Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spire 1.6.4 and 1.7.0 releases for Linux/arm64 fail down with sqlite3 settings in config #4346

Closed
bellycat77 opened this issue Jul 19, 2023 · 2 comments · Fixed by #4491
Closed

Spire 1.6.4 and 1.7.0 releases for Linux/arm64 fail down with sqlite3 settings in config #4346

bellycat77 opened this issue Jul 19, 2023 · 2 comments · Fixed by #4491
Assignees
@azdagron
Labels
priority/urgent Issue is approved and is must be completed in the assigned milestone
Milestone
1.8.0

Comments

@bellycat77
Copy link

bellycat77 commented Jul 19, 2023
edited
Loading 

# ./spire-1.6.4/bin/spire-server run -config spire-1.6.4/conf/server/server.conf
WARN[0000] default_x509_svid_ttl is too high for the configured ca_ttl value. SVIDs with shorter lifetimes may be issued. Please set default_x509_svid_ttl to 28h or less, or the ca_ttl to 288h or more, to guarantee the full default_x509_svid_ttl lifetime when CA rotations are scheduled. 
WARN[0000] Current umask 0022 is too permissive; setting umask 0027 
INFO[0000] Configured                  admin_ids="[]" data_dir=./data/server
INFO[0000] Opening SQL database             db_type=sqlite3 subsystem_name=sql
ERRO[0000] Fatal run error                error="sqlite3 is not a supported dialect when CGO is not enabled"
ERRO[0000] Server crashed                error="sqlite3 is not a supported dialect when CGO is not enabled"

Environment details
OS: macOS Ventura 13.4/ CPU M1
Docker Desktop: v4.21.1
Docker Engine: 24.0.2
Used docker images: golang:1.20.5-buster and arm64v8/ubuntu:22.04

N.B.: The server built inside the container from sources works well
@bellycat77
Copy link
Author

The steps for reproducing in MacOS:

% docker pull golang:1.20.5-buster
% docker run -it golang:1.20.5-buster
root@bb2e1925286c:/go# cd /
root@bb2e1925286c:/# wget https://github.com/spiffe/spire/releases/download/v1.7.0/spire-1.7.0-linux-arm64-glibc.tar.gz
root@bb2e1925286c:/# tar zxf spire-1.7.0-linux-arm64-glibc.tar.gz
root@bb2e1925286c:/# spire-1.7.0/bin/spire-server run -config spire-1.7.0/conf/server/server.conf 
WARN[0000] default_x509_svid_ttl is too high for the configured ca_ttl value. SVIDs with shorter lifetimes may be issued. Please set default_x509_svid_ttl to 28h or less, or the ca_ttl to 288h or more, to guarantee the full default_x509_svid_ttl lifetime when CA rotations are scheduled. 
WARN[0000] Current umask 0022 is too permissive; setting umask 0027 
INFO[0000] Configured                                    admin_ids="[]" data_dir=./data/server
INFO[0000] Opening SQL database                          db_type=sqlite3 subsystem_name=sql
ERRO[0000] Fatal run error                               error="sqlite3 is not a supported dialect when CGO is not enabled"
ERRO[0000] Server crashed                                error="sqlite3 is not a supported dialect when CGO is not enabled"
root@bb2e1925286c:/#

@bellycat77 bellycat77 mentioned this issue Jul 19, 2023
Closed
@bellycat77 bellycat77 changed the title Spire 1.6.4 and 1.7.0 releases for Linux/arm64 fails down with sqlite3 settings in config Spire 1.6.4 and 1.7.0 releases for Linux/arm64 fail down with sqlite3 settings in config Jul 19, 2023
@evan2645 evan2645 added triage/in-progress Issue triage is in progress priority/urgent Issue is approved and is must be completed in the assigned milestone and removed triage/in-progress Issue triage is in progress labels Jul 20, 2023
@evan2645 evan2645 added this to the 1.7.2 milestone Jul 20, 2023
@bellycat77 bellycat77 mentioned this issue Jul 24, 2023
Open
@rturner3 rturner3 modified the milestones: 1.7.2, 1.8.0 Aug 8, 2023
@bellycat77
Copy link
Author

