You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Actual behavior
A clear and concise description of what the bug is.
When calling wget to pull down a repo from GitLab, the builder is reporting the following errors:
Connecting to gitlab.dhe.duke.edu (...)
wget: note: TLS certificate validation not implemented
wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer
Our team has verified that Gitlab has dropped support for TLS versions below 1.2 as well as various cyphers. The latest builder is using busybox 1.36, which has a buggy version of wget that can't handle some modern tls.
Expected behavior
wget runs without issue.
To Reproduce
When using the kaniko image, the shell script command:
Additional Information
In following this issue that had previously been closed (see below), looks like this is solved with busybox 1.37. Latest busybox:musl includes this fix, however, that fix seemed to get moved after the most recent kaniko build, so a recompile may be all that's needed here.
Actual behavior
A clear and concise description of what the bug is.
When calling wget to pull down a repo from GitLab, the builder is reporting the following errors:
Connecting to gitlab.dhe.duke.edu (...)
wget: note: TLS certificate validation not implemented
wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer
Our team has verified that Gitlab has dropped support for TLS versions below 1.2 as well as various cyphers. The latest builder is using busybox 1.36, which has a buggy version of wget that can't handle some modern tls.
Expected behavior
wget runs without issue.
To Reproduce
When using the kaniko image, the shell script command:
- 'wget --header "PRIVATE-TOKEN: ..." -O build/Dockerfile "${CI_API_V4_URL}/projects/2464/repository/files/${TEMPLATE_DOCKERFILE}/raw?ref=${TEMPLATE_BRANCH}"'is returning the error stated above.
Additional Information
In following this issue that had previously been closed (see below), looks like this is solved with busybox 1.37. Latest busybox:musl includes this fix, however, that fix seemed to get moved after the most recent kaniko build, so a recompile may be all that's needed here.
(#2765
Triage Notes for the Maintainers
--cacheflagThe text was updated successfully, but these errors were encountered: