search

revomatico / docker-kong-oidc

Kong + OIDC plugins
Apache License 2.0
113 stars 44 forks source link

Getting exit code 6 since last 3-4 days #25

Closed githugt closed 1 year ago

githugt commented 2 years ago

Here's the docker file that I'm running. (Only difference should be the kong.yml COPY command and the session_secret.

FROM kong/kong:2.5.1

USER root

LABEL authors="Rami Abusereya <rami.abusereya@revomatico.com>,Cristian Chiru <cristian.chiru@revomatico.com>"

ENV PACKAGES="openssl-devel kernel-headers gcc git openssh" \
    LUA_BASE_DIR="/usr/local/share/lua/5.1" \
    KONG_OIDC_VER="1.2.3-2" \
    LUA_RESTY_OIDC_VER="1.7.4-1" \
    KONG_PLUGIN_SESSION_VER="2.4.5" \
    NGX_DISTRIBUTED_SHM_VER="1.0.2"

COPY kong.yml /

RUN set -ex \
  && apk --no-cache add \
    libssl1.1 \
    openssl \
    curl \
    unzip \
    git \
  && apk --no-cache add --virtual .build-dependencies \
    make \
    gcc \
    openssl-dev \
  \
## Install plugins
 # Download ngx-distributed-shm dshm library
    && curl -sL https://raw.githubusercontent.com/grrolland/ngx-distributed-shm/${NGX_DISTRIBUTED_SHM_VER}/lua/dshm.lua > ${LUA_BASE_DIR}/resty/dshm.lua \
 # Remove old lua-resty-session and dependent kong-plugin-session
    && luarocks remove --force kong-plugin-session \
    && luarocks remove --force lua-resty-session \
 # Add Pluggable Compressors dependencies
    && luarocks install lua-ffi-zlib \
    && luarocks install penlight \
 # Build kong-plugin-session
    && curl -sL https://raw.githubusercontent.com/Kong/kong-plugin-session/${KONG_PLUGIN_SESSION_VER}/kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec | tee kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec \
    && luarocks build kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec \
 # Build kong-oidc from forked repo because is not keeping up with lua-resty-openidc
    && curl -sL https://raw.githubusercontent.com/revomatico/kong-oidc/master/kong-oidc-${KONG_OIDC_VER}.rockspec | tee kong-oidc-${KONG_OIDC_VER}.rockspec | \
        sed -E -e 's/(tag =)[^,]+/\1 "master"/' -e "s/(lua-resty-openidc ~>)[^\"]+/\1 ${LUA_RESTY_OIDC_VER}/" > kong-oidc-${KONG_OIDC_VER}.rockspec \
    && luarocks build kong-oidc-${KONG_OIDC_VER}.rockspec \
 # Patch nginx_kong.lua for kong-oidc session_secret
    && TPL=${LUA_BASE_DIR}/kong/templates/nginx_kong.lua \
    # May cause side effects when using another nginx under this kong, unless set to the same value
    && sed -i "/server_name kong;/a\ \n\
set_decode_base64 \$session_secret \${{X_SESSION_SECRET}};\n" "$TPL" \
 # Patch nginx_kong.lua to set dictionaries
    && sed -i -E '/^lua_shared_dict kong\s+.+$/i\ \n\
variables_hash_max_size 2048;\n\
lua_shared_dict discovery \${{X_OIDC_CACHE_DISCOVERY_SIZE}};\n\
lua_shared_dict jwks \${{X_OIDC_CACHE_JWKS_SIZE}};\n\
lua_shared_dict introspection \${{X_OIDC_CACHE_INTROSPECTION_SIZE}};\n\
> if x_session_storage == "shm" then\n\
lua_shared_dict \${{X_SESSION_SHM_STORE}} \${{X_SESSION_SHM_STORE_SIZE}};\n\
> end\n\
' "$TPL" \
 # Patch nginx_kong.lua to add for memcached sessions
    && sed -i "/server_name kong;/a\ \n\
    ## Session:
    set \$session_storage \${{X_SESSION_STORAGE}};\n\
    set \$session_name \${{X_SESSION_NAME}};\n\
    set \$session_compressor \${{X_SESSION_COMPRESSOR}};\n\
    ## Session: Memcached specific
    set \$session_memcache_connect_timeout \${{X_SESSION_MEMCACHE_CONNECT_TIMEOUT}};\n\
    set \$session_memcache_send_timeout \${{X_SESSION_MEMCACHE_SEND_TIMEOUT}};\n\
    set \$session_memcache_read_timeout \${{X_SESSION_MEMCACHE_READ_TIMEOUT}};\n\
    set \$session_memcache_prefix \${{X_SESSION_MEMCACHE_PREFIX}};\n\
