 33 packagesSo you have the versions that are in agreement
curl --version
curl 7.87.0 (x86_64-alpine-linux-musl) libcurl/7.87.0 OpenSSL/3.0.7 zlib/1.2.13 brotli/1.0.9 nghttp2/1.51.0
Release-Date: 2022-12-21
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL threadsafe TLS-SRP UnixSocketsAnd test:
curl www.google.comTwo solutions are possible: rebuild the image, or modify the Dockerfile as follows:
FROM docker.mirror.hashicorp.services/golang:alpine
LABEL maintainer="HashiCorp Terraform Team <terraform@hashicorp.com>"
RUN apk update && \
apk upgrade && \
apk add --no-cache git bash openssh
ENV TF_DEV=true
ENV TF_RELEASE=1
WORKDIR $GOPATH/src/github.com/hashicorp/terraform
COPY . .
RUN /bin/bash ./scripts/build.sh
WORKDIR $GOPATH
ENTRYPOINT ["terraform"]
rnelson0
commented
1 year ago FYI this issue arose on hashicorp/terraform:1.3.3 sometime between 4/9 and 4/26 of this year, when it started serving curl 8.0.1-r0 but libcurl 7.88.1. On 4/9 it was still serving curl 7.83.1-r6.
curl 8.0.1 (x86_64-alpine-linux-musl) libcurl/7.83.1 OpenSSL/1.1.1q zlib/1.2.12 brotli/1.0.9 nghttp2/1.47.0 Release-Date: 2023-03-20 Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets WARNING: curl and libcurl versions do not match. Functionality may be affected.When this started happening, curl would output null regardless of the destination; only curl -V output any non-empty string.
Moving to hashicorp/terraform:1.4.5 resolved the issue for us, though fair warning it still has a mismatch, just not one that breaks curl's basic functionality:
curl 8.0.1 (x86_64-alpine-linux-musl) libcurl/7.88.1 OpenSSL/3.0.8 zlib/1.2.13 brotli/1.0.9 nghttp2/1.51.0 Release-Date: 2023-03-20 Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL threadsafe TLS-SRP UnixSockets WARNING: curl and libcurl versions do not match. Functionality may be affected.
Terraform Version
Terraform Configuration Files
N/A
Debug Output
The warning is important. Compared to say 1.3.5:
Expected Behavior
Adding curl and using it in the terraform 1.3.6 image should work (e.g. to add tflint)
Actual Behavior
curl fails, in an obscure way.
Steps to Reproduce
Additional Context
Probably just needs a rebuild of 1.3.6 from the upstream alpine 3.17 so that the libcurl (that gets installed by https://github.com/hashicorp/terraform/blob/main/Dockerfile#L13) is up to date with what apk will later add.
References
No response