search

varnish / libvmod-digest

Digest and HMAC vmod
Other
50 stars 27 forks source link

Error using Alpine on Mac M1 Pro #44

Closed vince83110 closed 2 years ago

vince83110 commented 2 years ago

Sorry for this issue, but I have to use an alpine version of Varnish, because I can't find have varnish-dev installed on M1, I have this error:

Package 'varnish-dev' has no installation candidate

I tried many things.... but no success. So I am trying to use an alpine version of varnish Docker image (7.0-alpine).

For now I have:

FROM varnish:7.0-alpine

RUN apk update && apk add --no-cache \
    python3 \
    py3-docutils \
    py3-sphinx \
    varnish-dev \
    curl \
    libtool \
    make \
    automake \
    git \
    autoconf \
    libmhash-dev --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing/ \
    openssl-dev

# install libvmod-digest
ENV LIBVMOD_DIGEST_BRANCH=master

RUN cd /usr/local/bin/ && \
    git clone -b ${LIBVMOD_DIGEST_BRANCH} https://github.com/varnish/libvmod-digest.git && \
    cd libvmod-digest && \
    ./autogen.sh && \
    sh ./configure --disable-dependency-tracking && \
    make install && \
    cd /usr/local/bin && \
    rm -rf libvmod-digest && \
    ldconfig

It seems to work, but it ends with this message:

#7 6.275 ----------------------------------------------------------------------
#7 6.275 Libraries have been installed in:
#7 6.275    /usr/lib/varnish/vmods
#7 6.275 
#7 6.275 If you ever happen to want to link against installed libraries
#7 6.275 in a given directory, LIBDIR, you must either use libtool, and
#7 6.275 specify the full pathname of the library, or use the '-LLIBDIR'
#7 6.275 flag during linking and do at least one of the following:
#7 6.275    - add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
#7 6.275      during execution
#7 6.275    - add LIBDIR to the 'LD_RUN_PATH' environment variable
#7 6.275      during linking
#7 6.275    - use the '-Wl,-rpath -Wl,LIBDIR' linker flag
#7 6.275 
#7 6.275 See any operating system documentation about shared libraries for
#7 6.275 more information, such as the ld(1) and ld.so(8) manual pages.
#7 6.275 ----------------------------------------------------------------------
#7 6.276 make[2]: Leaving directory '/usr/local/bin/libvmod-digest/src'
#7 6.276 make[1]: Leaving directory '/usr/local/bin/libvmod-digest/src'
#7 6.278 make[1]: Entering directory '/usr/local/bin/libvmod-digest'
#7 6.278 rst2man README.rst vmod_digest.3
#7 6.519 make[2]: Entering directory '/usr/local/bin/libvmod-digest'
#7 6.519 make[2]: Nothing to be done for 'install-exec-am'.
#7 6.520  ./install-sh -c -d '/usr/local/share/doc/libvmod-digest'
#7 6.526  /usr/bin/install -c -m 644 README.rst LICENSE '/usr/local/share/doc/libvmod-digest'
#7 6.529  ./install-sh -c -d '/usr/local/share/man/man3'
#7 6.536  /usr/bin/install -c -m 644 vmod_digest.3 '/usr/local/share/man/man3'
#7 6.539 make[2]: Leaving directory '/usr/local/bin/libvmod-digest'
#7 6.539 make[1]: Leaving directory '/usr/local/bin/libvmod-digest'
------
executor failed running [/bin/sh -c cd /usr/local/bin/ &&     git clone -b ${LIBVMOD_DIGEST_BRANCH} https://github.com/varnish/libvmod-digest.git &&     cd libvmod-digest &&     ./autogen.sh &&     ./configure --disable-dependency-tracking &&     make install &&     cd /usr/local/bin &&     rm -rf libvmod-digest &&     ldconfig]: exit code: 1
ERROR: Service 'varnish' failed to build : Build failed

I am not an expert in make files... is there a way to make it 'silent' ? to avoid any output ?

gquintard commented 2 years ago

Hi,

I don't think you shared the Dockerfile corresponding to the output, as with your Dockerfile, I get an error on ssh not existing.

Regardless, this works:

FROM varnish:7.0-alpine

RUN apk update && apk add --no-cache \
    python3 \
    py3-docutils \
    py3-sphinx \
    libtool \
    make \
    automake \
    git \
    autoconf \
    libmhash-dev --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing/

# install libvmod-digest
ENV LIBVMOD_DIGEST_BRANCH=master

RUN \
    set -x && \
    git clone -b ${LIBVMOD_DIGEST_BRANCH} https://github.com/varnish/libvmod-digest.git && \
    cd libvmod-digest && \
    ./autogen.sh && \
    ./configure && \
    make install && \
    cd .. && \
    rm -rf libvmod-digest && \
    ldconfig

Note that varnish-dev is already installed in the image, so there's no need to install it. And I'm not sure ldconfig is needed here, but eh, probably doesn't hurt. The set -x will show each command as they are run, so that should help pinpoint the issue.

could you confirm it works for you please?

vince83110 commented 2 years ago

Removing the ldconfig did the trick, even with set -x it didn't show anything more.

Thank you really.. my bad, not an issue on the package can be closed & removed.

gquintard commented 2 years ago

good to read! You can keep an eye on https://github.com/xcir/vmod-packager it should pick up the ability to package apk soon™

vince83110 commented 2 years ago

Thanks, oh woaw... it would be amazing to manage Vmod easily.

And maybe Varnish will share some of their Varnish Plus packages....

Just to ask, we are thinking to use RS256 alg for our JWT tokens, can I test the signature using your package ? or do you have any feedback ? Thanks again

gquintard commented 2 years ago

currently, this vmod doesn't support it (and probably won't as it is in maitenance mode), however, Varnish Enterprise has https://docs.varnish-software.com/varnish-cache-plus/vmods/jwt/ which seems to be exactly what you want

vince83110 commented 2 years ago

Yes, just for the joke I worked with it and created all my stack, then I realized it was in the Varnish Plus offer, which is priceless. We managed to test it with HMAC, but we prefer RS256 over H256.

This example relies on your vmod: https://feryn.eu/blog/validating-json-web-tokens-in-varnish/, and it works, now I am just trying to have kind of the same result with RS256.

I will share if we find. Thanks for your time!