Error in updating to TUF remote mirror
Closed this issue · 6 comments
What happened:
when deploying falco with falcoctl, its init container fails to install artifacts
$ klf falco-zbm59 -c falcoctl-artifact-install
INFO: Installing the following artifacts: [ghcr.io/falcosecurity/rules/falco-rules:2]
INFO: Preparing to pull "ghcr.io/falcosecurity/rules/falco-rules:2"
INFO: Pulling 5edca1a8eea6
INFO: Pulling 48b6c5ae7a61
INFO: Pulling 8ac74658d3a4
INFO: Verifying signature for ghcr.io/falcosecurity/rules/falco-rules@sha256:8ac74658d3a4b3d4db6228db23b5706c1cf5e25f33c8eb33881e28f660a43828
ERRO: error while verifying signature for ghcr.io/falcosecurity/rules/falco-rules@sha256:8ac74658d3a4b3d4db6228db23b5706c1cf5e25f33c8eb33881e28f660a43828: getting Rekor public keys: updating local metadata and targets: error updating to TUF remote mirror: tuf: failed to download 8.root.json: GET "https://tuf-repo-cdn.sigstore.dev/8.root.json": unexpected HTTP status 403
remote status:{
"mirror": "https://tuf-repo-cdn.sigstore.dev",
"metadata": {}
}
What you expected to happen:
How to reproduce it (as minimally and precisely as possible):
helm install falco -f values.yaml .
Anything else we need to know?:
I've build the falcoctl binary from source and then execute it outside the container, the artifacts downloaded successfully.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen
.
Mark the issue as fresh with /remove-lifecycle rotten
.
Provide feedback via https://github.com/falcosecurity/community.
/close
@poiana: Closing this issue.
In response to this:
Rotten issues close after 30d of inactivity.
Reopen the issue with
/reopen
.Mark the issue as fresh with
/remove-lifecycle rotten
.Provide feedback via https://github.com/falcosecurity/community.
/close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.