Ubuntu Jammy Jellyfish (22.04) / libssl3

[arledesma]

terve is built against libssl1 while Ubuntu Jammy has moved to libssl3 with no packages providing libssl1.

terve: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory

Dockerfile

# syntax=docker/dockerfile:1.3-labs
FROM ubuntu:jammy

ADD --chmod=0755 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64 /bin/terve

RUN <<-_EOF_
  apt-get update
  apt-cache search libssl
_EOF_

RUN PAGER=cat dpkg-query -l 'libssl*'

RUN <<-_EOF_
  ldd /bin/terve
  /bin/terve --version
_EOF_

docker build --no-cache --progress plain -t terve:jammy .

#1 [internal] load build definition from Dockerfile
#1 sha256:22713c1fe804aef8647fb3cfa8ffe9ded4cfaa5fd5f7324b588c82238fa33675
#1 transferring dockerfile: 367B done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 sha256:129ebf001af02a4a67d301d338eb65b059c4c4d4eada0c5822b1f67bc0d13d39
#2 transferring context: 2B done
#2 DONE 0.0s

#3 resolve image config for docker.io/docker/dockerfile:1.3-labs
#3 sha256:24a4ab8ec3f63334233c86ae0a387b9a1d2e62cb34ac80e2ea40ec21c67a365a
#3 DONE 0.6s

#4 docker-image://docker.io/docker/dockerfile:1.3-labs@sha256:250ce669e1aeeb5ffb892b18039c3f0801466536cb4210c8eb2638e628859bfd
#4 sha256:50b012fcc468d74535cb594698b3be6bf4ea689f88bcc26014bed189b4910a49
#4 CACHED

#6 [internal] load .dockerignore
#6 sha256:dc96c98aa02a2d2cd0d474681057b017bbe4f60cd929ff7cdf8b15a0437b165f
#6 DONE 0.0s

#5 [internal] load build definition from Dockerfile
#5 sha256:e1a558e6719cc355b810bc089010d673b7d263c34086319c7672f2a7db1b8380
#5 DONE 0.0s

#7 [internal] load metadata for docker.io/library/ubuntu:jammy
#7 sha256:5e41972c0cdee05640f3ed85ad5e7dca92c5a589ced43badaf14d81466f891ae
#7 DONE 0.5s

#8 [1/5] FROM docker.io/library/ubuntu:jammy@sha256:b6b83d3c331794420340093eb706a6f152d9c1fa51b262d9bf34594887c2c7ac
#8 sha256:fccd2a8f295ce7f195bd091bf2c2a387ea01d6e67ffef75e9285b1970489a638
#8 CACHED

#9 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64
#9 sha256:ab790b76d1a43c4c895079e203f2fcc37ace2b4a07812e3282636f158c808827
#9 CACHED

#10 [2/5] ADD --chmod=0755 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64 /bin/terve
#10 sha256:363d9569124755058bd6f88be9b034dd4771bf1f6de68f6b816030db9c58aadc
#10 DONE 0.1s

#11 [3/5] RUN <<-_EOF_ (apt-get update...)
#11 sha256:105e64f1cb67faa9390008d66bb4cc8a4a47599cc69a4dce2112a7473be6acc7
#11 0.685 Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
#11 0.732 Get:2 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
#11 1.341 Get:3 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [221 kB]
#11 1.482 Get:4 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]
#11 1.765 Get:5 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]
#11 1.875 Get:6 http://security.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [4648 B]
#11 1.878 Get:7 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [94.9 kB]
#11 2.020 Get:8 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [238 kB]
#11 2.029 Get:9 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
#11 2.344 Get:10 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]
#11 2.869 Get:11 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
#11 36.38 Get:12 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1792 kB]
#11 39.73 Get:13 http://archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [270 kB]
#11 40.23 Get:14 http://archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [4648 B]
#11 40.24 Get:15 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [165 kB]
#11 40.56 Get:16 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [410 kB]
#11 41.33 Get:17 http://archive.ubuntu.com/ubuntu jammy-backports/universe amd64 Packages [5797 B]
#11 41.36 Fetched 21.7 MB in 41s (530 kB/s)
#11 41.36 Reading package lists...
#11 43.03 libssl-dev - Secure Sockets Layer toolkit - development files
#11 43.03 libssl-doc - Secure Sockets Layer toolkit - development documentation
#11 43.03 libssl3 - Secure Sockets Layer toolkit - shared libraries
#11 43.03 libssl-ocaml - OCaml bindings for OpenSSL (runtime)
#11 43.03 libssl-ocaml-dev - OCaml bindings for OpenSSL
#11 43.03 libssl-utils-clojure - library for SSL certificate management on the JVM
#11 DONE 43.2s

