Until now I worked a lot with github/bitbucket and jenkins/bamboo. Right now I'm trying to setup a Gitlab CE server with a private kubernetes cluster.
I want to run a hello world project in java with gitlabs AutoDevOps in kubernetes, this is the repo I'm using:
https://github.com/dstar55/docker-hello-world-spring-boot
Everything works fine until runner gets created in kubernetes, downloads the image but gets stuck on downloading maven resources.
Running on runner-h6cwaztm-project-8-concurrent-0jvd9f via runner-gitlab-runner-6dcf7dd458-jl69h...
Fetching changes with git depth set to 50...
00:02
Initialized empty Git repository in /builds/.../hello-world-spring/.git/
Created fresh repository.
From https://.../hello-world-spring
* [new ref] refs/pipelines/14 -> refs/pipelines/14
* [new branch] master -> origin/master
Checking out ad24ac6b as master...
Skipping Git submodules setup
$ if [[ -z "$CI_COMMIT_TAG" ]]; then # collapsed multi-line command
$ /build/build.sh
Logging to GitLab Container Registry with CI credentials...
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Building Dockerfile-based application...
Step 1/10 : FROM maven:3.5.2-jdk-8-alpine AS maven_build
3.5.2-jdk-8-alpine: Pulling from library/maven
22bc7fb81913: Pull complete
Digest: sha256:7cebda60f8a541e1bf2330306d22f9786f989187f4ec96539d398a0d4dbfdadb
Status: Downloaded newer image for maven:3.5.2-jdk-8-alpine
---> 293423a981a7
Step 2/10 : COPY pom.xml /tmp/
---> c0e609a509a8
Step 3/10 : COPY src /tmp/src/
---> e735a08f2b39
Step 4/10 : WORKDIR /tmp/
---> Running in 90620c0ca3ad
Removing intermediate container 90620c0ca3ad
---> a5d9fdc62aa9
Step 5/10 : RUN mvn package
---> Running in dc90f43fc83b
[INFO] Scanning for projects...
Downloading from central: https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-starter-parent/2.2.1.RELEASE/spring-boot-starter-parent-2.2.1.RELEASE.pom
It never throws an error (until it timesout) and it never goes past this point.
Kubernetes has 4 nodes 1 master and 3 slaves, using flannel and MetalLB
Edit:
I added a curl command instead of mvn package and it seems the download speed is 0, how is that possible?
Step 5/11 : RUN curl https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-starter-parent/2.2.1.RELEASE/spring-boot-starter-parent-2.2.1.RELEASE.pom --output test.pom
---> Running in db2bc24c6a4f
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:05:00 --:--:-- 0
curl: (28) Operation timed out after 300689 milliseconds with 0 out of 0 bytes received
The command '/bin/sh -c curl https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-starter-parent/2.2.1.RELEASE/spring-boot-starter-parent-2.2.1.RELEASE.pom --output test.pom' returned a non-zero code: 28
ERROR: Job failed: command terminated with exit code 1
According to place where CI hangs, your pipeline stuck at mvn package:
Step 5/10 : RUN mvn package
---> Running in dc90f43fc83b
[INFO] Scanning for projects...
Downloading from central: https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-starter-parent/2.2.1.RELEASE/spring-boot-starter-parent-2.2.1.RELEASE.pom
So, you can try to restart Artifactory.
Also, you can debug mvn packages with mvn clean package -X -e
See: this answer :
java - Maven hanging indefinitely while checking for updates - Stack Overflow
mvn clean package -X -e
Related
I am trying to use a plugin in my eks based k8s cluster,
I am using a Github Action controller that spawns on demand Container as Self Hosted runner
When the Github action start this plugin or any other that needs to build itself as a docker image fails with below error, any thoughts or ideas ?