    set \$session_memcache_host \${{X_SESSION_MEMCACHE_HOST}};\n\
    set \$session_memcache_port \${{X_SESSION_MEMCACHE_PORT}};\n\
    set \$session_memcache_uselocking \${{X_SESSION_MEMCACHE_USELOCKING}};\n\
    set \$session_memcache_spinlockwait \${{X_SESSION_MEMCACHE_SPINLOCKWAIT}};\n\
    set \$session_memcache_maxlockwait \${{X_SESSION_MEMCACHE_MAXLOCKWAIT}};\n\
    set \$session_memcache_pool_timeout \${{X_SESSION_MEMCACHE_POOL_TIMEOUT}};\n\
    set \$session_memcache_pool_size \${{X_SESSION_MEMCACHE_POOL_SIZE}};\n\
    ## Session: DHSM specific
    set \$session_dshm_region \${{X_SESSION_DSHM_REGION}};\n\
    set \$session_dshm_connect_timeout \${{X_SESSION_DSHM_CONNECT_TIMEOUT}};\n\
    set \$session_dshm_send_timeout \${{X_SESSION_DSHM_SEND_TIMEOUT}};\n\
    set \$session_dshm_read_timeout \${{X_SESSION_DSHM_READ_TIMEOUT}};\n\
    set \$session_dshm_host \${{X_SESSION_DSHM_HOST}};\n\
    set \$session_dshm_port \${{X_SESSION_DSHM_PORT}};\n\
    set \$session_dshm_pool_name \${{X_SESSION_DSHM_POOL_NAME}};\n\
    set \$session_dshm_pool_timeout \${{X_SESSION_DSHM_POOL_TIMEOUT}};\n\
    set \$session_dshm_pool_size \${{X_SESSION_DSHM_POOL_SIZE}};\n\
    set \$session_dshm_pool_backlog \${{X_SESSION_DSHM_POOL_BACKLOG}};\n\
    ## Session: SHM Specific
    set \$session_shm_store \${{X_SESSION_SHM_STORE}};\n\
    set \$session_shm_uselocking \${{X_SESSION_SHM_USELOCKING}};\n\
    set \$session_shm_lock_exptime \${{X_SESSION_SHM_LOCK_EXPTIME}};\n\
    set \$session_shm_lock_timeout \${{X_SESSION_SHM_LOCK_TIMEOUT}};\n\
    set \$session_shm_lock_step \${{X_SESSION_SHM_LOCK_STEP}};\n\
    set \$session_shm_lock_ratio \${{X_SESSION_SHM_LOCK_RATIO}};\n\
    set \$session_shm_lock_max_step \${{X_SESSION_SHM_LOCK_MAX_STEP}};\n\
" "$TPL" \
 # Patch kong_defaults.lua to add custom variables that are replaced dynamically in the template above when kong is started
    && TPL=${LUA_BASE_DIR}/kong/templates/kong_defaults.lua \
    && sed -i "/\]\]/i\ \n\
x_session_storage = cookie\n\
x_session_name = oidc_session\n\
x_session_compressor = 'none'\n\
x_session_secret = 'c29tZV9iYXNlNjRfc3RyaW5n'\n\
\n\
x_session_memcache_prefix = oidc_sessions\n\
x_session_memcache_connect_timeout = '1000'\n\
x_session_memcache_send_timeout = '1000'\n\
x_session_memcache_read_timeout = '1000'\n\
x_session_memcache_host = memcached\n\
x_session_memcache_port = '11211'\n\
x_session_memcache_uselocking = 'off'\n\
x_session_memcache_spinlockwait = '150'\n\
x_session_memcache_maxlockwait = '30'\n\
x_session_memcache_pool_timeout = '1000'\n\
x_session_memcache_pool_size = '10'\n\
\n\
x_session_dshm_region = oidc_sessions\n\
x_session_dshm_connect_timeout = '1000'\n\
x_session_dshm_send_timeout = '1000'\n\
x_session_dshm_read_timeout = '1000'\n\
x_session_dshm_host = hazelcast\n\
x_session_dshm_port = '4321'\n\
x_session_dshm_pool_name = oidc_sessions\n\
x_session_dshm_pool_timeout = '1000'\n\
x_session_dshm_pool_size = '10'\n\
x_session_dshm_pool_backlog = '10'\n\
\n\
x_session_shm_store_size = 5m\n\
x_session_shm_store = oidc_sessions\n\
x_session_shm_uselocking = off\n\
x_session_shm_lock_exptime = '30'\n\
x_session_shm_lock_timeout = '5'\n\
x_session_shm_lock_step = '0.001'\n\
x_session_shm_lock_ratio = '2'\n\
x_session_shm_lock_max_step = '0.5'\n\
\n\
x_oidc_cache_discovery_size = 128k\n\
x_oidc_cache_jwks_size = 128k\n\
x_oidc_cache_introspection_size = 128k\n\
\n\
" "$TPL" \
## Cleanup
    && rm -fr *.rock* \
    && apk del .build-dependencies 2>/dev/null \
## Create kong and working directory (https://github.com/Kong/kong/issues/2690)
    && mkdir -p /usr/local/kong \
    && chown -R kong:`id -gn kong` /usr/local/kong
USER kong

