OTA issues from Torizon Platform and Github Actions

Technical Support
, , , , , ,
21

Hi @matheus.tx

I tried with the early access version. The other errors are gone but now it fails while trying to access the image:

Digest: sha256:604ace06a633ba087bc9e0f7ba12b8881ce28094f6c2db5a12510c2b7cbec05c
Status: Downloaded newer image for torizon/torizoncore-builder:early-access
You are running an early access version of TorizonCore Builder.
Access to manifest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction' was not authorized; be sure to pass a proper username/password pair for the registry.
Error: Could not determine digest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction'.
> TASK tcb-platform-publish exited with error code 255 <
Error: Process completed with exit code 1.

It appears it cant access the docker registry. But in a previous step, it is able to push the image to the registry:

imagePreProduction: digest: sha256:9a0444772e1c4e30a657a187ab015070850878b5f84a5d94bdc17d910aac9834 size: 3447
✅ Image push OK
Importing powershell-yaml ...
Installing powershell-yaml ...
✅ powershell-yaml loaded
Reading docker-compose.yml file ...
✅ docker-compose.yml loaded
Cleaning services ...
✅ services cleaned
Replacing variables ...
✅ variables replaced
✅ docker-compose.prod.yml created
> Executing task: tcb-platform-publish <
echo "DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s ${global:workspaceFolder}/storage -t ${global:config:tcb.version}"
Setting up TorizonCore Builder with version early-access.

Apparently this was fixed in the local machine with following suggestion from @jeremias.tx

I added the following flags to the tcb-platform-publish task:

--force --login ${command:docker_login} ${command:docker_password}
22

Ok, so the issues only occur now if you remove the flags, right?

23

No @matheus.tx , I have the flags added in my tasks.json. I am working with a private repository.

24

Hey @geopaxpvtltd

could you please share with me the content of the file .vscode/settings.json?
I have an idea of ​​what it could be, but I’m not sure, I wanted to confirm with the content of your settings.json.

BR,

25

Hi @matheus.tx

Pl check the following:

{
  "torizon_psswd": "hasann99",
  "torizon_login": "torizon",
  "torizon_ip": "192.168.0.158",
  "host_ip": "192.168.0.247",
  "torizon_workspace": "${workspaceFolder}",
  "torizon_debug_port": "",
  "torizon_debug_ssh_port": "2230",
  "torizon_debug_port2": "",
  "terminal.integrated.defaultProfile.linux": "bash",
  "torizon_debug_port3": "",
  "torizon_gpu": "-vivante",
  "torizon_arch": "aarch64",
  "wait_sync": "1",
  "torizon_run_as": "torizon",
  "torizon_app_root": "/home/torizon",
  "tcb.packageName": "GeopaxApp",
  "tcb.version": "early-access",
  "files.associations": {
    "cctype": "cpp",
    "clocale": "cpp",
    "cmath": "cpp",
    "cstdarg": "cpp",
    "cstddef": "cpp",
    "cstdio": "cpp",
    "cstdlib": "cpp",
    "cstring": "cpp",
    "ctime": "cpp",
    "cwchar": "cpp",
    "cwctype": "cpp",
    "array": "cpp",
    "atomic": "cpp",
    "bit": "cpp",
    "*.tcc": "cpp",
    "bitset": "cpp",
    "chrono": "cpp",
    "compare": "cpp",
    "concepts": "cpp",
    "condition_variable": "cpp",
    "cstdint": "cpp",
    "deque": "cpp",
    "list": "cpp",
    "map": "cpp",
    "string": "cpp",
    "unordered_map": "cpp",
    "vector": "cpp",
    "exception": "cpp",
    "algorithm": "cpp",
    "functional": "cpp",
    "iterator": "cpp",
    "memory": "cpp",
    "memory_resource": "cpp",
    "numeric": "cpp",
    "optional": "cpp",
    "random": "cpp",
    "ratio": "cpp",
    "regex": "cpp",
    "string_view": "cpp",
    "system_error": "cpp",
    "tuple": "cpp",
    "type_traits": "cpp",
    "utility": "cpp",
    "fstream": "cpp",
    "future": "cpp",
    "initializer_list": "cpp",
    "iomanip": "cpp",
    "iosfwd": "cpp",
    "iostream": "cpp",
    "istream": "cpp",
    "limits": "cpp",
    "mutex": "cpp",
    "new": "cpp",
    "numbers": "cpp",
    "ostream": "cpp",
    "semaphore": "cpp",
    "sstream": "cpp",
    "stdexcept": "cpp",
    "stop_token": "cpp",
    "streambuf": "cpp",
    "thread": "cpp",
    "cinttypes": "cpp",
    "typeinfo": "cpp",
    "net.h": "c",
    "mongoose.h": "c",
    "csignal": "cpp",
    "any": "cpp",
    "codecvt": "cpp",
    "complex": "cpp",
    "forward_list": "cpp",
    "set": "cpp",
    "unordered_set": "cpp",
    "netfwd": "cpp",
    "ranges": "cpp",
    "span": "cpp",
    "cfenv": "cpp",
    "typeindex": "cpp",
    "valarray": "cpp",
    "variant": "cpp",
    "*.ipp": "cpp"
  },
  "todo-tree.tree.showCountsInTree": true,
  "docker_registry": "geopaxpvtltd",
  "docker_password": "secret",
  "docker_tag": "imagePreProduction",
  "tcb.clientId": "", (I removed this text for security, otherwise it is a long string)
  "tcb.clientSecret": "", (I removed this text for security)
  "tcb.fleetName": "testFleet1",
  "tcb.remotePassword": "hasann99",
  "tcb.remoteUserName": "torizon",
  "docker_login": "geopaxpvtltd",
  "docker.environment": {
    "DOCKER_HOST": "tcp://192.168.0.158:2375"
  },
}
26