This is my self hosted runner image Link
FYI : If i run a standalone alpine container in the cluster all typical cmd works, and this also works with default ubuntu based self hosted runner, so i dont think its the cluster
/usr/local/bin/docker build -t 60e226:1b6fc15462134e6fb8520b7df48cf7fd -f "/runner/_work/_actions/aquasecurity/trivy-action/master/Dockerfile" "/runner/_work/_actions/aquasecurity/trivy-action/master"
Sending build context to Docker daemon 644.6kB
Step 1/5 : FROM ghcr.io/aquasecurity/trivy:0.[3](https://github.com//docker-images/actions/runs/4134005760/jobs/7147011143#step:3:3)7.1
0.37.1: Pulling from aquasecurity/trivy
c158987b0551: Pulling fs layer
67a7d067ef7d: Pulling fs layer[6]Download complete
67a7d067ef7d: Pull complete
2ec1cdd48f38: Verifying Checksum
2ec1cdd48f38: Download complete
2ec1cdd48f38: Pull complete
fe56e6aa700e: Pull complete
Digest: sha256:7c[16](https://github.com//docker-images/actions/runs/4134005760/jobs/7147011143#step:3:16)7f7f3002948f1ec099555aa968bd8b8b097780603a38cc801fe965da0a69
Status: Downloaded newer image for ghcr.io/aquasecurity/trivy:0.37.1
---> c3e68408cd24
Step 2/5 : COPY entrypoint.sh /
---> 1f1da443ea86
Step 3/5 : RUN apk --no-cache add bash curl npm
---> Running in 647f7f479cac
fetch https://dl-cdn.alpinelinux.org/alpine/v3.[17](https://github.com//docker-images/actions/runs/4134005760/jobs/7147011143#step:3:17)/main/x86_64/APKINDEX.tar.gz
48ABC73BEB7F0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:[18](https://github.com//docker-images/actions/runs/4134005760/jobs/7147011143#step:3:18)89:
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.17/main: Permission denied
fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/community/x86_64/APKINDEX.tar.gz
48ABC73BEB7F0000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1889:
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.17/community: Permission denied
ERROR: unable to select packages:
bash (no such package):
required by: world[bash]
curl (no such package):
required by: world[curl]
npm (no such package):
required by: world[npm]
The command '/bin/sh -c apk --no-cache add bash curl npm' returned a non-zero code: 3
Warning: Docker build failed with exit code 3, back off 6.807 seconds before retry.
It was expected to build the docker image and proceed with the github action workflow
Tried different flavors of image and nothing worked except for ubunut-latest
the plugin in question
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action#master
with:
image-ref: 'test:latest'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
After installing postgresql(13) on GCP, I tried installing citus using this command:
curl https://install.citusdata.com/community/rpm.sh | sudo bash
However I run into the following error. Any guidance/suggestions would be helpful.
[tony_stark#host]$ curl https://install.citusdata.com/community/rpm.sh | sudo bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 8667 100 8667 0 0 21791 0 --:--:-- --:--:-- --:--:-- 21831
Detected operating system as centos/7.
Checking for curl...
Detected curl...
Checking for postgresql13-server...
Detected postgresql13-server...
Checking for EPEL repositories...
Detected EPEL repoitories
Downloading repository file: https://repos.citusdata.com/community/config_file.repo?os=centos&dist=7&source=script...
curl: (7) Failed to connect to
Network is unreachable
Unable to run:
curl https://repos.citusdata.com/community/config_file.repo?os=centos&dist=7&source=script
The link curl https://repos.citusdata.com/community/config_file.repo?os=centos&dist=7&source=script works on my browser though.
Looks like a temporary issue on repository side. I just tried it and it works:
[sergiusz#host ~]$ curl https://install.citusdata.com/community/rpm.sh | sudo bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 8667 100 8667 0 0 25686 0 --:--:-- --:--:-- --:--:-- 25718
Detected operating system as centos/7.
Checking for curl...
Detected curl...
Checking for postgresql13-server...
Installing pgdg13 repo... done.
Checking for EPEL repositories...
Detected EPEL repoitories
Downloading repository file: https://repos.citusdata.com/community/config_file.repo?os=centos&dist=7&source=script.