And the associated kong.yml is

_format_version: "1.1"
services:
- connect_timeout: 10000
  host: echoserver
  name: echoserver
  port: 80
  protocol: http
  read_timeout: 5000
  retries: 2
  write_timeout: 5000
  routes:
  - hosts:
    - echoserver:80
    # id: 9c5c298c-1452-4c65-8d65-dcb1a4b4ea68
    # path_handling: v0
    # preserve_host: false
    protocols:
    - http
    - https
    # regex_priority: 0
    # strip_path: true
    # https_redirect_status_code: 426
  plugins:
  - name: oidc
    config:
      #access_token_header_as_bearer: "no"
      access_token_header_name: X-Access-Token
      bearer_only: "yes"
      client_id: someconsumer
      client_secret: somesecret
      disable_access_token_header: "no"
      disable_id_token_header: "no"
      disable_userinfo_header: "no"
      discovery: http://hydra-service:9000/.well-known/openid-configuration
      filters: null
      groups_claim: groups
      id_token_header_name: X-ID-Token
      ignore_auth_filters: ""
      introspection_endpoint: http://hydra-service:9001/oauth2/introspect
      introspection_endpoint_auth_method: null
      logout_path: /logout
      realm: kong
      recovery_page_path: null
      redirect_after_logout_uri: /
      redirect_uri: http://example.com
      response_type: token
      revoke_tokens_on_logout: "no"
      scope: openid
      session_secret: null
      ssl_verify: "no"
      timeout: null
      token_endpoint_auth_method: client_secret_post
      unauth_action: auth
      userinfo_header_name: X-USERINFO
    enabled: true
    protocols:
    # - grpc
    # - grpcs
    - http
    - https

And here's the log for what I get on trying to build this.

