Alpine does not use https to fetch the image

[graywolf]

Currently alpine script does not use https to fetch the image

https://github.com/vpsfreecz/build-vpsfree-templates/blob/master/include/alpine.sh#L5

I'm willing to try to give a shot debugging this, but README.md is bit short on details how to run this. Could I get some pointers? Do we have a wiki page somewhere for that or something?

[aither64]

Please see #32.

Templates are built using ./bin/build-vpsfree-templates run as root, e.g. ./bin/build-vpsfree-templates alpine-3.11. Resulting archive is saved in /var/build. I wouldn't run the build on a system you care about, I recommend running it on a VPS, container or a VM.

The master branch contains templates for OpenVZ, vpsadminos branch is for vpsAdminOS, i.e. staging. The scripts work similarly, but the build process is very different, although better documented.

[graywolf]

Well ignoring some errors later on it seems that the fetch itself works fine
with the https:

$ docker run --init --rm -it alpine sh -c 'apk upgrade -Ua && apk add bash coreutils git openssl && git clone --depth=1 https://github.com/vpsfreecz/build-vpsfree-templates foo && sed -i
s~http://~https://~ /foo/include/alpine.sh && DEBUG=yes /foo/bin/build-vpsfree-templates alpine-3.11'
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
(1/2) Upgrading busybox (1.30.1-r2 -> 1.30.1-r3)
Executing busybox-1.30.1-r3.post-upgrade
(2/2) Upgrading ssl_client (1.30.1-r2 -> 1.30.1-r3)
Executing busybox-1.30.1-r3.trigger
OK: 6 MiB in 14 packages
(1/15) Installing ncurses-terminfo-base (6.1_p20190518-r0)
(2/15) Installing ncurses-terminfo (6.1_p20190518-r0)
(3/15) Installing ncurses-libs (6.1_p20190518-r0)
(4/15) Installing readline (8.0.0-r0)
(5/15) Installing bash (5.0.0-r0)
Executing bash-5.0.0-r0.post-install
(6/15) Installing libacl (2.2.52-r6)
(7/15) Installing libattr (2.4.48-r0)
(8/15) Installing coreutils (8.31-r0)
(9/15) Installing ca-certificates (20190108-r0)
(10/15) Installing nghttp2-libs (1.39.2-r0)
(11/15) Installing libcurl (7.66.0-r0)
(12/15) Installing expat (2.2.8-r0)
(13/15) Installing pcre2 (10.33-r0)
(14/15) Installing git (2.22.2-r0)
(15/15) Installing openssl (1.1.1d-r0)
Executing busybox-1.30.1-r3.trigger
Executing ca-certificates-20190108-r0.trigger
OK: 32 MiB in 29 packages
Cloning into 'foo'...
remote: Enumerating objects: 52, done.
remote: Counting objects: 100% (52/52), done.
remote: Compressing objects: 100% (45/45), done.
remote: Total 52 (delta 11), reused 18 (delta 0), pack-reused 0
Unpacking objects: 100% (52/52), done.
Building alpine-3.11 ...
==> Fetching and verifying APK keys...
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-524d27bb.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-58199dcc.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-58cbb476.rsa.pub: OK
Connecting to alpinelinux.org (147.75.101.119:443)
-                    100% |***********************************************************************************************************************************************|   451  0:00:00 ETA
alpine-devel@lists.alpinelinux.org-58e4f17d.rsa.pub: OK
==> Fetching apk-tools static binary...
Connecting to cz.alpinelinux.org (83.167.228.30:443)
-                    100% |***********************************************************************************************************************************************|  701k  0:00:00 ETA
Connecting to cz.alpinelinux.org (83.167.228.30:443)
-                    100% |***********************************************************************************************************************************************| 1328k  0:00:00 ETA
Verified OK
apk-tools 2.10.4, compiled for x86_64.
==> Installing Alpine Linux in /var/build/install.Mw3...
fetch https://cz.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz
fetch https://cz.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz
(1/19) Installing musl (1.1.24-r0)
(2/19) Installing busybox (1.31.1-r8)
Executing busybox-1.31.1-r8.post-install
(3/19) Installing alpine-baselayout (3.2.0-r3)
Executing alpine-baselayout-3.2.0-r3.pre-install
Executing alpine-baselayout-3.2.0-r3.post-install
(4/19) Installing openrc (0.42.1-r0)
Executing openrc-0.42.1-r0.post-install
(5/19) Installing alpine-conf (3.8.3-r4)
(6/19) Installing libcrypto1.1 (1.1.1d-r2)
(7/19) Installing libssl1.1 (1.1.1d-r2)
(8/19) Installing ca-certificates-cacert (20191127-r0)
(9/19) Installing libtls-standalone (2.9.1-r0)
(10/19) Installing ssl_client (1.31.1-r8)
(11/19) Installing zlib (1.2.11-r3)
(12/19) Installing apk-tools (2.10.4-r3)
(13/19) Installing busybox-suid (1.31.1-r8)
(14/19) Installing busybox-initscripts (3.2-r2)
Executing busybox-initscripts-3.2-r2.post-install
(15/19) Installing scanelf (1.2.4-r0)
(16/19) Installing musl-utils (1.1.24-r0)
(17/19) Installing libc-utils (0.7.2-r0)
(18/19) Installing alpine-keys (2.1-r2)
(19/19) Installing alpine-base (3.11.0-r0)
Executing busybox-1.31.1-r8.trigger
OK: 8 MiB in 19 packages
==> Configuring Alpine Linux...
mount: permission denied (are you root?)
mount: permission denied (are you root?)
mount: permission denied (are you root?)
chroot: failed to run command ‘/tmp/configure.sh’: Exec format error
umount: can't unmount /var/build/install.Mw3/dev: Operation not permitted
umount: can't unmount /var/build/install.Mw3/sys: Operation not permitted
umount: can't unmount /var/build/install.Mw3/proc: Operation not permitted
==> Cleaning up...
Packing template into /var/build/alpine-3.11-x86_64-vpsfree.tar.gz ...
Cleanup ...

Can you easily try it somewhere close to where it is actually run for generating
production templates to see if it still fails there? Or any idea what I've done
differently so that it works for me?