.. done.
Installing pygpgme to verify GPG signatures... done.
Installing yum-utils... done.
Generating yum cache for citusdata_community... done.
The repository is set up! You can now install packages.
EDIT:
This file can be also downloaded manually:
curl "https://repos.citusdata.com/community/config_file.repo?os=centos&dist=7&source=script" -o /etc/yum.repos.d/citusdata_community.repo
I've been trying to setup Cloud Code with VSCode and I've been running in to problems when starting the deploy process with Cloud Code: Deploy.
I've tried deploying the samples, python-hello-world-1 as well as the go-hello-world-1, to my kubernetes cluster on GKE but always end up getting errors when the deploy process starts package downloading:
Go Output
Running: skaffold run --enable-rpc -v info --rpc-http-port 49869 --filename skaffold.yaml --default-repo gcr.io/abx-lernende
starting gRPC server on port 50051
starting gRPC HTTP server on port 49869
Using kubectl context: gke_abx-lernende_europe-west4-a_joshu-test-cluster
Generating tags...
- go-hello-world -> gcr.io/abx-lernende/go-hello-world:latest
Checking cache...
- go-hello-world: Not found. Building
Building [go-hello-world]...
Sending build context to Docker daemon 57.86kB
Step 1/8 : FROM golang:1.13
---> 6586e3d10e96
Step 2/8 : RUN go get -u -v github.com/go-delve/delve/cmd/dlv
---> Running in b75ce8e5dae9
[91mgithub.com/go-delve/delve (download)
[0m[91m# cd .; git clone -- https://github.com/go-delve/delve /go/src/github.com/go-delve/delve
Cloning into '/go/src/github.com/go-delve/delve'...
fatal: unable to access 'https://github.com/go-delve/delve/': Failed to connect to github.com port 443: Connection refused
package github.com/go-delve/delve/cmd/dlv: exit status 128
[0mfailed to build: build failed: building [go-hello-world]: build artifact: unable to stream build output: The command '/bin/sh -c go get -u -v github.com/go-delve/delve/cmd/dlv' returned a non-zero code: 1
Exited with code 1.
Python Output
Running: skaffold run --enable-rpc -v info --rpc-http-port 50185 --filename
skaffold.yaml --default-repo gcr.io/abx-lernende
starting gRPC server on port 50051
starting gRPC HTTP server on port 50185
Skaffold &{Version:v1.3.1 ConfigVersion:skaffold/v2alpha3 GitVersion: GitCommit:6ba887a42438d1da578a005cf550e618fee6dfb8 GitTreeState:clean BuildDate:2020-01-31T19:55:18Z GoVersion:go1.13.4 Compiler:gc Platform:windows/amd64}
Using kubectl context: gke_abx-lernende_europe-west4-a_joshu-test-cluster
Generating tags...
- python-hello-world -> Tags generated in 0s
gcr.io/abx-lernende/python-hello-world:latest
Checking cache...
- python-hello-world: Cache check complete in 6.0001ms
Not found. Building
Building [python-hello-world]...
Sending build context to Docker daemon 4.608kB
Step 1/7 : FROM python:3.8
---> efdecc2e377a
Step 2/7 : WORKDIR /app
---> Using cache
---> a131b81cad66
Step 3/7 : COPY requirements.txt .
---> Using cache
---> 4625ef1862bd
Step 4/7 : RUN pip install --trusted-host pypi.python.org -r requirements.txt
---> Running in 4da23a158ae3
[91mWARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ConnectTimeoutError(<pip._vendor.urllib3.connection.VerifiedHTTPSConnection object at 0x7f17ba9c9d60>, 'Connection to pypi.org timed out. (connect timeout=15)')': /simple/flask/
Im assuming this is due to me being behind a corporate proxy. As counter measures I have explicitly configured VSCode, Git, pip, go and google cloud sdk all to use said proxy. On top of that I set the Windows ENV variables for the proxy. sadly without success.
Thanks!
