[LRUG] Issues with Jekyll/Bundler on Alpine 3.10
Edmond Lepedus
ed.lepedus at googlemail.com
Tue Jul 19 14:38:32 PDT 2022
Hi LRUG,
Does anyone know if Bundler on Alpine installs native APKs, and if so, how I can get it to install dependencies from the testing repo from an older version of Alpine?
I appreciate that might be a stupid question, and I may be barking up the wrong tree entirely, but I’m drawing a bit of a blank as to what else might be going on.
Basically, I built a Jekyll site a few years ago, and it’s been happily building & deploying through GitLab CI since. The build step uses the `jekyll/builder:3`image, but adds various dependencies to support jekyll-assets/mini_magick/image_optim etc.
A couple of days ago, these builds started failing, complaining about untrusted signatures. I believe this is due to Alpine version changes/new signatures on the repositories. The Jekyll Builder image uses Alpine 3.10 under the hood, and this seems to ship with outdated keys. As a stopgap mitigation, I’m trying to install the dependencies with —allow-untrusted flag, which works fine for my scripted `apk add <package> ` steps, which all install correctly. However, the `bundle install` step appears to run its own `apk fetch` which ignores the untrusted repositories, then errors because it can’t find the tags. The output looks like this:
$ bundle install --path ../gems
237 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L237>fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz <http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz>
238 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L238>fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz <http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz>
239 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L239>fetch http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz>
240 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L240>WARNING: Ignoring http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz>: UNTRUSTED signature
241 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L241>fetch http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz>
242 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L242>WARNING: Ignoring http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz>: UNTRUSTED signature
243 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L243>fetch http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz>
244 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L244>WARNING: Ignoring http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz <http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz>: UNTRUSTED signature
245 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L245>WARNING: The repository tag for world dependency 'advancecomp at community' does not exist
246 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L246>WARNING: The repository tag for world dependency 'gifsicle at community' does not exist
247 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L247>WARNING: The repository tag for world dependency 'jhead at testing' does not exist
248 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L248>WARNING: The repository tag for world dependency 'jpegoptim at community' does not exist
249 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L249>WARNING: The repository tag for world dependency 'libjpeg at edge' does not exist
250 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L250>WARNING: The repository tag for world dependency 'libjpeg-turbo-utils at edge' does not exist
251 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L251>WARNING: The repository tag for world dependency 'optipng at community' does not exist
252 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L252>WARNING: The repository tag for world dependency 'pngcrush at edge' does not exist
253 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L253>WARNING: The repository tag for world dependency 'pngquant at edge' does not exist
254 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L254>WARNING: The repository tag for world dependency 'ruby-bundler at edge' does not exist
255 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L255>ERROR: Not committing changes due to missing repository tags. Use --force-broken-world to override.
Any idea how I can get this to work, without suddenly upgrading to Jekyll 4 and its newer builder image?
Thanks in advance,
Ed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20220719/e00d9465/attachment.html>
More information about the Chat
mailing list