apko icon indicating copy to clipboard operation
apko copied to clipboard
verified publisher icon chainguard-dev

Apko build fails with SBOM issues with no push access to registry

Open strongjz opened this issue 3 years ago • 1 comments

Link to apko file https://github.com/strongjz/ingress-nginx/blob/melange/images/nginx/rootfs/nginx-apko.yaml

When I remove the registry, it builds fine. Is this because the build is trying to push the SBOM to the registry, which I don't have push access too.

 FILE=nginx ARCHS=$(uname -m) make apko
make: *** No rule to make target `apko'.  Stop.
Jamess-MBP-2:nginx strongjz$ FILE=nginx ARCHS=$(uname -m) make apko-build
docker run --rm -v "/Users/strongjz/Documents/code/go/src/github.com/kubernetes/ingress-nginx/images/nginx":/work distroless.dev/apko:latest build -k melange.rsa.pub --debug rootfs/nginx-apko.yaml gcr.io/k8s-staging-ingress-nginx/nginx:0.0 gcr.io/k8s-staging-ingress-nginx/nginx.tar
Sep 26 15:01:58.409 [INFO] loading config file: rootfs/nginx-apko.yaml
Sep 26 15:01:58.421 [DEBUG] [arch:aarch64] failed to probe VCS URL: opening git repository: directory /work/rootfs is not in a git repository
Sep 26 15:01:58.421 [INFO] [arch:aarch64] WARNING: ignoring archs in config, only building for current arch (arm64)
Sep 26 15:01:58.421 [INFO] [arch:aarch64] building image 'gcr.io/k8s-staging-ingress-nginx/nginx:0.0'
Sep 26 15:01:58.421 [INFO] [arch:aarch64] build context:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   working directory: /tmp/apko-2815478289
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   tarball path: 
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   use proot: false
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   source date: 1970-01-01 00:00:00 +0000 UTC
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   Docker mediatypes: false
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   SBOM output path: /work/gcr.io/k8s-staging-ingress-nginx
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   arch: aarch64
Sep 26 15:01:58.421 [INFO] [arch:aarch64] image configuration:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   contents:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     repositories: [https://dl-cdn.alpinelinux.org/alpine/edge/main @local /work/packages]
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     keyring:      []
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     packages:     [alpine-baselayout-data bash nginx@local opentracing@local msgpack-cpp@local datadog-cpp@local yaml-cpp@local zipkin-cpp@local modsecurity@local luaresty-balancer@local luacjson@local luajit@local lua-resty-cache@local lua-resty-cookie@local lua-resty-dns@local lua-resty-core@local lua-resty-global-throttle@local lua-resty-ipmatcher@local lua-resty-lock@local lua-resty-redis@local lua-resty-string@local lua-resty-upload@local]
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   entrypoint:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     type:    service-bundle
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     command:     
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     service: map[nginx:/usr/local/nginx/sbin/nginx -c /etc/nginx/nginx.conf -g "daemon off;"]
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     shell fragment: 
Sep 26 15:01:58.421 [INFO] [arch:aarch64]   accounts:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     runas:  10000
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     users:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]       - uid=10000(www-data) gid=0
Sep 26 15:01:58.421 [INFO] [arch:aarch64]     groups:
Sep 26 15:01:58.421 [INFO] [arch:aarch64]       - gid=10000(www-data) members=[]
Sep 26 15:01:58.421 [INFO] [arch:aarch64] doing pre-flight checks
Sep 26 15:01:58.421 [INFO] [arch:aarch64] building image fileystem in /tmp/apko-2815478289
Sep 26 15:01:58.421 [INFO] [arch:aarch64] initializing apk database
Sep 26 15:01:58.422 [INFO] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] running: /sbin/apk add --initdb --arch aarch64 --root /tmp/apko-2815478289
Sep 26 15:01:58.445 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] OK: 0 MiB in 0 packages
Sep 26 15:01:58.446 [INFO] [arch:aarch64] initializing apk world