You can configure docker to pass through proxy information into the containers by adding something like the following to your ~/.docker/config.json:
{
"proxies": {
"default": {
"httpProxy": "http://192.168.1.12:3128",
"httpsProxy": "http://192.168.1.12:3128"
}
}
}
Docker will set the HTTP_PROXY/HTTPS_PROXY environment variables within the container which is picked up by many tools.
I just want to know whether I can run Karate test in a pod. Or is there any good suggestion on how to run it?
I tried to run the Karate test in terminal and it works. Just want to know if I can run it from Kubernetes pod. Nginx also running in the pod.
You can everything in pod whatever you are running outside environment. Pod run the container inside it.
So create the docker file and generate the docker image using docker file. Using that docker image and start the karate pod.
You can write the docker file like this
FROM maven:3-jdk-8-alpine
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
COPY settings.xml /usr/share/maven/ref/
COPY pom.xml /tmp/pom.xml
COPY . /usr/src/app
RUN mvn -B -f /tmp/pom.xml -s /usr/share/maven/ref/settings-docker.xml prepare-package -DskipTests
CMD ["/usr/src/app/maven_runner.sh"]
I found here one example : https://github.com/neillfontes/karate-sample
Posting as Community Wiki for future use.
#Harsh Manvar provided good example, however if you will just build it from Dockerfile, you will recieved errors. You have to download all files mentioned in Github. Correct oreder will be:
$ git clone https://github.com/neillfontes/karate-sample.git
$ cd karate-sample
$ docker build -t karate_docker .
After image was built you can check it:
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
karate_docker latest 9dc6d7a5278a About a minute ago 136MB
Later you can start testing using:
$ docker run karate_docker
START: Running tests...
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running demo.DemoTest
11:57:49.684 [main] DEBUG c.i.karate.cucumber.CucumberRunner - init test class: class demo.DemoTest
11:57:50.412 [main] DEBUG c.i.karate.cucumber.CucumberRunner - loading feature: /usr/src/app/target/test-classes/demo/features/get-token.feature
11:57:50.663 [main] DEBUG c.i.karate.cucumber.CucumberRunner - loading feature: /usr/src/app/target/test-classes/demo/features/make-request.feature
11:57:53.898 [main] INFO com.intuit.karate.ScriptBridge - karate.env system property was: null
11:57:54.867 [main] DEBUG c.i.k.h.a.RequestLoggingInterceptor -
1 > POST http://brentertainment.com/oauth2/lockdin/token
1 > Accept-Encoding: gzip,deflate
1 > Connection: Keep-Alive
1 > Content-Length: 96
I'm trying to use docker container task in azure DevOps pipeline to build and push images to ACR and ECR. I am able to do that through a YAML file and automate all the processes but when I am trying the same with a docker file which has dep and glide packages to fetch from other repos both from public GitHub repos and private bitbucket repos. It fails with the Host Key Verification error. The same dockerfile works with Jenkins but I don't know how to solve this ssh-key error on a Hosted Ubuntu Agent.
Step 13/33 : RUN curl https://glide.sh/get | sh
---> Running in 26f7f0a19f91
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 4833 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 4833 100 4833 0 0 6943 0 --:--:-- --:--:-- --:--:-- 6934
ARCH=amd64
OS=linux
Using curl as download tool
Getting https://glide.sh/version
TAG=v0.13.3
GLIDE_DIST=glide-v0.13.3-linux-amd64.tar.gz
Downloading https://github.com/Masterminds/glide/releases/download/v0.13.3/glide-v0.13.3-linux-amd64.tar.gz
glide version v0.13.3 installed successfully
Removing intermediate container 26f7f0a19f91
---> d4aa1a720fab
Step 14/33 : RUN glide update --strip-vendor
---> Running in 4614138d27bc
[INFO] wnloading dependencies. Please wait...
