Comments (8)
I did verify we are running Zarf 0.26.2 in all locations so should have all matched
from zarf.
Interesting... The checksums are stored at the root of a zarf package and should always match the image layer SHA (hence the filename images/blobs/sha256/e543d039704a927686af50ee12c85b8e8fff304c933b202624bbc705cf60161a
and the expected SHA e543d039704a927686af50ee12c85b8e8fff304c933b202624bbc705cf60161a
matching each other). Have you observed flakiness where it starts working again? Or does it always fail once it starts to fail?
Also just to check, are you using the same Zarf version between package create and deploy?
Also if you really need to and want to push past this error you could run with --insecure
though I would recommend only doing that on a test instance since there is a chance of there being a corrupted layer. Under the hood Zarf unpacks the package to the temporary directory of the system and afterwards checks the package checksums before proceeding - something could be going wrong during this unarchive/copy process. When Zarf fails it leaves these files behind for inspection and you could use zarf prepare sha256sum <filepath>
to investigate the files more directly.
from zarf.
Interesting you say that. I have seen it to be that it will eventually work if you either do it enough times or I was also seeing I rebooted the machine it would work after reboot the first time. We actually tried to use - -insecure but that didn't seem to help. I will verify but I'm fairly certain our zarf versions matched as I was worried that could be a potential issue.
from zarf.
Rebooting the machine is an interesting symptom... Are you specifying --tmpdir
at all or just using /tmp
? If you run rm -rf /tmp/zarf-*
does that have the same effect as rebooting?
from zarf.
(also looking at the code the --insecure
flag help text is wrong (or at least misleading) we do disable the validation of signatures (and thus you can modify the checksums to match) but we still always look at the checksums if they are present - will make a note to update that)
from zarf.
No I am not specifying --tmpdir, so it would just be /tmp, I actually didn't realize until recently how much stuff was dumped into /tmp on failures, but I don't believe I ever tried to clear that out during a checksum failure. I know I did `rm -rf /tmp/zarf-*' at one point but I can't 100% recall if it was around the checksum time. Next time I see it though I will give that a try. I know we are a few releases behind, is there anything on the newer releases since 0.26.2 that would have fixed anything in regards to this?
from zarf.
There have been some minor refactors done to checksum handling in the intervening versions but there shouldn't have been any behavioral changes
from zarf.
Closing as stale.
If you are still seeing this issue @joelcomp1, feel free to re-open and provide the team w/ more info!
from zarf.
Related Issues (20)
- Cannot zarf init on microk8s due to 127.0.0.1 IP hardcoding HOT 2
- Add `zarf tools yq` (or similar) for easily parsing yaml files HOT 2
- docs: autogen built-in variables documentation
- zarf package mirror-resources should either default to the zarf registry / zarf git server or require either --registry-url or --git-url
- ci: add a workflow that enforces PR titles follow the conventional commit spec
- NginX Ingress Controller - provided digest did not match uploaded content HOT 2
- TextTemplate type is no longer public HOT 1
- `--differential` no longer supports absolute paths
- How to handle helm charts in a flux deployment HOT 5
- Ability to control deploy-to namespace using a Zarf Variable
- Zarf fails when pulling from Nvidia's container registry HOT 6
- Bug: Zarf fails to init successfully if there's a pod that's currently stuck in terminating state and the node on that terminating pod doesn't exist anymore HOT 1
- wait-for waits the full timeout with nonexistent or nonvalid kubeconfig HOT 1
- Remove bigbang "private" key from git history HOT 1
- Refactor and document `dataInjections`
- test: add a benchmark test for image pulls HOT 2
- Image Index Sha
- docs: update style guide
- Zarf "contributor guide" sends to a 404 page.
- When publishing a package from a tarball the resulting oci image is tagged incorrectly HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zarf.