teller icon indicating copy to clipboard operation
teller copied to clipboard

Published 20 hours ago verified publisher icon tellerops

Alpine docker image support

Open r2DoesInc opened this issue 1 year ago • 4 comments

When using the linux binary I am unable to run teller-cli on an alpine based image.

$  docker run -it alpine
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
ec99f8b99825: Pull complete 
Digest: sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
Status: Downloaded newer image for alpine:latest

# wget https://github.com/tellerops/teller/releases/download/v2.0.7/teller-x86_64-linux.tar.xz
Connecting to github.com (140.82.114.4:443)
Connecting to objects.githubusercontent.com (185.199.109.133:443)
saving to 'teller-x86_64-linux.tar.xz'
teller-x86_64-linux. 100% |**************************************************************************************************************************************************************| 5769k  0:00:00 ETA
'teller-x86_64-linux.tar.xz' saved

# tar -xf teller-x86_64-linux.tar.xz 
# cd teller-x86_64-linux/
# ./teller
/bin/sh: ./teller: not found

r2DoesInc avatar Jul 05 '24 20:07 r2DoesInc

I can confirm the the issue is related to missing glibc.

I have been able make progress using https://github.com/sgerrand/alpine-pkg-glibc

r2DoesInc avatar Jul 05 '24 21:07 r2DoesInc

Using the following Dockerfile I have been able to build and use Teller on alpine.

FROM rust:alpine

ARG GLIBC_VERSION=2.34-r0
ARG TELLER_VERSION=2.0.7

RUN wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
   wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk && \
   wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-bin-${GLIBC_VERSION}.apk && \
   apk --allow-untrusted add glibc-${GLIBC_VERSION}.apk --force-overwrite && \
   apk --allow-untrusted add glibc-bin-${GLIBC_VERSION}.apk --force-overwrite 


RUN apk add openssl-dev protoc git curl musl-dev
RUN git clone https://github.com/tellerops/teller.git
RUN sed -i 's/\.with_native_roots()/\.with_native_roots()?/g' teller/teller-providers/src/providers/google_secretmanager.rs
RUN cd teller/teller-cli && RUSTFLAGS="-Ctarget-feature=-crt-static" cargo install --path . 
RUN cp /usr/local/cargo/bin/teller /usr/local/bin/teller

There are a few things here.

https://github.com/tellerops/teller/issues/295

I cannot build the project currently, I needed to apply a fix for the above issue.

We also need to use glibc-for-alpine, as I was not able to get things to run without it.

The project itself needed to be statically linked linked during the ubild process with the rust flag.

r2DoesInc avatar Jul 06 '24 16:07 r2DoesInc

it is not really "alpine docker support" but "alpine support". would love to see a "musl" build with all dependencies bundled.

last alpine with libssl1.1 and libcrypto1.1 is alpine v3.18 https://pkgs.alpinelinux.org/package/v3.18/community/x86_64/libssl1.1 https://pkgs.alpinelinux.org/packages?name=libcrypto1.1&branch=v3.18&repo=&arch=x86_64&origin=&flagged=&maintainer=

