Comments (6)
I would like to know why the --allow-untrusted flag is necessary.
Disclaimer: I am no Alpine expert 😃
Our packaging logic wasn't changed. However, considering that the alpine image was last pushed two days ago, something may have changed on their side.
With that said, the usage of --allow-untrusted
was the publicly documented way of installing the apk package. Moreover, we use this flag in our test suite, and it has always been so.
To be totally honest with you, I'm even a tad surprised it was working without the flag before 🤔
I hope it helped 🙏
from dd-trace-php.
Interesting; thanks for the pointers!
It seems like jordansissel/fpm#2059 is the github issue for us to follow then :-)
from dd-trace-php.
Hey @wadakatu 👋
Local APKs must be installed with the --allow-untrusted
flag. I tried running the following Dockerfile, and it worked :-)
FROM php:8.1-fpm-alpine
RUN curl -Lo datadog-php-tracer.apk https://github.com/DataDog/dd-trace-php/releases/download/0.86.3/datadog-php-tracer_0.86.3_x86_64.apk && apk add datadog-php-tracer.apk --allow-untrusted
RUN rm datadog-php-tracer.apk
from dd-trace-php.
Thank you for your reply.
I thought that using the --allow-untrusted
flag might lead to security issues, so I was hesitant to use it.
I would like to know why the --allow-untrusted
flag is necessary. Has there been a recent change to the requirements for datadog-php-tracer, or is there another reason? It was working without the '--allow-untrusted' flag until last week, and I am curious about this sudden change.
from dd-trace-php.
Thank you for your response :)
I attempted to use the --allow-untrusted option, but it was unfortunately unsuccessful.
Here is the Dockerfile snippet where I encountered the issue:
FROM php:8.1-fpm-alpine
RUN apk upgrade
RUN curl -Lo datadog-php-tracer.apk https://github.com/DataDog/dd-trace-php/releases/download/0.86.3/datadog-php-tracer_0.86.3_x86_64.apk && apk add datadog-php-tracer.apk --allow-untrusted
RUN rm datadog-php-tracer.apk
Presumably, adding apk upgrade
seemed to cause the problem, as it worked fine without that step.
I suspect the issue might be related to an update in apk-tools
as part of the apk upgrade
.
However, I am not an expert in Alpine Linux either, so I will post a new issue in the Alpine Linux repository and wait for feedback there.
I do not believe this issue is related to Datadog, thus I will close this issue here.
Thank you for your excellent support.
from dd-trace-php.
Hi.
I kept investigating about this issue and I am 98% certain that the issue is related to apk-tools.
Yesterday, I attempted to install the Datadog package using apk-tools v2.14.3
, but encountered a bad signature error. However, today, I successfully installed the Datadog package using apk-tools v2.14.4
without any issues. It seems that there was an initial attempt to tighten the package installation process which resulted in the bad signature error, but this restriction was subsequently relaxed.
Additionally, I was able to successfully install datadog-php-tracer with apk-tools v2.14.4. However, I received the following warning message from apk-tools while installing datadog package:
WARNING: Support for packages without datahash will be dropped in apk-tools 3.
I assume that this warning suggests that Datadog's package should include a proper datahash to ensure compatibility with future releases of apk-tools v3.
Below are links to an issue and a pull request related to apk-tools that might be relevant to this problem:
Issue #11000 on GitLab
Related commit on GitLab
Hopes it helps.
from dd-trace-php.
Related Issues (20)
- [Feature] CURL multi exec integration is lacking data in the APM view HOT 7
- [Bug]: PDO/PHPRedis client split by instance inconsistency HOT 1
- [Bug]: Segfault in dd_patched_zend_call_known_function HOT 3
- [Bug]: ddtrace overrides php error log permissions HOT 1
- [Documentation]: OTEL tracing HOT 8
- [Feature] Add JSON body items to http.request
- [Feature] Laravel Livewire 3 Support
- [Bug]: Standalone null Return Type for update_span_duration Causes Phan Parsing to Fail for PHP <8.2 HOT 1
- [Bug]: new operation `command_execution` HOT 3
- [Bug]: Memory leak in creating Tracer HOT 8
- [Bug]: 0.98.x tar.gz file size increased? HOT 1
- [Feature] Error Tracking via logs HOT 2
- [Bug]: CLI PHP Processes do not stop and with Apache (mod_php) the connection is closed unexpectedly HOT 1
- [Bug]: Laravel Octane traces not showing in dashboard HOT 16
- [Bug]: Service name is always "laravelqueue" and can't be changed HOT 2
- [Feature] Missing instrumentation for batched AMQP publishing
- [Bug]: Integrations being added as Services in the APM UI HOT 1
- [Help]: Configurations in Docker and kubernetes HOT 8
- [Bug]: DD Trace breaks project with PHP 8.3.7 - Laravel 11.7 HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dd-trace-php.