Sep 26 15:01:58.446 [INFO] [arch:aarch64] initializing apk repositories
Sep 26 15:01:58.446 [INFO] [arch:aarch64] initializing apk keyring
Sep 26 15:01:58.448 [DEBUG] [arch:aarch64] appending 1 extra keys to keyring
Sep 26 15:01:58.448 [DEBUG] [arch:aarch64] installing key melange.rsa.pub
Sep 26 15:01:58.448 [DEBUG] [arch:aarch64] installing key /usr/share/apk/keys/aarch64/[email protected]
Sep 26 15:01:58.448 [DEBUG] [arch:aarch64] installing key /usr/share/apk/keys/aarch64/[email protected]
Sep 26 15:01:58.454 [INFO] [arch:aarch64] synchronizing with desired apk world
Sep 26 15:01:58.454 [INFO] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] running: /sbin/apk fix --root /tmp/apko-2815478289 --no-scripts --no-cache --update-cache --arch aarch64
Sep 26 15:01:58.459 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] fetch https://dl-cdn.alpinelinux.org/alpine/edge/main/aarch64/APKINDEX.tar.gz
Sep 26 15:01:58.727 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (1/46) Installing alpine-baselayout-data (3.3.0-r2)
Sep 26 15:01:58.742 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (2/46) Installing musl (1.2.3-r1)
Sep 26 15:01:58.765 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (3/46) Installing busybox (1.35.0-r25)
Sep 26 15:01:58.794 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (4/46) Installing busybox-binsh (1.35.0-r25)
Sep 26 15:01:58.810 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (5/46) Installing ncurses-terminfo-base (6.3_p20220924-r0)
Sep 26 15:01:58.840 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (6/46) Installing ncurses-libs (6.3_p20220924-r0)
Sep 26 15:01:58.875 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (7/46) Installing readline (8.1.2-r0)
Sep 26 15:01:58.893 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (8/46) Installing bash (5.1.16-r2)
Sep 26 15:01:58.915 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (9/46) Installing libcrypto3 (3.0.5-r2)
Sep 26 15:01:58.977 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (10/46) Installing ca-certificates (20220614-r2)
Sep 26 15:01:58.999 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (11/46) Installing brotli-libs (1.0.9-r8)
Sep 26 15:01:59.021 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (12/46) Installing nghttp2-libs (1.50.0-r0)
Sep 26 15:01:59.039 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (13/46) Installing libssl3 (3.0.5-r2)
Sep 26 15:01:59.060 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (14/46) Installing ssl_client (1.35.0-r25)
Sep 26 15:01:59.074 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (15/46) Installing zlib (1.2.12-r3)
Sep 26 15:01:59.089 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (16/46) Installing libcurl (7.85.0-r0)
Sep 26 15:01:59.110 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (17/46) Installing libgcc (12.1.1_git20220630-r6)
Sep 26 15:01:59.126 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (18/46) Installing libstdc++ (12.1.1_git20220630-r6)
Sep 26 15:01:59.154 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (19/46) Installing datadog-cpp@local (1.3.2-r0)
Sep 26 15:01:59.172 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (20/46) Installing lua-resty-cache@local (0.11-r0)
Sep 26 15:01:59.178 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (21/46) Installing lua-resty-cookie@local (303e32e512defced053a6484bc0745cf9dc0d39e-r0)
Sep 26 15:01:59.183 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (22/46) Installing luajit@local (2.1-20210510-r0)
Sep 26 15:01:59.349 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (23/46) Installing lua-resty-lrucache (0.13-r0)
Sep 26 15:01:59.370 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (24/46) Installing lua-resty-core (0.1.23-r0)
Sep 26 15:01:59.404 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (25/46) Installing lua-resty-dns@local (0.22-r0)
Sep 26 15:01:59.409 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (26/46) Installing lua-resty-global-throttle@local (0.2.0-r0)
Sep 26 15:01:59.414 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (27/46) Installing lua-resty-ipmatcher@local (211e0d2eb8bbb558b79368f89948a0bafdc23654-r0)