 ldd /usr/local/bin/teller
        /lib64/ld-linux-x86-64.so.2 (0x7fa30d956000)
Error loading shared library libssl.so.1.1: No such file or directory (needed by /usr/local/bin/teller)
Error loading shared library libcrypto.so.1.1: No such file or directory (needed by /usr/local/bin/teller)
        libgcc_s.so.1 => /usr/lib/libgcc_s.so.1 (0x7fa30d932000)
        libpthread.so.0 => /lib64/ld-linux-x86-64.so.2 (0x7fa30d956000)
        libm.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7fa30d956000)
        libdl.so.2 => /lib64/ld-linux-x86-64.so.2 (0x7fa30d956000)
        libc.so.6 => /lib64/ld-linux-x86-64.so.2 (0x7fa30d956000)
Error loading shared library ld-linux-x86-64.so.2: No such file or directory (needed by /usr/local/bin/teller)
Error relocating /usr/local/bin/teller: __register_atfork: symbol not found
Error relocating /usr/local/bin/teller: BIO_set_init: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_free: symbol not found
Error relocating /usr/local/bin/teller: ERR_reason_error_string: symbol not found
Error relocating /usr/local/bin/teller: BIO_new: symbol not found
Error relocating /usr/local/bin/teller: EVP_PKEY_free: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_destroy: symbol not found
Error relocating /usr/local/bin/teller: SSL_read_ex: symbol not found
Error relocating /usr/local/bin/teller: gnu_get_libc_version: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_set_default_verify_paths: symbol not found
Error relocating /usr/local/bin/teller: __res_init: symbol not found
Error relocating /usr/local/bin/teller: X509_STORE_free: symbol not found
Error relocating /usr/local/bin/teller: ERR_lib_error_string: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_read: symbol not found
Error relocating /usr/local/bin/teller: SSL_do_handshake: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_set_verify: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_new: symbol not found
Error relocating /usr/local/bin/teller: X509_up_ref: symbol not found
Error relocating /usr/local/bin/teller: BIO_clear_flags: symbol not found
Error relocating /usr/local/bin/teller: SSL_free: symbol not found
Error relocating /usr/local/bin/teller: SSL_get_peer_certificate: symbol not found
Error relocating /usr/local/bin/teller: PEM_read_bio_X509: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_free: symbol not found
Error relocating /usr/local/bin/teller: BIO_free_all: symbol not found
Error relocating /usr/local/bin/teller: ERR_func_error_string: symbol not found
Error relocating /usr/local/bin/teller: OPENSSL_init_ssl: symbol not found
Error relocating /usr/local/bin/teller: X509_VERIFY_PARAM_set_hostflags: symbol not found
Error relocating /usr/local/bin/teller: SSL_set_verify: symbol not found
Error relocating /usr/local/bin/teller: X509_verify_cert_error_string: symbol not found
Error relocating /usr/local/bin/teller: SSL_get_rbio: symbol not found
Error relocating /usr/local/bin/teller: SSL_set_ex_data: symbol not found
Error relocating /usr/local/bin/teller: SSL_new: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_use_certificate: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_set_cipher_list: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_write: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_create: symbol not found
Error relocating /usr/local/bin/teller: X509_VERIFY_PARAM_set1_host: symbol not found
Error relocating /usr/local/bin/teller: BIO_set_data: symbol not found
Error relocating /usr/local/bin/teller: SSL_get_verify_result: symbol not found
Error relocating /usr/local/bin/teller: SSL_set_bio: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_set_options: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_up_ref: symbol not found
Error relocating /usr/local/bin/teller: SSL_get_error: symbol not found
Error relocating /usr/local/bin/teller: BIO_set_flags: symbol not found
Error relocating /usr/local/bin/teller: X509_VERIFY_PARAM_set1_ip: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_ctrl: symbol not found
Error relocating /usr/local/bin/teller: i2d_X509: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_get_cert_store: symbol not found
Error relocating /usr/local/bin/teller: BIO_get_data: symbol not found
Error relocating /usr/local/bin/teller: X509_STORE_new: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_puts: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_use_PrivateKey: symbol not found
Error relocating /usr/local/bin/teller: ERR_get_error_line_data: symbol not found
Error relocating /usr/local/bin/teller: SSL_CTX_set_cert_store: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_new: symbol not found
Error relocating /usr/local/bin/teller: X509_STORE_add_cert: symbol not found
Error relocating /usr/local/bin/teller: BIO_meth_set_ctrl: symbol not found
Error relocating /usr/local/bin/teller: OpenSSL_version_num: symbol not found
Error relocating /usr/local/bin/teller: CRYPTO_get_ex_new_index: symbol not found
Error relocating /usr/local/bin/teller: SSL_ctrl: symbol not found
Error relocating /usr/local/bin/teller: SSL_get_ex_data: symbol not found
Error relocating /usr/local/bin/teller: SSL_write_ex: symbol not found
Error relocating /usr/local/bin/teller: BIO_new_mem_buf: symbol not found
Error relocating /usr/local/bin/teller: SSL_connect: symbol not found
Error relocating /usr/local/bin/teller: SSL_get0_param: symbol not found
Error relocating /usr/local/bin/teller: TLS_method: symbol not found
Error relocating /usr/local/bin/teller: X509_free: symbol not found
Error relocating /usr/local/bin/teller: SSL_shutdown: symbol not found

c33s avatar Dec 11 '24 14:12 c33s

related:

  • https://github.com/tellerops/teller/issues/290
  • https://github.com/tellerops/teller/issues/312

c33s avatar Dec 11 '24 14:12 c33s