I have a Go program that uses aws-sdk-go to talk to dynamodb. Dependencies are vendored. Go version 1.7.1. aws-sdk-go version 1.6.24. The program works as expected in all the following environments:
dev box from shell (Arch Linux)
docker container running on my dev box (Docker 1.13.1)
Ec2 instance from shell (Ubuntu 16.04)
When I run the docker container on kubernetes (same one I tested on my dev box), I get the following error:
2017/03/02 22:30:13 DEBUG ERROR: Request dynamodb/GetItem:
---[ REQUEST DUMP ERROR ]-----------------------------
net/http: invalid header field value "AWS4-HMAC-SHA256 Credential=hidden\n/20170302/us-east-1/dynamodb/aws4_request, SignedHeaders=accept-encoding;content-length;content-type;host;x-amz-date;x-amz-target, Signature=483f56dd0b17d8945d3c2f2044b7f97e531190602f132a4d5f828264b3a2cff2" for key Authorization
-----------------------------------------------------
2017/03/02 22:30:13 DEBUG: Response dynamodb/GetItem Details:
---[ RESPONSE ]--------------------------------------
HTTP/0.0 000 status code 0
Content-Length: 0
Based on:
https://golang.org/src/net/http/transport.go
https://godoc.org/golang.org/x/net/lex/httplex#ValidHeaderFieldValue
It looks like the problem is with the header value validation, yet I am at a loss to understand why it works everywhere except on my k8s cluster. The cluster is composed of Ec2 instances running the latest CoreOS stable ami (CoreOS stable 1235.8.0)
The docker image that works on my dev machine is scratch based. To troubleshoot I created an image based on Ubuntu latest with a separate go program that just does a simple get item from dynamodb. When this image is run on my k8s cluster and the program run from an interactive shell, I get the same errors. I have confirmed I can ping the dynamodb endpoints from this env.
I am having a hard time troubleshooting this issue: am I missing something stupid here? Can someone point me in the right direction or have an idea of what is going on?
remember the "-n" when you do this:
echo -n key | base64
The \n after hidden is certainly invalid. Not sure if it is actually there or somehow got inserted when you were cleansing for posting.
Consider:
package main
import (
"fmt"
"golang.org/x/net/lex/httplex"
)
func main() {
fmt.Println("Is valid (without new line)", httplex.ValidHeaderFieldValue("AWS4-HMAC-SHA256 Credential=hidden/20170302/us-east-1/dynamodb/aws4_request, SignedHeaders=accept-encoding;content-length;content-type;host;x-amz-date;x-amz-target, Signature=483f56dd0b17d8945d3c2f2044b7f97e531190602f132a4d5f828264b3a2cff2"))
fmt.Println("Is valid (with new line)", httplex.ValidHeaderFieldValue("AWS4-HMAC-SHA256 Credential=hidden\n/20170302/us-east-1/dynamodb/aws4_request, SignedHeaders=accept-encoding;content-length;content-type;host;x-amz-date;x-amz-target, Signature=483f56dd0b17d8945d3c2f2044b7f97e531190602f132a4d5f828264b3a2cff2"))
}
One guess would be wherever the real hidden value is getting pulled from (config file etc) mistakenly has the \n in there and it's happily getting pulled into your header, but only in this case.
Related
When I try us api-platform version 2.6.4 I am not able to run it when i build adn strat containers and check logs caddy is not working i get an error like this. Any idea? Caddy version is 2.3.0
caddy_1 | panic: proto: file "pb.proto" is already registered
caddy_1 | See https://developers.google.com/protocol-buffers/docs/reference/go/faq#namespace-conflict
tureality_caddy_1 exited with code 2
Other people have reported having this bug and I had it too.
Fortunately, the bug as just been fixed by Dunglas itself. :)
https://github.com/api-platform/api-platform/issues/1881#issuecomment-822663193
The repair was done at the mercure level and not in the api platform source code itself so you can keep your current version.
You just have to docker-compose up and it will work.
I try to follow the Laradock getting started tutorial on windows: http://laradock.io/getting-started/
I have the following tools:
Docker version: 20.10.5, build 55c4c88
git version: 2.30.2.windows.1
Windows 10 20H2(19042.867)
I get stuck on the step when trying to start the: docker-compose up -d nginx mysql
Then I get these error:
ERROR: The Compose file '.\docker-compose.yml' is invalid because:
services.proxy.expose is invalid: should be of the format 'PORT[/PROTOCOL]'
services.proxy2.expose is invalid: should be of the format 'PORT[/PROTOCOL]'
services.proxy.ports contains an invalid type, it should be a number, or an object
services.proxy2.ports contains an invalid type, it should be a number, or an object
...
services.sqs.ports contains an invalid type, it should be a number, or an object
services.sqs.ports contains an invalid type, it should be a number, or an object
services.traefik.ports value [':', ':', ':'] has non-unique elements
Only change I done to the repo is to add the env file and this line:
# Point to the path of your applications code on your host
APP_CODE_PATH_HOST=../project-z/
I also created the folder project-z
I saw this text quote but didn´t understand it:
Depending on the host’s operating system you may need to change the
value given to COMPOSE_FILE. When you are running Laradock on Mac OS
the correct file separator to use is :. When running Laradock from a
Windows environment multiple files must be separated with ;.
But think it might be related to my issue and I need to update something to make it work on Windows.
Any idea what could be wrong? Since it almost out of the box I assume it´s something with my Windows environment
I found the solution directly after posted this question.
It was very easy I forgot to add the "." before env when created the file.