#12 [4/5] RUN PAGER=cat dpkg-query -l 'libssl*'
#12 sha256:9e7aa8cf87118d88ce9f00c5edc837065773de2a66f1b1d33ee1530f28e6cbf1
#12 0.491 Desired=Unknown/Install/Remove/Purge/Hold
#12 0.491 | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
#12 0.491 |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
#12 0.491 ||/ Name           Version          Architecture Description
#12 0.491 +++-==============-================-============-===============================================
#12 0.491 ii  libssl3:amd64  3.0.2-0ubuntu1.2 amd64        Secure Sockets Layer toolkit - shared libraries
#12 DONE 0.5s

#13 [5/5] RUN <<-_EOF_ (ldd /bin/terve...)
#13 sha256:76cfb0612831eb0176d20241302bb846efe906aad6b670fd5c2a5f9e41dfffd2
#13 0.598       linux-vdso.so.1 (0x00007ffd655c9000)
#13 0.598       libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f6e3eef3000)
#13 0.598       libssl.so.1.1 => not found
#13 0.598       libcrypto.so.1.1 => not found
#13 0.598       libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f6e3eed3000)
#13 0.598       librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f6e3eece000)
#13 0.598       libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f6e3eec7000)
#13 0.598       libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f6e3eec2000)
#13 0.598       libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f6e3e5d8000)
#13 0.598       /lib64/ld-linux-x86-64.so.2 (0x00007f6e3ef13000)
#13 0.599 /bin/terve: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory
#13 ERROR: executor failed running [/bin/sh -c   ldd /bin/terve
  /bin/terve --version
]: exit code: 127
------
 > [5/5] RUN <<-_EOF_ (ldd /bin/terve...):
------
executor failed running [/bin/sh -c   ldd /bin/terve
  /bin/terve --version
]: exit code: 127

The missing objects that are no longer supported by Ubuntu 22.04 Jammy are:

• libssl.so.1.1
• libcrypto.so.1.1

A workaround can be performed, installing an unsupported libssl1, but that will be an unmaintained package.

hacky install

# syntax=docker/dockerfile:1.3-labs
FROM ubuntu:jammy

ADD --chmod=0755 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64 /bin/terve

ENV DEBIAN_FRONTEND=noninteractive
RUN <<-_EOF_
  apt-get update
  apt-cache search libssl
_EOF_

ADD http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb libssl1.1_1.1.0g.deb
RUN <<-HACKY_HACK
  dpkg -i ./libssl1.1_1.1.0g.deb
  rm -f ./libssl1.1_1.1.0g.deb
HACKY_HACK

RUN PAGER=cat dpkg-query -l 'libssl*'

RUN <<-_EOF_
  ldd /bin/terve
  /bin/terve --version
_EOF_

docker build --progress plain -t terve:jammy .
#1 [internal] load build definition from Dockerfile
#1 sha256:6fa7294bf5a3fcb903bd64c98b1d0ad2855e294c35e9a2fab114421e8cc309b5
#1 transferring dockerfile: 610B done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 sha256:c790749eeeb21ca04118f5b1293a17e83249db41843debfa5e80762588882eac
#2 transferring context: 2B done
#2 DONE 0.0s

#3 resolve image config for docker.io/docker/dockerfile:1.3-labs
#3 sha256:24a4ab8ec3f63334233c86ae0a387b9a1d2e62cb34ac80e2ea40ec21c67a365a
#3 DONE 0.5s

#4 docker-image://docker.io/docker/dockerfile:1.3-labs@sha256:250ce669e1aeeb5ffb892b18039c3f0801466536cb4210c8eb2638e628859bfd
#4 sha256:50b012fcc468d74535cb594698b3be6bf4ea689f88bcc26014bed189b4910a49
#4 CACHED

#5 [internal] load build definition from Dockerfile
#5 sha256:9bf6e1dbf771aa7d7228fc53f52906c5ffffbee2cede801edeb00247834eccb7
#5 DONE 0.0s

#6 [internal] load .dockerignore
#6 sha256:445ef21c3084ec67c349d88b012c92e2ce43fc1b5642dd27c6f4ea1a4c078ad6
#6 DONE 0.0s

#7 [internal] load metadata for docker.io/library/ubuntu:jammy
#7 sha256:5e41972c0cdee05640f3ed85ad5e7dca92c5a589ced43badaf14d81466f891ae
#7 DONE 0.5s

#8 [1/7] FROM docker.io/library/ubuntu:jammy@sha256:b6b83d3c331794420340093eb706a6f152d9c1fa51b262d9bf34594887c2c7ac
#8 sha256:fccd2a8f295ce7f195bd091bf2c2a387ea01d6e67ffef75e9285b1970489a638
#8 DONE 0.0s

#12 http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb
#12 sha256:9fc91227daea3b2f4ed9011dcc915db401cb4c4bf9ef11f2db28563cda66f87a
#12 ...