It looks like release 1.7.2 didn't solve the issue

% docker pull golang:1.20.5-buster
% docker run -it golang:1.20.5-buster
root@7d3831308416:/go# wget https://github.com/spiffe/spire/releases/download/v1.7.2/spire-1.7.2-linux-arm64-glibc.tar.gz
root@7d3831308416:/go# tar zxf spire-1.7.2-linux-arm64-glibc.tar.gz 
root@7d3831308416:/go# spire-1.7.2/bin/spire-server run -config spire-1.7.2/conf/server/server.conf 
WARN[0000] default_x509_svid_ttl is too high for the configured ca_ttl value. SVIDs with shorter lifetimes may be issued. Please set default_x509_svid_ttl to 28h or less, or the ca_ttl to 288h or more, to guarantee the full default_x509_svid_ttl lifetime when CA rotations are scheduled. 
WARN[0000] Current umask 0022 is too permissive; setting umask 0027 
INFO[0000] Configured                                    admin_ids="[]" data_dir=./data/server
INFO[0000] Opening SQL database                          db_type=sqlite3 subsystem_name=sql
ERRO[0000] Fatal run error                               error="sqlite3 is not a supported dialect when CGO is not enabled"
ERRO[0000] Server crashed                                error="sqlite3 is not a supported dialect when CGO is not enabled"

azdagron added a commit to azdagron/spire that referenced this issue Sep 13, 2023
@azdagron
Source binaries for linux artifacts from docker images
bddf583 
This gives us static binaries linked against musl for our release
artifacts, unifying our libc dependency for both docker and non-docker
and simplifying our build tooling.

Since artifact building is now fairly complicated and really only part
of the CI/CD pipeline, got rid of the Makefile target for it.

Fixes: spiffe#4346

Signed-off-by: Andrew Harding <[email protected]>
azdagron added a commit to azdagron/spire that referenced this issue Sep 13, 2023
@azdagron
Source binaries for linux artifacts from docker images
2d20f08 
This gives us static binaries linked against musl for our release
artifacts, unifying our libc dependency for both docker and non-docker
and simplifying our build tooling.

Since artifact building is now fairly complicated and really only part
of the CI/CD pipeline, got rid of the Makefile target for it.

Fixes: spiffe#4346

Signed-off-by: Andrew Harding <[email protected]>
@azdagron azdagron mentioned this issue Sep 13, 2023
Merged
azdagron added a commit to azdagron/spire that referenced this issue Sep 13, 2023
@azdagron
Source binaries for linux artifacts from docker images
33eb9b1 
This gives us static binaries linked against musl for our release
artifacts, unifying our libc dependency for both docker and non-docker
and simplifying our build tooling.

Since artifact building is now fairly complicated and really only part
of the CI/CD pipeline, got rid of the Makefile target for it.

Fixes: spiffe#4346

Signed-off-by: Andrew Harding <[email protected]>
azdagron added a commit to azdagron/spire that referenced this issue Sep 13, 2023
@azdagron
Source binaries for linux artifacts from docker images
62586ba 
This gives us static binaries linked against musl for our release
artifacts, unifying our libc dependency for both docker and non-docker
and simplifying our build tooling.

Since artifact building is now fairly complicated and really only part
of the CI/CD pipeline, got rid of the Makefile target for it.

Fixes: spiffe#4346

Signed-off-by: Andrew Harding <[email protected]>
rturner3 pushed a commit that referenced this issue Sep 13, 2023
@azdagron
Source binaries for linux artifacts from docker images (#4491)
3ba6756 
* Source binaries for linux artifacts from docker images

This gives us static binaries linked against musl for our release
artifacts, unifying our libc dependency for both docker and non-docker
and simplifying our build tooling.

Since artifact building is now fairly complicated and really only part
of the CI/CD pipeline, got rid of the Makefile target for it.

Fixes: #4346

Signed-off-by: Andrew Harding <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@azdagron azdagron

Labels
priority/urgent Issue is approved and is must be completed in the assigned milestone
Projects
None yet
Milestone
1.8.0
Development

Successfully merging a pull request may close this issue.

Source binaries for linux artifacts from docker images azdagron/spire
4 participants
@evan2645 @azdagron @rturner3 @bellycat77