APK: Invalid tar files

[td94]

Hello, I'm trying to build pretty simple packages containing 2 small files and a simple post-install script. This is working fine on deb and rpm packages, but I get problems with apk files.

The resulting apk seems to be correct and, interestingly, can also be installed directly from file. However, when I try to host them on an Artifactory alpine repository, the same file cannot be installed (Error: BAD Signature)

Digging further into it and comparing it to "official" apk packages, it looks like fpm produces somehow invalid tar files. From my understanding, apk files are just gzipped tarballs and can be extracted via tar -xzf .apk - at least, this can be done on the official packages. When trying to extract an apk file built with fpm, however, I get an error tar: invalid tar header checksum.

[sigamecar]

Also being able to replicate the same exact issue I'm not sure if the issue is regarding to fpm making use of a old version of the apk tooling or what Yet, the same error can be observed when trying to push the resulting apk file to Gitea/Forgejo Package Repository(HTTP 500: invalid tar header)

[sigamecar]

Just to be sure about one thing, can you run tar --version? Some other issues suggests that Alpine makes use of the busybox version of tar, which might differ from the GNU tar version that fpm expects Maybe this could be the culprit?

[SteveOss]

Am seeing the same thing building on Alpine 3.19. If I try and examine the apk contents from the Artifactory UI I get an error:

Failed to get zip Input Stream: Failed to read Paxheader. Encountered a non-number while reading length

Installing gnu tar (v 1.35) does not help.