#9 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64
#9 sha256:ab790b76d1a43c4c895079e203f2fcc37ace2b4a07812e3282636f158c808827
#9 DONE 0.1s

#10 [2/7] ADD --chmod=0755 https://github.com/superblk/terve/releases/download/v0.7.0/terve_linux_amd64 /bin/terve
#10 sha256:363d9569124755058bd6f88be9b034dd4771bf1f6de68f6b816030db9c58aadc
#10 CACHED

#11 [3/7] RUN <<-_EOF_ (apt-get update...)
#11 sha256:4ecc25b40179284f1d046f4246aa28a2f23cbf7ca3022cde0df0abc74c3ec386
#11 CACHED

#12 http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb
#12 sha256:9fc91227daea3b2f4ed9011dcc915db401cb4c4bf9ef11f2db28563cda66f87a
#12 DONE 0.5s

#12 http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb
#12 sha256:9fc91227daea3b2f4ed9011dcc915db401cb4c4bf9ef11f2db28563cda66f87a
#12 CACHED

#13 [4/7] ADD http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb libssl1.1_1.1.0g.deb
#13 sha256:478866e8d34659b125787737b417d46f71f0aa878c380c714db9fbce393d5824
#13 DONE 0.1s

#14 [5/7] RUN <<-HACKY_HACK (dpkg -i ./libssl1.1_1.1.0g.deb...)
#14 sha256:a8839181efde13449953fc25468ce091a715fa6e9e27f73202ac5b18d750fc1e
#14 0.433 Selecting previously unselected package libssl1.1:amd64.
#14 0.437 (Reading database ... 4395 files and directories currently installed.)
#14 0.437 Preparing to unpack ./libssl1.1_1.1.0g.deb ...
#14 0.453 Unpacking libssl1.1:amd64 (1.1.0g-2ubuntu4) ...
#14 0.575 Setting up libssl1.1:amd64 (1.1.0g-2ubuntu4) ...
#14 0.689 Processing triggers for libc-bin (2.35-0ubuntu3) ...
#14 DONE 0.8s

#15 [6/7] RUN PAGER=cat dpkg-query -l 'libssl*'
#15 sha256:1f40360196f71a3ebbe733cc418e64dcd8fd3d1237d9d0a5ba42e680c9143b9e
#15 0.465 Desired=Unknown/Install/Remove/Purge/Hold
#15 0.465 | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
#15 0.465 |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
#15 0.465 ||/ Name            Version          Architecture Description
#15 0.465 +++-===============-================-============-===============================================
#15 0.465 ii  libssl1.1:amd64 1.1.0g-2ubuntu4  amd64        Secure Sockets Layer toolkit - shared libraries
#15 0.465 ii  libssl3:amd64   3.0.2-0ubuntu1.2 amd64        Secure Sockets Layer toolkit - shared libraries
#15 DONE 0.5s

#16 [7/7] RUN <<-_EOF_ (ldd /bin/terve...)
#16 sha256:67647b4fc80b3e4eef2ed61fa9406f4a4dc61ec6328deb25f475fe6bbb2a7d1c
#16 0.563       linux-vdso.so.1 (0x00007ffddf3d5000)
#16 0.563       libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f9f834d3000)
#16 0.563       libssl.so.1.1 => /lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9f82a00000)
#16 0.563       libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9f82400000)
#16 0.563       libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f9f834b3000)
#16 0.563       librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f9f834ae000)
#16 0.563       libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9f834a9000)
#16 0.563       libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9f834a2000)
#16 0.563       libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9f821d8000)
#16 0.563       /lib64/ld-linux-x86-64.so.2 (0x00007f9f834f3000)
#16 0.565 0.7.0
#16 DONE 0.6s

#17 exporting to image
#17 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00
#17 exporting layers
#17 exporting layers 0.1s done
#17 writing image sha256:f056be60751d835c690e8d80ea3bea25d8b3b6187d3715f930ed412ba0f81fef done
#17 naming to docker.io/library/terve:jammy done
#17 DONE 0.2s

I am not sure what the correct solution would be for this package as there are multiple dependencies that appear to take dependency on openssl and it doesn't look as though rust-openssl will be supporting it any time soon.