I found the solution here: https://github.com/laradock/laradock/issues/1437
Hey guys I have been trying to automate a task on my browser's machine using chromedp.
I tried examples on the repo however they always fail:
unexpected fault address 0x7f7a36461000 fatal error: fault [signal SIGBUS: bus error code=0x2 addr=0x7f7a36461000 pc=0x53a9d5]
Example's source code am running can be found here.
As I understand chromedp comes with headless pre-compiled version of chrome. I have browsed the API documentation to see if it possible to pass a port on which the dev tools is listening, no success.
However when I tried mafredri/cdp it worked. I came to understand that chromedp is failing to start its embedded chrome. Although, I am not really sure. Why is this happening?
My env:
Google Chrome 85.0.4183.102
Ubuntu 18.04.4 LTS
go version go1.13.5 linux/amd64
Any help would be truly appreciated.
So, long story short I went to run tests on the chromedp locally installed library through go test, it failed. I opened an issue on the Github repo. While it was not indicated that it requires Go 1.14+ but it does.
If you encountered this issue, please proceed to first run the tests on the master branch locally installed library. If it is fails with the following log:
github.com/chromedp/chromedp [github.com/chromedp/chromedp.test]
./chromedp_test.go:862:3: t.Cleanup undefined (type *testing.T has no
field or method Cleanup) ./chromedp_test.go:948:5: t.Cleanup undefined
(type *testing.T has no field or method Cleanup)
./chromedp_test.go:950:5: t.Cleanup undefined (type *testing.T has no
field or method Cleanup) FAIL github.com/chromedp/chromedp [build
failed]
You need to know that t.Cleanup was added on Go 1.14 (credits to Oiyoo).
I hope this helps you if you are having the same problem.
I am trying to setup a network in the container (using Docker's libnetwork and libcontainer), but I keep running into this issue. As far as I can tell it's looking into some_app to get some sandbox information?
INFO[3808] No non-localhost DNS nameservers are left in resolv.conf. Using default external servers : [nameserver 8.8.8.8 nameserver 8.8.4.4]
INFO[3808] IPv6 enabled; Adding default IPv6 external servers : [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]
Error: unknown command "/var/run/docker/netns/582bd184e561" for "some_app"
Run 'some_app --help' for usage.
ERRO[3808] Resolver Setup/Start failed for container 6b81802576bd4f16aa117061f81b5c3e, "setup not done yet"
ERRO[3808] failed to add interface vethef0a693 to sandbox: failed in prefunc: failed to set namespace on link "vethef0a693": invalid argument
ERRO[3808] failed to add interface vethef0a693 to sandbox: failed in prefunc: failed to set namespace on link "vethef0a693": invalid argument
I was wondering if anyone could help me make sense of this and perhaps prevent it. Are these two separate errors?
Thank you
Here is the library I am trying to use
It took me a while to figure this out, but here goes:
Just like in Docker, libnetwork creates a veth interface pair. It then moves one end of the veth pair into the container namespace. During this process libnetwork tries to execute commands registered at runtime on the current instance of the binary (some_app in this case).
These commands do not exist on the external interface of some_app however. They are injected later using a library called reexec. For this to work, reexec needs to be initialized like this:
if reexec.Init() {
return
}
Also note that according to this thread libnetwork is currently not supported for applications outside of Docker.
NB: I discovered this by reading the source code, so I might be wrong but my issue went away after this.
I'm having trouble starting a proxy server for jmeter 2.10 and 2.11. I found a couple links here on SO and apache.org but my error message is slightly different that what's written on these links. Per the wiki from apache.org, I don't think I have trouble finding keytool because it returns the path when I do a
which keytool
/usr/bin/keytool
and I don't have trouble creating a file in the jmeter-210 and jmeter-211/bin dirs. This is the error message I get in my jmeter.log file:
ERROR - jmeter.protocol.http.proxy.ProxyControl: Could not initialise key store java.io.IOException: Command :'"keytool" "-genkeypair" "-alias" ":root_ca:" "-dname" "CN=_ DO NOT INSTALL unless this is your certificate (JMeter root CA), OU=Username: COMPANY\user.name, C=US" "-keyalg" "RSA" "-keystore" "proxyserver.jks" "-storepass" "randomstr1" "-keypass" "randomstr1" "-validity" "7" "-ext" "bc:c"' failed, code: 1
keytool error: java.io.IOException: Invalid escaped character in AVA: 's'
I don't know what this "invalid escaped char in AVA" is. My company and username don't have the string "AVA" and I didn't find it in any of the property files in jmeter-21x/bin.
Not sure if this is affecting it but I'm running jmeter from Darwin on a MBP, OSX 10.7.5.
JMeter 2.9 doesn't give me any proxy issues, although, I ran into other issues with it, which is why I tried using these 2 newer versions, which are giving me problems with the proxy server. I'll try going down to 2.8 to see what happens but I'd rather not if I can help it. That and I'm super curious what the issue is with 2.1x and my laptop. Thanks in advance for your help.
EDIT: The COMPANY/user.name part of the error message was changed this way to sanitize the error message, although, I will try at home on my linux box to see if the funny username representation is the cause.
As per sebb response on User Mailing List:
"I suspect it might be in the string "COMPANY\user.name" which is
derived from the Java system property "user.name".
You could try redefining it on the command line (or in
system.properties) to something simpler, for example:
-Duser.name=foobar
A bug has been opened to fix this issue with "\" character:
https://issues.apache.org/bugzilla/show_bug.cgi?id=56178