[INFO] > Fetching bitbucket.org/myrepositoryname/common
[INFO] > Fetching github.com/golang/protobuf
[INFO] > Fetching bitbucket.org/myrepositoryname/myteksi
[INFO] > Fetching bitbucket.org/myrepositoryname/sdk
[INFO] > Fetching github.com/imdario/mergo
[INFO] > Fetching gopkg.in/go-playground/validator.v9
[INFO] > Fetching github.com/segmentio/kafka-go
[WARN] able to checkout bitbucket.org/myrepositoryname/common
[ERROR] date failed for bitbucket.org/myrepositoryname/common: Unable to get repository: Cloning into '/root/.glide/cache/src/git-bitbucket.org-myrepositoryname-common.git'...
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
: exit status 128
Unable to get repository: Cloning into '/root/.glide/cache/src/git-bitbucket.org-myrepositoryname.git'...
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
: exit status 128
Unable to get repository: Cloning into '/root/.glide/cache/src/git-bitbucket.org-myrepositoryname.git'...
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
: exit status 128
The command '/bin/sh -c glide update --strip-vendor' returned a non-zero code: 1
##[debug]Exit code 1 received from tool '/usr/bin/docker'
##[debug]STDIO streams have closed for tool '/usr/bin/docker'
##[error]The command '/bin/sh -c glide update --strip-vendor' returned a non-zero code: 1
##[debug]Processed: ##vso[task.issue type=error;]The command '/bin/sh -c glide update --strip-vendor' returned a non-zero code: 1
##[debug]Trying to logout from registry: ***
##[debug]DOCKER_CONFIG=/home/vsts/work/_temp/DockerConfig_1564846219701
##[debug]agent.tempDirectory=/home/vsts/work/_temp
##[debug]Found the Docker Config stored in the temp path. Docker config path: /home/vsts/work/_temp/DockerConfig_1564846219701/config.json, Docker config: {"auths": { "***": {"auth": "***", "email": "ServicePrincipal#AzureRM" } }, "HttpHeaders":{"X-Meta-Source-Client":"VSTS"} }
##[debug]Deleting Docker config directory. Path: /home/vsts/work/_temp/DockerConfig_1564846219701/config.json
##[debug]DOCKER_CONFIG=/home/vsts/work/_temp/DockerConfig_1564846219701
##[debug]agent.tempDirectory=/home/vsts/work/_temp
##[debug]Deleting Docker config directory. Path: /home/vsts/work/_temp/DockerConfig_1564846219701
##[debug]set DOCKER_CONFIG=
##[debug]Processed: ##vso[task.setvariable variable=DOCKER_CONFIG;issecret=false;]
##[debug]task result: Failed
##[error]The process '/usr/bin/docker' failed with exit code 1
##[debug]Processed: ##vso[task.issue type=error;]The process '/usr/bin/docker' failed with exit code 1
##[debug]Processed: ##vso[task.complete result=Failed;]The process '/usr/bin/docker' failed with exit code 1
package: bitbucket.org/grabpay/ignite
import:
- package: bitbucket.org/myrepositoryname/common
repo: git#bitbucket.org:myrepositoryname/common.git
version: devel
subpackages:
- crimson
- track
- package: bitbucket.org/myrepositoryname/myfolder1
repo: git#bitbucket.org:myrepositoryname/myfolder1.git
version: fface9afbb72a739d0de8c8969e0fa06fda44614
- package: bitbucket.org/myrepositoryname/myfolder2
repo: git#bitbucket.org:myrepositoryname/myfolder2.git
version: master
- package: github.com/imdario/mergo
version: 2b9c8687f09d230f37f169eea24e1951bb7d1191
- package: gopkg.in/go-playground/validator.v9
- package: github.com/segmentio/kafka-go
- package: github.com/golang/protobuf
version: ^1.3.1
The above file is the dependency repos that are to be fetched using glide.yml file.
I fixed it finally, what I needed was a service account which has read access to all the repos that glide is trying to access. Read access was required for all those repos with a Bitbucket Service Connection in Azure Pipeline. The error is not specific to glide, it is more inclined with the git repo access.