[jpalomaki]

👋 @arledesma and thanks for the report!

Ideally I'd like to get rid of openssl alltogether (see #19). However, as that appears to not be possible atm, one thing we could do is to build a version of terve which uses vendored openssl (statically compiled in to the binary). Not necessarily great for security, but would perhaps solve the problem of having to rely on system openssl (which can vary, as you have discovered).

[arledesma]

@jpalomaki good deal. This aligns with what I was thinking about for a potential fix.

[jpalomaki]

@arledesma Working on this in #41 (I'm on macOS myself)

[jpalomaki]

@arledesma Feel free to test https://github.com/superblk/terve/releases/tag/v0.8.0

[arledesma]

@jpalomaki My environment may be a little weird right now, but I am seeing the following. I will spin up a new docker host to validate.

Dockerfile

# syntax=docker.io/docker/dockerfile:1.4
ARG BASE=jammy
FROM ubuntu:${BASE}

SHELL ["/bin/bash", "-eo", "pipefail", "-x", "-c"]

RUN apt-get update && apt-get install -y curl

# Install terve and terragrunt
ARG TARGETARCH
ARG \
  TERVE_VERSION=v0.8.0 \
  TERRAGRUNT_VERSION=0.36.10

RUN <<HEREDOC
  curl -fsL "https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_${TARGETARCH}" -o /tmp/terragrunt
  chmod 0755 /tmp/terragrunt
  /tmp/terragrunt -version
HEREDOC

RUN <<HEREDOC
  curl -fsL https://github.com/superblk/terve/releases/download/${TERVE_VERSION}/terve_linux_${TARGETARCH} -o /usr/bin/terve
  chmod 0755 /usr/bin/terve
  terve --bootstrap
  terve install tg "${TERRAGRUNT_VERSION}"
  terve select tg "${TERRAGRUNT_VERSION}"
  ln -sr "$HOME/.terve/terragrunt" /usr/bin/terragrunt
  /usr/bin/terragrunt -version
HEREDOC

$ docker build --progress plain -t terve:0.8.0 -f ./Dockerfile .

#1 [internal] load build definition from Dockerfile-terve
#1 sha256:a14e9b38f57a65383b73854ff938cc6affb7f22fa986214f85235350c3ec3353
#1 transferring dockerfile: 927B done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 sha256:ffdb97a7bccd46f5c86ed7b0f8ccf8d489155d3e671382745ed9c0d19a2ea477
#2 transferring context: 2B done
#2 DONE 0.0s

#3 resolve image config for docker.io/docker/dockerfile:1.4
#3 sha256:4c6393aa7d63350bb37611567d30ae32494404c0b27cf79a51e51112ce252eca
#3 DONE 0.0s

#4 docker-image://docker.io/docker/dockerfile:1.4
#4 sha256:bb096e417c1c8965bfdfe7b55d0afd23fbd8649ebb8980e965f78b920c71743b
#4 CACHED

#6 [internal] load .dockerignore
#6 sha256:f086be71d341764ff67a2234b9fc3edbd53abe7549639d44a519242b41131007
#6 DONE 0.0s

#5 [internal] load build definition from Dockerfile-terve
#5 sha256:c104d78630d66d33cccf7eafa4a7ae308cd76d521ae3022d87d50de4adaf9b83
#5 DONE 0.0s

#7 [internal] load metadata for docker.io/library/ubuntu:jammy
#7 sha256:5e41972c0cdee05640f3ed85ad5e7dca92c5a589ced43badaf14d81466f891ae
#7 ...

#8 [auth] library/ubuntu:pull token for registry-1.docker.io
#8 sha256:1da98c355dc1631fea90a9c9a1a1d3501149d25d41cb391a1f5c100506704f73
#8 DONE 0.0s

#7 [internal] load metadata for docker.io/library/ubuntu:jammy
#7 sha256:5e41972c0cdee05640f3ed85ad5e7dca92c5a589ced43badaf14d81466f891ae
#7 DONE 1.0s

#9 [1/4] FROM docker.io/library/ubuntu:jammy@sha256:b6b83d3c331794420340093eb706a6f152d9c1fa51b262d9bf34594887c2c7ac
#9 sha256:fccd2a8f295ce7f195bd091bf2c2a387ea01d6e67ffef75e9285b1970489a638
#9 DONE 0.0s

#10 [2/4] RUN apt-get update && apt-get install -y curl
#10 sha256:a6b97f6f57572876ea06011877adf53efe6ed61d80e677d621813a366fd5534a
#10 CACHED

#11 [3/4] RUN <<HEREDOC (curl -fsL "https://github.com/gruntwork-io/terragrunt/releases/download/v0.36.10/terragrunt_linux_amd64" -o /tmp/terragrunt...)
#11 sha256:8e5b1366ba0241953aefc5109d1b6d110c29b01eebdf470644631795840c6d9a
#11 0.398 + curl -fsL https://github.com/gruntwork-io/terragrunt/releases/download/v0.36.10/terragrunt_linux_amd64 -o /tmp/terragrunt
#11 27.89 + chmod 0755 /tmp/terragrunt
#11 27.89 + /tmp/terragrunt -version
#11 27.91 terragrunt version v0.36.10
#11 DONE 28.0s

#12 [4/4] RUN <<HEREDOC (curl -fsL https://github.com/superblk/terve/releases/download/v0.8.0/terve_linux_amd64 -o /usr/bin/terve...)
#12 sha256:2e4d13f63ceb4259eb39f5e3650229a419cbd51b5b5e81eacc994b7bd9b1407c
#12 0.592 + curl -fsL https://github.com/superblk/terve/releases/download/v0.8.0/terve_linux_amd64 -o /usr/bin/terve
#12 12.78 + chmod 0755 /usr/bin/terve
#12 12.78 + terve --bootstrap
#12 12.79 Created /root/.terve
#12 12.79 + terve install tg 0.36.10
#12 24.11 ERROR: error sending request for url (https://github.com/gruntwork-io/terragrunt/releases/download/v0.36.10/terragrunt_linux_amd64): error trying to connect: operation timed out
#12 ERROR: executor failed running [/bin/bash -eo pipefail -x -c   curl -fsL https://github.com/superblk/terve/releases/download/${TERVE_VERSION}/terve_linux_${TARGETARCH} -o /usr/bin/terve
  chmod 0755 /usr/bin/terve
  terve --bootstrap
  terve install tg "${TERRAGRUNT_VERSION}"
  terve select tg "${TERRAGRUNT_VERSION}"
  ln -sr "$HOME/.terve/terragrunt" /usr/bin/terragrunt
  /usr/bin/terragrunt -version
]: exit code: 1
------
 > [4/4] RUN <<HEREDOC (curl -fsL https://github.com/superblk/terve/releases/download/v0.8.0/terve_linux_amd64 -o /usr/bin/terve...):
------
executor failed running [/bin/bash -eo pipefail -x -c   curl -fsL https://github.com/superblk/terve/releases/download/${TERVE_VERSION}/terve_linux_${TARGETARCH} -o /usr/bin/terve
  chmod 0755 /usr/bin/terve
  terve --bootstrap
  terve install tg "${TERRAGRUNT_VERSION}"
  terve select tg "${TERRAGRUNT_VERSION}"
  ln -sr "$HOME/.terve/terragrunt" /usr/bin/terragrunt
  /usr/bin/terragrunt -version
]: exit code: 1

[jpalomaki]

@arledesma That looks like a network issue: error trying to connect: operation timed out. Also consider quoting the terve download URL, as you have done with the other URL.

[arledesma]

In that Dockerfile I am first downloading terragrunt and validating its version, and then it downloads and bootstraps terve successfully. The connection error is from terve attempting to download the same version of terragrunt. I only added the curl download of terragrunt after multiple successive connection errors when terve attempts to download terragrunt. I'm still planning on testing it further - I'll probably just setup a test repo and use GitHub actions to build it for the additional validation.

[jpalomaki]

All right, I wonder if it's something to do with ipv6? I tested the linux amd64 binary in an Ubuntu 22.04 docker container myself (though not in a build, but just cp'ing the binary into a running container and then running terve there), and it worked okay

[arledesma]

It could be something to do with ipv6.

Locally I was able to use terve to install terraform without issue but could not install terragrunt. While the code to download them is not exactly the same it appears as though the code that is performing the downloads is effectively the same, the only difference being where it is downloaded from. Interestingly enough, both terve list tf remote and terve list tg remote both work without issue, only the download is failing for terragrunt -- so it is something to do with http::HttpClient and not with git2::Remote and only on my system. I can open a different issue to track down that if you would like.

With that said, I was able to successfully perform the installations of both terraform and terragrunt using github actions, so the issue is isolated to my local docker host. I'll say that this issue has been validated as fixed!

Thanks!