@geopaxpvtltd thanks!
These (I removed this text for security) should be only "secret" value. Because the actual value should be stored in the operating system vault. Are these something different from "secret"? Because if yes, this is a critical bug. The "tcb.clientId" is not a secret, and is not an issue have it readable here, but the problem is the `“tcb.clientSecret”.

My idea was that the docker_login was not set, but I see that it is set. So, I need to dig in to check what is the root cause here.

BR,

27

When I originally started with this and added these information using fill-pipeline settings, it was set as a secret. Then I manually changed this by going in to the vscode->settings->workspace to see if there was an issue with this. Now, if I remove these settings, and again run the fill pipeline settings task, these are stored as a secret. After resolving the other issues, I forgot to turn it back.

1 Like
28

Hey @geopaxpvtltd

new changes were added to the dev branch, if you are still using the settings:

    "apollox.templatesBranch": "dev",
    "apollox.templatesTag": "next",

you should get the fixes. Run the update task and accept the changes.
Let me know if this works.

BR,

29

Hello @matheus.tx

I ran the update task and accepted all the changes.

There were many issues:

  1. It broke the tasks.json in a way that all the debug tasks were removed.
  2. the .github/workflows folder, I have a build-application.yaml, it added a build-torizoncore.yaml.
  3. other changes in ps1 files that I dont understand.

many other issues. mayble it is due to the .template file with the content ‘tcb’ added in the .conf folder? My project is based on the cpp console template

for now, I reverted everything.

30

Hey @geopaxpvtltd

we are confusing things here. The .template file for this ticket should continue being cppConsole. The .template issue is the other ticket. Please try run update with the cppConsole as content of the file, and accept all the changes.

The .conf/.template file is used from the updater to know what was the template base used to create the project. Because of it the updater tried to apply tcb stuff on your project.

BR,

31

Thanks. The new error is related to the platform push task:

Warning: If you intend to use torizoncore-builder as a server (listening to ports), then you should pass extra parameters to "docker run" (via the -- switch).
Setting up TorizonCore Builder with version early-access.

usage: torizoncore-builder platform push [-h] [--credentials CREDENTIALS]
                                         [--repo OSTREE]
                                         [--hardwareid HARDWAREIDS]
                                         [--description DESCRIPTION]
                                         [--package-name PACKAGE_NAME]
                                         [--package-version PACKAGE_VERSION]
                                         [--compatible-with SHA256]
                                         [--canonicalize | --no-canonicalize]
                                         [--login USERNAME PASSWORD]
                                         [--login-to REGISTRY USERNAME PASSWORD]
                                         [--cacert-to REGISTRY CERTIFICATE]
                                         [--canonicalize-only] [--force]
                                         [--verbose]
                                         [--custom-meta CUSTOM_META]
                                         REF
torizoncore-builder platform push: error: argument --login: expected 2 arguments

 *  The terminal process "/usr/bin/bash '-c', 'DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s /home/ha-01/GeopaxApp/storage -t early-access'" terminated with exit code: 2.

@matheus.castello surprisingly, on github actions, the job completes without this error

1 Like
32

Hey @geopaxpvtltd

thanks for the let me know, nice that this worked as expected on the Github actions. I will check here why this is not working on the local run of the task.

BR,

1 Like
33

Hello @matheus.tx

Any further word on this?

Best Regards.

34

Hey @geopaxpvtltd

we have a ticket opened on `tcb-platform-publish` work on the CI pipeline but does not run correctly locally · Issue #90 · toradex/vscode-torizon-templates · GitHub
This should be fixed on the next stable.

BR,

1 Like
35

Hi @matheus.tx !

