search

inspec / train-kubernetes

A Kubernetes plugin for use with Chef Inspec
Apache License 2.0
6 stars 1 forks source link

Cannot get train-kubernetes installed in a Docker image based on chef/inspec:4.41.2 #9

Open danking opened 1 year ago

danking commented 1 year ago

I have this Dockerfile:

FROM chef/inspec:4.41.2
RUN apt-get update && apt-get install -y make gcc g++
RUN ln -s /bin/mkdir /usr/bin/mkdir  # gem wants this for inexplicable reasons
RUN gem install inspec-bin -v 4.41.2 --no-document --quiet
RUN gem install train-kubernetes

WORKDIR /
RUN git clone https://github.com/GoogleCloudPlatform/inspec-gke-cis-benchmark.git
RUN cd inspec-gke-cis-benchmark && bundle install
RUN apt-get update && apt-get install -y jq curl python3
RUN curl https://sdk.cloud.google.com | bash
RUN ln -s /root/google-cloud-sdk/bin/gcloud /usr/bin/gcloud
ENV CHEF_LICENSE=accept
RUN gem uninstall excon -v 0.96.0
RUN inspec plugin install train-kubernetes
ENTRYPOINT []

Attempt 1

I build it with docker build -t chef-gke -f Dockerfile . in a directory with no other files. Every layer builds fine until I get to the inspec plugin install train-kubernetes. That fails with this error:

 => ERROR [12/13] RUN inspec plugin install train-kubernetes                                                                                                                             43.3s
------                                                                                                                                                                                         
 > [12/13] RUN inspec plugin install train-kubernetes:                                                                                                                                         
#15 14.64 +---------------------------------------------+                                                                                                                                      
#15 14.64 ✔ 1 product license accepted.                                                                                                                                                        
#15 14.64 +---------------------------------------------+
#15 43.17 Unknown error occured - installation failed.
#15 43.17 
------
executor failed running [/bin/sh -c inspec plugin install train-kubernetes]: exit code: 1

Attempt 2

I also tried with gem uninstall excon -v 0.85.0, which is the other version which is present. With that change to the Dockerfile, I get this error instead:

 => ERROR [12/13] RUN inspec plugin install train-kubernetes                                                                                                                              1.5s
------
 > [12/13] RUN inspec plugin install train-kubernetes:
#15 1.429 /opt/inspec/embedded/lib/ruby/2.7.0/rubygems/dependency.rb:313:in `to_specs': Could not find 'excon' (= 0.85.0) - did find: [excon-0.96.0] (Gem::MissingSpecVersionError)
#15 1.430 Checked in 'GEM_PATH=/root/.gem/ruby/2.7.0:/opt/inspec/embedded/lib/ruby/gems/2.7.0', execute `gem env` for more information
#15 1.430   from /opt/inspec/embedded/lib/ruby/2.7.0/rubygems/dependency.rb:323:in `to_spec'
#15 1.430   from /opt/inspec/embedded/lib/ruby/2.7.0/rubygems/core_ext/kernel_gem.rb:62:in `gem'
#15 1.430   from /opt/inspec/bin/inspec:107:in `<main>'
------

Attempt 3

I also tried building without gem uninstall excon at all:

FROM chef/inspec:4.41.2
RUN apt-get update && apt-get install -y make gcc g++
RUN ln -s /bin/mkdir /usr/bin/mkdir  # gem wants this for inexplicable reasons
RUN gem install inspec-bin -v 4.41.2 --no-document --quiet
RUN gem install train-kubernetes

WORKDIR /
RUN git clone https://github.com/GoogleCloudPlatform/inspec-gke-cis-benchmark.git
RUN cd inspec-gke-cis-benchmark && bundle install
RUN apt-get update && apt-get install -y jq curl python3
RUN curl https://sdk.cloud.google.com | bash
RUN ln -s /root/google-cloud-sdk/bin/gcloud /usr/bin/gcloud
ENV CHEF_LICENSE=accept
RUN inspec plugin install train-kubernetes
ENTRYPOINT []

This also fails with

 => ERROR [12/13] RUN inspec plugin install train-kubernetes                                                                                                                             43.3s
------                                                                                                                                                                                         
 > [12/13] RUN inspec plugin install train-kubernetes:                                                                                                                                         
#15 14.64 +---------------------------------------------+                                                                                                                                      
#15 14.64 ✔ 1 product license accepted.                                                                                                                                                        
#15 14.64 +---------------------------------------------+
#15 43.17 Unknown error occured - installation failed.
#15 43.17 
------
executor failed running [/bin/sh -c inspec plugin install train-kubernetes]: exit code: 1

Attempt 4

And one last try with as little extra noise as possible:

FROM chef/inspec:4.41.2
RUN apt-get update && apt-get install -y make gcc g++
RUN ln -s /bin/mkdir /usr/bin/mkdir  # gem wants this for inexplicable reasons
ENV CHEF_LICENSE=accept
RUN gem install train-kubernetes
RUN inspec plugin install train-kubernetes
ENTRYPOINT []

Same error:

 => ERROR [5/5] RUN inspec plugin install train-kubernetes                                                                                                                               35.6s 
------                                                                                                                                                                                         
 > [5/5] RUN inspec plugin install train-kubernetes:                                                                                                                                           
#8 13.43 +---------------------------------------------+                                                                                                                                       
#8 13.43 ✔ 1 product license accepted.                                                                                                                                                         
#8 13.43 +---------------------------------------------+                                                                                                                                       
#8 35.43 Unknown error occured - installation failed.
#8 35.43 
------
executor failed running [/bin/sh -c inspec plugin install train-kubernetes]: exit code: 1
danking commented 1 year ago

Ah, I also tried to install k8s-ruby, but version 0.10.4 doesn't appear to be in the ruby gems repo?

...
RUN gem install k8s-ruby -v 0.10.4
 => ERROR [4/6] RUN gem install k8s-ruby -v 0.10.4                                                                                                                                       23.9s
------                                                                                                                                                                                         
 > [4/6] RUN gem install k8s-ruby -v 0.10.4:
#7 2.338 ERROR:  Could not find a valid gem 'k8s-ruby' (= 0.10.4) in any repository
#7 23.87 ERROR:  Possible alternatives: k8s-ruby
------
executor failed running [/bin/sh -c gem install k8s-ruby -v 0.10.4]: exit code: 2