Intermittent 'No such file or directory' when using "atomic sign ..."
NEL123 opened this issue · 0 comments
NEL123 commented
We have an intermittent issue with atomic trying to sign our docker containers.
Most of the time, the shell command succeeds but at periods, it sometimes fails with a "No such file or directory" error. Then, during the exception handling, another exception occurs and it seems to swallow information that would be useful in debugging this.
The docker manifest itself has schemaVersion 2 and mediaType application/vnd.docker.distribution.manifest.v2+json , as well as a config object and an array of layers objects.
We are using both skopeo and atomic, latest versions from github
$ atomic --debug sign -g /home/nel123/.gnupg -d /mnt/signatures --sign-by nel123@my-company.com my-docker-repository:5000/my-image:c97f5e1
Results in:
16:54:08 time="2019-01-10T16:54:08+01:00" level=fatal msg="Error creating signature: No such file or directory"
16:54:08
16:54:08 Traceback (most recent call last):
16:54:08 File "/usr/bin/atomic", line 185, in <module>
16:54:08 sys.exit(_func())
16:54:08 File "/usr/lib/python3.7/site-packages/Atomic/sign.py", line 137, in sign
16:54:08 self.get_fingerprint(signer, self.args.debug), fq_sig_path, debug=self.args.debug)
16:54:08 File "/usr/lib/python3.7/site-packages/Atomic/util.py", line 412, in skopeo_standalone_sign
16:54:08 return check_call(cmd, env=os.environ)
16:54:08 File "/usr/lib/python3.7/site-packages/Atomic/util.py", line 214, in check_call
16:54:08 return subprocess.check_call(cmd, env=env, stdin=stdin, stderr=stderr, stdout=stdout, close_fds=True)
16:54:08 File "/usr/lib64/python3.7/subprocess.py", line 341, in check_call
16:54:08 raise CalledProcessError(retcode, cmd)
16:54:08 subprocess.CalledProcessError: Command '['/usr/bin/skopeo', '--debug', 'standalone-sign', '/tmp/tmpz2lyzw87', 'my-docker-repository:5000/my-image:c97f5e1', '4B46D85EC2AB015351D0C66769B45CF593CAD65E', '-o', '/mnt/signatures/my-image@sha256=cb3d989b21900904447c082b2aded6033c5b0d641134040fefe740c474bdf1e9/signature-1']' returned non-zero exit status 1.
16:54:08
16:54:08 During handling of the above exception, another exception occurred:
16:54:08
16:54:08 Traceback (most recent call last):
16:54:08 File "/usr/bin/atomic", line 201, in <module>
16:54:08 sys.exit(e.returncode)
16:54:08 SystemExit: 1
16:54:32 Namespace(_class=<class 'Atomic.sign.Sign'>, assumeyes=False, debug=True, func='sign', gnupghome='/home/nel123/.gnupg', ignore=False, images=['my-docker-repository:5000/my-image:c97f5e1'], profile=False, sign_by='nel123@my-company.com', signature_path='/mnt/signatures')
16:54:32 [
16:54:32 {
16:54:32 "search": true,
16:54:32 "hostname": "registry.centos.org",
16:54:32 "name": "registry.centos.org",
16:54:32 "secure": true
16:54:32 },
16:54:32 {
16:54:32 "search": true,
16:54:32 "hostname": "docker.io",
16:54:32 "name": "docker.io",
16:54:32 "secure": true
16:54:32 },
16:54:32 {
16:54:32 "search": true,
16:54:32 "hostname": "registry.fedoraproject.org",
16:54:32 "name": "registry.fedoraproject.org",
16:54:32 "secure": true
16:54:32 },
16:54:32 {
16:54:32 "search": true,
16:54:32 "hostname": "quay.io",
16:54:32 "name": "quay.io",
16:54:32 "secure": true
16:54:32 },
16:54:32 {
16:54:32 "search": true,
16:54:32 "hostname": "registry.access.redhat.com",
16:54:32 "name": "registry.access.redhat.com",
16:54:32 "secure": true
16:54:32 }
16:54:32 ]
16:54:32 Executing: /usr/bin/skopeo --debug standalone-sign /tmp/tmpz2lyzw87 my-docker-repository:5000/my-image:c97f5e1 4B46D85EC2AB015351D0C66769B45CF593CAD65E -o /mnt/signatures/my-image@sha256=cb3d989b21900904447c082b2aded6033c5b0d641134040fefe740c474bdf1e9/signature-1