Skip to content

fix(cluster): replace openssl with /dev/urandom in cluster image#139

Merged
drew merged 1 commit intomainfrom
fix-cluster-openssl/an
Mar 6, 2026
Merged

fix(cluster): replace openssl with /dev/urandom in cluster image#139
drew merged 1 commit intomainfrom
fix-cluster-openssl/an

Conversation

@drew
Copy link
Collaborator

@drew drew commented Mar 6, 2026

Summary

  • Removed RUN apk add --no-cache openssl from Dockerfile.cluster — the rancher/k3s base image is BusyBox-based with no package manager, so apk is not available
  • Replaced openssl rand -hex 32 in cluster-entrypoint.sh with head -c 32 /dev/urandom | od -A n -t x1 | tr -d ' \n', which produces an identical 64-character hex string using only BusyBox builtins

Test Plan

  • Verified mise run docker:build:cluster succeeds (previously failed with apk: not found)
  • