[LRUG] Issues with Jekyll/Bundler on Alpine 3.10

Sasha Gerrand chat-lists.lrug.org at sgerrand.com
Wed Jul 20 03:50:44 PDT 2022


Bundler only uses RubyGems so that's not where the Alpine packages are
being installed from. After looking a bit more closely at the
`jekyll/builder:3` Docker image and the source repository for it at
https://github.com/envygeeks/jekyll-docker, I'd encourage you to fork it to
fix those issues. The source code for that Docker image tag is about 3
years old and there may be some other issues with it beyond the outdated
package signature methods.

Sasha

On Wed, 20 Jul 2022, 11:12 Edmond Lepedus, <ed.lepedus at googlemail.com>
wrote:

> Hi LRUG,
>
> Does anyone know if Bundler on Alpine installs native APKs, and if so, how
> I can get it to install dependencies from the testing repo from an older
> version of Alpine?
>
> I appreciate that might be a stupid question, and I may be barking up the
> wrong tree entirely, but I’m drawing a bit of a blank as to what else might
> be going on.
>
> Basically, I built a Jekyll site a few years ago, and it’s been happily
> building & deploying through GitLab CI since. The build step uses the
> `jekyll/builder:3`image, but adds various dependencies to support
> jekyll-assets/mini_magick/image_optim etc.
>
> A couple of days ago, these builds started failing, complaining about
> untrusted signatures. I believe this is due to Alpine version changes/new
> signatures on the repositories. The Jekyll Builder image uses Alpine 3.10
> under the hood, and this seems to ship with outdated keys. As a stopgap
> mitigation, I’m trying to install the dependencies with —allow-untrusted
> flag, which works fine for my scripted `apk add <package> ` steps, which
> all install correctly. However, the `bundle install` step appears to run
> its own `apk fetch` which ignores the untrusted repositories, then errors
> because it can’t find the tags. The output looks like this:
> $ bundle install --path ../gems
> 237 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L237>fetch
> http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
> 238 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L238>fetch
> http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
> 239 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L239>fetch
> http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
> 240 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L240>WARNING:
> Ignoring http://uk.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz:
> UNTRUSTED signature
> 241 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L241>fetch
> http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
> 242 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L242>WARNING:
> Ignoring
> http://uk.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz:
> UNTRUSTED signature
> 243 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L243>fetch
> http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
> 244 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L244>WARNING:
> Ignoring
> http://uk.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz:
> UNTRUSTED signature
> 245 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L245>WARNING:
> The repository tag for world dependency 'advancecomp at community' does not
> exist
> 246 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L246>WARNING:
> The repository tag for world dependency 'gifsicle at community' does not
> exist
> 247 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L247>WARNING:
> The repository tag for world dependency 'jhead at testing' does not exist
> 248 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L248>WARNING:
> The repository tag for world dependency 'jpegoptim at community' does not
> exist
> 249 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L249>WARNING:
> The repository tag for world dependency 'libjpeg at edge' does not exist
> 250 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L250>WARNING:
> The repository tag for world dependency 'libjpeg-turbo-utils at edge' does
> not exist
> 251 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L251>WARNING:
> The repository tag for world dependency 'optipng at community' does not exist
> 252 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L252>WARNING:
> The repository tag for world dependency 'pngcrush at edge' does not exist
> 253 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L253>WARNING:
> The repository tag for world dependency 'pngquant at edge' does not exist
> 254 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L254>WARNING:
> The repository tag for world dependency 'ruby-bundler at edge' does not exist
> 255 <https://gitlab.com/cgntv/idr-jekyll/-/jobs/2743557060#L255>ERROR:
> Not committing changes due to missing repository tags. Use
> --force-broken-world to override.
>
> Any idea how I can get this to work, without suddenly upgrading to Jekyll
> 4 and its newer builder image?
>
> Thanks in advance,
> Ed
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20220720/ddfbeb25/attachment.html>


More information about the Chat mailing list