Sep 26 15:01:59.418 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (28/46) Installing lua-resty-lock@local (0.08-r0)
Sep 26 15:01:59.423 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (29/46) Installing lua-resty-redis@local (0.29-r0)
Sep 26 15:01:59.427 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (30/46) Installing lua-resty-string@local (9ace36f2dde09451c377c839117ade45eb02d460-r0)
Sep 26 15:01:59.433 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (31/46) Installing lua-resty-upload@local (0.10-r0)
Sep 26 15:01:59.439 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (32/46) Installing luacjson@local (4b350c531de3d71008c77ae94e59275b8371b4dc-r0)
Sep 26 15:01:59.447 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (33/46) Installing luaresty-balancer@local (0.04-r0)
Sep 26 15:01:59.452 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (34/46) Installing pcre (8.45-r2)
Sep 26 15:01:59.471 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (35/46) Installing modsecurity@local (v3.0.5-r0)
Sep 26 15:02:02.166 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (36/46) Installing msgpack-cpp@local (3.3.0-r0)
Sep 26 15:02:02.218 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (37/46) Installing geoip (1.6.12-r2)
Sep 26 15:02:02.236 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (38/46) Installing libmaxminddb-libs (1.6.0-r1)
Sep 26 15:02:02.274 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (39/46) Installing nginx@local (1.19.10-r0)
Sep 26 15:02:02.791 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (40/46) Installing opentracing@local (f86b33f3d9e7322b1298ba62d5ffa7a9519c4c41-r0)
Sep 26 15:02:02.797 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (41/46) Installing skalibs (2.12.0.0-r0)
Sep 26 15:02:02.813 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (42/46) Installing s6-ipcserver (2.11.1.2-r0)
Sep 26 15:02:02.827 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (43/46) Installing execline (2.9.0.1-r0)
Sep 26 15:02:02.847 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (44/46) Installing s6 (2.11.1.2-r0)
Sep 26 15:02:02.869 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (45/46) Installing yaml-cpp@local (yaml-cpp-0.7.0-r0)
Sep 26 15:02:02.882 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] (46/46) Installing zipkin-cpp@local (f69593138ff84ca2f6bc115992e18ca3d35f344a-r0)
Sep 26 15:02:03.034 [DEBUG] [arch:aarch64] [cmd:apk] [use-proot:false] [use-qemu:] OK: 345 MiB in 46 packages
Sep 26 15:02:03.043 [INFO] [arch:aarch64] creating user 10000(www-data)
Sep 26 15:02:03.043 [WARNING] [arch:aarch64] guessing unset GID for user {www-data 10000 0}
Sep 26 15:02:03.043 [INFO] [arch:aarch64] creating group 10000(www-data)
Sep 26 15:02:03.049 [INFO] [arch:aarch64] [cmd:/bin/busybox] [use-proot:false] [use-qemu:] running: /usr/sbin/chroot /tmp/apko-2815478289 /bin/busybox --install -s
Sep 26 15:02:03.056 [INFO] [arch:aarch64] generating supervision tree
Sep 26 15:02:03.056 [DEBUG] [arch:aarch64] simple service: nginx => /usr/local/nginx/sbin/nginx -c /etc/nginx/nginx.conf -g "daemon off;"
Sep 26 15:02:03.056 [DEBUG] [arch:aarch64]   supervision dir: /tmp/apko-2815478289/sv/nginx
Sep 26 15:02:03.056 [INFO] [arch:aarch64] finished building filesystem in /tmp/apko-2815478289
Sep 26 15:02:05.002 [INFO] [arch:aarch64] built image layer tarball as /tmp/apko-temp-3121089796/apko-aarch64.tar.gz
Sep 26 15:02:05.002 [DEBUG] [arch:aarch64] Not generating SBOMs (WantSBOM = false)
Error: generating SBOMs: generating SBOMs: generating sboms: generating spdx sbom: rendering document: opening SBOM path /work/gcr.io/k8s-staging-ingress-nginx/sbom-aarch64.spdx.json for writing: open /work/gcr.io/k8s-staging-ingress-nginx/sbom-aarch64.spdx.json: no such file or directory
2022/09/26 15:02:06 error during command execution: generating SBOMs: generating SBOMs: generating sboms: generating spdx sbom: rendering document: opening SBOM path /work/gcr.io/k8s-staging-ingress-nginx/sbom-aarch64.spdx.json for writing: open /work/gcr.io/k8s-staging-ingress-nginx/sbom-aarch64.spdx.json: no such file or directory
make: *** [apko-build] Error 1

strongjz avatar Sep 26 '22 15:09 strongjz

This seems to be an issue with permissions on the /work directory.

kaniini avatar Oct 18 '22 16:10 kaniini