I recently updated to Extension Version 2.4 and updated template to the latest. The platform publish task breaks. I previously had the task set to the following:

{
            "label": "tcb-platform-publish",
            "detail": "This task will build the production image based on the\nDockerfile and push it to the Torizon\nPlatform creating a new docker-compose package.",
            "command": "DOCKER_HOST=",
            "type": "shell",
            "options": {
                "cwd": "${workspaceFolder}",
                "env": {
                    "DOCKER_PSSWD": "${command:docker_password}",
                    "DOCKER_LOGIN": "${command:docker_login}",
                    "VSCODE_CMD": "--verbose platform push --credentials credentials.zip --package-name GeopaxAppCmk --package-version ${command:tcb.getNextPackageVersion} --login $DOCKER_LOGIN $DOCKER_PSSWD --canonicalize docker-compose.prod.yml --force"
                }
            },
            "args": [
                "source",
                "./.conf/tcb-env-setup.sh",
                "-s",
                "${workspaceFolder}/storage",
                "-t",
                "${config:tcb.version}"
            ],
            "problemMatcher": [
                "$tsc"
            ],
            "icon": {
                "id": "cloud-upload",
                "color": "terminal.ansiYellow"
            },
            "dependsOrder": "sequence",
            "dependsOn": [
                "create-production-image"
            ]
        },

the updated task is:

        {
            "label": "tcb-platform-publish",
            "detail": "This task will build the production image based on the\nDockerfile and push it to the Torizon\nPlatform creating a new docker-compose package.",
            "command": "DOCKER_HOST=",
            "type": "shell",
            "options": {
                "cwd": "${workspaceFolder}",
                "env": {
                    "DOCKER_PSSWD": "${command:docker_password}",
                    "DOCKER_LOGIN": "${command:docker_login}",
                    "DOCKER_REGISTRY": "${command:docker_registry}",
                    "VSCODE_CMD": "--verbose platform push --credentials credentials.zip --package-name GeopaxAppCmk --package-version ${command:tcb.getNextPackageVersion} --login-to $DOCKER_REGISTRY $DOCKER_LOGIN $DOCKER_PSSWD --canonicalize docker-compose.prod.yml"
                }
            },
            "args": [
                "source",
                "./.conf/tcb-env-setup.sh",
                "-s",
                "${workspaceFolder}/storage",
                "-t",
                "${config:tcb.version}"
            ],
            "problemMatcher": [
                "$tsc"
            ],
            "icon": {
                "id": "cloud-upload",
                "color": "terminal.ansiYellow"
            },
            "dependsOrder": "sequence",
            "dependsOn": [
                "create-production-image"
            ]
        },

the change from “login” to “login-to” breaks the task and gives the following error:

 *  Executing task: DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s /home/ha-01/GeopaxAppCmk/storage -t 3.8.1 

Warning: If you intend to use torizoncore-builder as a server (listening to ports), then you should pass extra parameters to "docker run" (via the -- switch).
Setting up TorizonCore Builder with version 3.8.1.

Access to manifest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction' was not authorized; be sure to pass a proper username/password pair for the registry.
Error: Could not determine digest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction'.

 *  The terminal process "/usr/bin/bash '-c', 'DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s /home/ha-01/GeopaxAppCmk/storage -t 3.8.1'" terminated with exit code: 255. 
 *  Terminal will be reused by tasks, press any key to close it.

when I change it back to just “login”, it works as expected.

Just for your information.

2 Likes
36

Hey @geopaxpvtltd

thanks to report!

37

Hey @geopaxpvtltd

I checked and the reason for this change was because now we support other registries than only Docker Hub. So, the --login-to is needed in this case. Check platform push: --cacert-to and --login-to parameters added · toradex/torizoncore-builder@019bf7a (github.com)

In your case the --login seems to still be working because the update does not update the fields:

  "tcb.packageName": "",
  "tcb.version": "",
  "docker_registry": "",
  "docker_login": "",
  "docker_password": "",
  "docker_tag": "",

So, if one day you are going to use it with --login-to, remove these properties and run the task fill-pipeline-settings, this task will update the data for the fields and should work with --login -to.

Best Regards,

38

Hey @matheus.tx!

Thank you for the explanation but I tried with removing these settings and filling the data again.

it says for dockerhun, docker_registry needs to be empty. but it still gives the same error with the following settings:

  "docker_registry": "",
  "docker_password": "secret",
  "docker_tag": "imagePreProduction",
  "docker_login": "geopaxpvtltd",

 *  Executing task: DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s /home/ha-01/GeopaxAppCmk/storage -t 3.8.1 

Warning: If you intend to use torizoncore-builder as a server (listening to ports), then you should pass extra parameters to "docker run" (via the -- switch).
Setting up TorizonCore Builder with version 3.8.1.

Access to manifest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction' was not authorized; be sure to pass a proper username/password pair for the registry.
Error: Could not determine digest for image 'geopaxpvtltd/geopaxapp-svc:imagePreProduction'.

 *  The terminal process "/usr/bin/bash '-c', 'DOCKER_HOST= source ./.conf/tcb-env-setup.sh -s /home/ha-01/GeopaxAppCmk/storage -t 3.8.1'" terminated with exit code: 255. 
 *  Terminal will be reused by tasks, press any key to close it.
39

@geopaxpvtltd

but did you put back the --login-to?

BR,

40

Hi @matheus.tx !

yes I did.