docker build -t kong-dbless kong-oidc/

[+] Building 76.6s (8/8) FINISHED
 => [internal] load build definition from Dockerfile                                                                            0.0s
 => => transferring dockerfile: 38B                                                                                             0.0s
 => [internal] load .dockerignore                                                                                               0.0s
 => => transferring context: 2B                                                                                                 0.0s
 => [internal] load metadata for docker.io/kong/kong:2.5.1                                                                     17.0s
 => [auth] kong/kong:pull token for registry-1.docker.io                                                                        0.0s
 => [internal] load build context                                                                                               0.0s
 => => transferring context: 30B                                                                                                0.0s
 => [1/3] FROM docker.io/kong/kong:2.5.1@sha256:6f1ade744464ee261cc087dc63c89b47d9121111b8902f9ebbad499d2585dd15                0.0s
 => CACHED [2/3] COPY kong.yml /                                                                                                0.0s
 => ERROR [3/3] RUN set -ex   && apk --no-cache add     libssl1.1     openssl     curl     unzip     git   && apk --no-cache   59.4s
------
 > [3/3] RUN set -ex   && apk --no-cache add     libssl1.1     openssl     curl     unzip     git   && apk --no-cache add --virtual .build-dependencies     make     gcc     openssl-dev       && curl -sL https://raw.githubusercontent.com/grrolland/ngx-distributed-shm/1.0.2/lua/dshm.lua > /usr/local/share/lua/5.1/resty/dshm.lua     && luarocks remove --force kong-plugin-session     && luarocks remove --force lua-resty-session     && luarocks install lua-ffi-zlib     && luarocks install penlight     && curl -sL https://raw.githubusercontent.com/Kong/kong-plugin-session/2.4.5/kong-plugin-session-2.4.5-1.rockspec | tee kong-plugin-session-2.4.5-1.rockspec     && luarocks build kong-plugin-session-2.4.5-1.rockspec     && curl -sL https://raw.githubusercontent.com/revomatico/kong-oidc/master/kong-oidc-1.2.3-2.rockspec | tee kong-oidc-1.2.3-2.rockspec |         sed -E -e 's/(tag =)[^,]+/\1 "master"/' -e "s/(lua-resty-openidc ~>)[^"]+/\1 1.7.4-1/" > kong-oidc-1.2.3-2.rockspec     && luarocks build kong-oidc-1.2.3-2.rockspec     && TPL=/usr/local/share/lua/5.1/kong/templates/nginx_kong.lua     && sed -i "/server_name kong;/a\ \nset_decode_base64 $session_secret ${{X_SESSION_SECRET}};\n" "$TPL"     && sed -i -E '/^lua_shared_dict kong\s+.+$/i\ \nvariables_hash_max_size 2048;\nlua_shared_dict discovery \${{X_OIDC_CACHE_DISCOVERY_SIZE}};\nlua_shared_dict jwks \${{X_OIDC_CACHE_JWKS_SIZE}};\nlua_shared_dict introspection \${{X_OIDC_CACHE_INTROSPECTION_SIZE}};\n> if x_session_storage == "shm" then\nlua_shared_dict \${{X_SESSION_SHM_STORE}} \${{X_SESSION_SHM_STORE_SIZE}};\n> end\n' "$TPL"     && sed -i "/server_name kong;/a\ \n    set $session_storage ${{X_SESSION_STORAGE}};\n    set $session_name ${{X_SESSION_NAME}};\n    set $session_compressor ${{X_SESSION_COMPRESSOR}};\n    set $session_memcache_connect_timeout ${{X_SESSION_MEMCACHE_CONNECT_TIMEOUT}};\n    set $session_memcache_send_timeout ${{X_SESSION_MEMCACHE_SEND_TIMEOUT}};\n    set $session_memcache_read_timeout ${{X_SESSION_MEMCACHE_READ_TIMEOUT}};\n    set $session_memcache_prefix ${{X_SESSION_MEMCACHE_PREFIX}};\n    set $session_memcache_host ${{X_SESSION_MEMCACHE_HOST}};\n    set $session_memcache_port ${{X_SESSION_MEMCACHE_PORT}};\n    set $session_memcache_uselocking ${{X_SESSION_MEMCACHE_USELOCKING}};\n    set $session_memcache_spinlockwait ${{X_SESSION_MEMCACHE_SPINLOCKWAIT}};\n    set $session_memcache_maxlockwait ${{X_SESSION_MEMCACHE_MAXLOCKWAIT}};\n    set $session_memcache_pool_timeout ${{X_SESSION_MEMCACHE_POOL_TIMEOUT}};\n    set $session_memcache_pool_size ${{X_SESSION_MEMCACHE_POOL_SIZE}};\n    set $session_dshm_region ${{X_SESSION_DSHM_REGION}};\n    set $session_dshm_connect_timeout ${{X_SESSION_DSHM_CONNECT_TIMEOUT}};\n    set $session_dshm_send_timeout ${{X_SESSION_DSHM_SEND_TIMEOUT}};\n    set $session_dshm_read_timeout ${{X_SESSION_DSHM_READ_TIMEOUT}};\n    set $session_dshm_host ${{X_SESSION_DSHM_HOST}};\n    set $session_dshm_port ${{X_SESSION_DSHM_PORT}};\n    set $session_dshm_pool_name ${{X_SESSION_DSHM_POOL_NAME}};\n    set $session_dshm_pool_timeout ${{X_SESSION_DSHM_POOL_TIMEOUT}};\n    set $session_dshm_pool_size ${{X_SESSION_DSHM_POOL_SIZE}};\n    set $session_dshm_pool_backlog ${{X_SESSION_DSHM_POOL_BACKLOG}};\n    set $session_shm_store ${{X_SESSION_SHM_STORE}};\n    set $session_shm_uselocking ${{X_SESSION_SHM_USELOCKING}};\n    set $session_shm_lock_exptime ${{X_SESSION_SHM_LOCK_EXPTIME}};\n    set $session_shm_lock_timeout ${{X_SESSION_SHM_LOCK_TIMEOUT}};\n    set $session_shm_lock_step ${{X_SESSION_SHM_LOCK_STEP}};\n    set $session_shm_lock_ratio ${{X_SESSION_SHM_LOCK_RATIO}};\n    set $session_shm_lock_max_step ${{X_SESSION_SHM_LOCK_MAX_STEP}};\n" "$TPL"     && TPL=/usr/local/share/lua/5.1/kong/templates/kong_defaults.lua     && sed -i "/\]\]/i\ \nx_session_storage = cookie\nx_session_name = oidc_session\nx_session_compressor = 'none'\nx_session_secret = 'c29tZV9iYXNlNjRfc3RyaW5n'\n\nx_session_memcache_prefix = oidc_sessions\nx_session_memcache_connect_timeout = '1000'\nx_session_memcache_send_timeout = '1000'\nx_session_memcache_read_timeout = '1000'\nx_session_memcache_host = memcached\nx_session_memcache_port = '11211'\nx_session_memcache_uselocking = 'off'\nx_session_memcache_spinlockwait = '150'\nx_session_memcache_maxlockwait = '30'\nx_session_memcache_pool_timeout = '1000'\nx_session_memcache_pool_size = '10'\n\nx_session_dshm_region = oidc_sessions\nx_session_dshm_connect_timeout = '1000'\nx_session_dshm_send_timeout = '1000'\nx_session_dshm_read_timeout = '1000'\nx_session_dshm_host = hazelcast\nx_session_dshm_port = '4321'\nx_session_dshm_pool_name = oidc_sessions\nx_session_dshm_pool_timeout = '1000'\nx_session_dshm_pool_size = '10'\nx_session_dshm_pool_backlog = '10'\n\nx_session_shm_store_size = 5m\nx_session_shm_store = oidc_sessions\nx_session_shm_uselocking = off\nx_session_shm_lock_exptime = '30'\nx_session_shm_lock_timeout = '5'\nx_session_shm_lock_step = '0.001'\nx_session_shm_lock_ratio = '2'\nx_session_shm_lock_max_step = '0.5'\n\nx_oidc_cache_discovery_size = 128k\nx_oidc_cache_jwks_size = 128k\nx_oidc_cache_introspection_size = 128k\n\n" "$TPL"     && rm -fr *.rock*     && apk del .build-dependencies 2>/dev/null     && mkdir -p /usr/local/kong     && chown -R kong:`id -gn kong` /usr/local/kong:
#8 0.228 + apk --no-cache add libssl1.1 openssl curl unzip git
#8 0.235 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
#8 1.263 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
#8 3.137 (1/1) Installing curl (7.79.1-r0)
#8 3.324 Executing busybox-1.33.1-r3.trigger
#8 3.329 OK: 66 MiB in 41 packages
#8 3.361 + apk --no-cache add --virtual .build-dependencies make gcc openssl-dev
#8 3.366 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
#8 4.301 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
#8 6.371 (1/12) Installing make (4.3-r0)
#8 6.533 (2/12) Installing binutils (2.35.2-r2)
#8 9.357 (3/12) Installing libgomp (10.3.1_git20210424-r2)
#8 9.541 (4/12) Installing libatomic (10.3.1_git20210424-r2)
#8 9.582 (5/12) Installing libgphobos (10.3.1_git20210424-r2)
#8 11.85 (6/12) Installing gmp (6.2.1-r0)
#8 12.14 (7/12) Installing isl22 (0.22-r0)
#8 12.97 (8/12) Installing mpfr4 (4.1.0-r0)
#8 15.55 (9/12) Installing mpc1 (1.2.1-r0)
#8 15.64 (10/12) Installing gcc (10.3.1_git20210424-r2)
#8 53.86 (11/12) Installing openssl-dev (1.1.1l-r0)
#8 54.19 (12/12) Installing .build-dependencies (20211115.060117)
#8 54.19 Executing busybox-1.33.1-r3.trigger
#8 54.20 OK: 177 MiB in 53 packages
#8 54.23 + curl -sL https://raw.githubusercontent.com/grrolland/ngx-distributed-shm/1.0.2/lua/dshm.lua
------
executor failed running [/bin/sh -c set -ex   && apk --no-cache add     libssl1.1     openssl     curl     unzip     git   && apk --no-cache add --virtual .build-dependencies     make     gcc     openssl-dev       && curl -sL https://raw.githubusercontent.com/grrolland/ngx-distributed-shm/${NGX_DISTRIBUTED_SHM_VER}/lua/dshm.lua > ${LUA_BASE_DIR}/resty/dshm.lua     && luarocks remove --force kong-plugin-session     && luarocks remove --force lua-resty-session     && luarocks install lua-ffi-zlib     && luarocks install penlight     && curl -sL https://raw.githubusercontent.com/Kong/kong-plugin-session/${KONG_PLUGIN_SESSION_VER}/kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec | tee kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec     && luarocks build kong-plugin-session-${KONG_PLUGIN_SESSION_VER}-1.rockspec     && curl -sL https://raw.githubusercontent.com/revomatico/kong-oidc/master/kong-oidc-${KONG_OIDC_VER}.rockspec | tee kong-oidc-${KONG_OIDC_VER}.rockspec |         sed -E -e 's/(tag =)[^,]+/\1 "master"/' -e "s/(lua-resty-openidc ~>)[^\"]+/\1 ${LUA_RESTY_OIDC_VER}/" > kong-oidc-${KONG_OIDC_VER}.rockspec     && luarocks build kong-oidc-${KONG_OIDC_VER}.rockspec     && TPL=${LUA_BASE_DIR}/kong/templates/nginx_kong.lua     && sed -i "/server_name kong;/a\ \nset_decode_base64 \$session_secret \${{X_SESSION_SECRET}};\n" "$TPL"     && sed -i -E '/^lua_shared_dict kong\s+.+$/i\ \nvariables_hash_max_size 2048;\nlua_shared_dict discovery \${{X_OIDC_CACHE_DISCOVERY_SIZE}};\nlua_shared_dict jwks \${{X_OIDC_CACHE_JWKS_SIZE}};\nlua_shared_dict introspection \${{X_OIDC_CACHE_INTROSPECTION_SIZE}};\n> if x_session_storage == "shm" then\nlua_shared_dict \${{X_SESSION_SHM_STORE}} \${{X_SESSION_SHM_STORE_SIZE}};\n> end\n' "$TPL"     && sed -i "/server_name kong;/a\ \n    set \$session_storage \${{X_SESSION_STORAGE}};\n    set \$session_name \${{X_SESSION_NAME}};\n    set \$session_compressor \${{X_SESSION_COMPRESSOR}};\n    set \$session_memcache_connect_timeout \${{X_SESSION_MEMCACHE_CONNECT_TIMEOUT}};\n    set \$session_memcache_send_timeout \${{X_SESSION_MEMCACHE_SEND_TIMEOUT}};\n    set \$session_memcache_read_timeout \${{X_SESSION_MEMCACHE_READ_TIMEOUT}};\n    set \$session_memcache_prefix \${{X_SESSION_MEMCACHE_PREFIX}};\n    set \$session_memcache_host \${{X_SESSION_MEMCACHE_HOST}};\n    set \$session_memcache_port \${{X_SESSION_MEMCACHE_PORT}};\n    set \$session_memcache_uselocking \${{X_SESSION_MEMCACHE_USELOCKING}};\n    set \$session_memcache_spinlockwait \${{X_SESSION_MEMCACHE_SPINLOCKWAIT}};\n    set \$session_memcache_maxlockwait \${{X_SESSION_MEMCACHE_MAXLOCKWAIT}};\n    set \$session_memcache_pool_timeout \${{X_SESSION_MEMCACHE_POOL_TIMEOUT}};\n    set \$session_memcache_pool_size \${{X_SESSION_MEMCACHE_POOL_SIZE}};\n    set \$session_dshm_region \${{X_SESSION_DSHM_REGION}};\n    set \$session_dshm_connect_timeout \${{X_SESSION_DSHM_CONNECT_TIMEOUT}};\n    set \$session_dshm_send_timeout \${{X_SESSION_DSHM_SEND_TIMEOUT}};\n    set \$session_dshm_read_timeout \${{X_SESSION_DSHM_READ_TIMEOUT}};\n    set \$session_dshm_host \${{X_SESSION_DSHM_HOST}};\n    set \$session_dshm_port \${{X_SESSION_DSHM_PORT}};\n    set \$session_dshm_pool_name \${{X_SESSION_DSHM_POOL_NAME}};\n    set \$session_dshm_pool_timeout \${{X_SESSION_DSHM_POOL_TIMEOUT}};\n    set \$session_dshm_pool_size \${{X_SESSION_DSHM_POOL_SIZE}};\n    set \$session_dshm_pool_backlog \${{X_SESSION_DSHM_POOL_BACKLOG}};\n    set \$session_shm_store \${{X_SESSION_SHM_STORE}};\n    set \$session_shm_uselocking \${{X_SESSION_SHM_USELOCKING}};\n    set \$session_shm_lock_exptime \${{X_SESSION_SHM_LOCK_EXPTIME}};\n    set \$session_shm_lock_timeout \${{X_SESSION_SHM_LOCK_TIMEOUT}};\n    set \$session_shm_lock_step \${{X_SESSION_SHM_LOCK_STEP}};\n    set \$session_shm_lock_ratio \${{X_SESSION_SHM_LOCK_RATIO}};\n    set \$session_shm_lock_max_step \${{X_SESSION_SHM_LOCK_MAX_STEP}};\n" "$TPL"     && TPL=${LUA_BASE_DIR}/kong/templates/kong_defaults.lua     && sed -i "/\]\]/i\ \nx_session_storage = cookie\nx_session_name = oidc_session\nx_session_compressor = 'none'\nx_session_secret = 'c29tZV9iYXNlNjRfc3RyaW5n'\n\nx_session_memcache_prefix = oidc_sessions\nx_session_memcache_connect_timeout = '1000'\nx_session_memcache_send_timeout = '1000'\nx_session_memcache_read_timeout = '1000'\nx_session_memcache_host = memcached\nx_session_memcache_port = '11211'\nx_session_memcache_uselocking = 'off'\nx_session_memcache_spinlockwait = '150'\nx_session_memcache_maxlockwait = '30'\nx_session_memcache_pool_timeout = '1000'\nx_session_memcache_pool_size = '10'\n\nx_session_dshm_region = oidc_sessions\nx_session_dshm_connect_timeout = '1000'\nx_session_dshm_send_timeout = '1000'\nx_session_dshm_read_timeout = '1000'\nx_session_dshm_host = hazelcast\nx_session_dshm_port = '4321'\nx_session_dshm_pool_name = oidc_sessions\nx_session_dshm_pool_timeout = '1000'\nx_session_dshm_pool_size = '10'\nx_session_dshm_pool_backlog = '10'\n\nx_session_shm_store_size = 5m\nx_session_shm_store = oidc_sessions\nx_session_shm_uselocking = off\nx_session_shm_lock_exptime = '30'\nx_session_shm_lock_timeout = '5'\nx_session_shm_lock_step = '0.001'\nx_session_shm_lock_ratio = '2'\nx_session_shm_lock_max_step = '0.5'\n\nx_oidc_cache_discovery_size = 128k\nx_oidc_cache_jwks_size = 128k\nx_oidc_cache_introspection_size = 128k\n\n" "$TPL"     && rm -fr *.rock*     && apk del .build-dependencies 2>/dev/null     && mkdir -p /usr/local/kong     && chown -R kong:`id -gn kong` /usr/local/kong]: exit code: 6
cristichiru commented 2 years ago

I think this might be specific to your env. I cannot reproduce. Can you please try it on a different/fresh env? Do some cleanup of previously built images? docker prune?

(12/12) Purging gmp (6.2.1-r0)
Executing busybox-1.33.1-r3.trigger
OK: 66 MiB in 41 packages
+ mkdir -p /usr/local/kong
+ id -gn kong
+ chown -R kong:nogroup /usr/local/kong
Removing intermediate container a84967d9266f
 ---> 056b48154b42
Step 6/6 : USER kong
 ---> Running in 57d7d7d35739
Removing intermediate container 57d7d7d35739
 ---> c20c16bc18eb
Successfully built c20c16bc18eb
Successfully tagged local/docker-kong-oidc:2.5.1-2
REPOSITORY               TAG                 IMAGE ID            CREATED                  SIZE
local/docker-kong-oidc   2.5.1-2             c20c16bc18eb        Less than a second ago   216MB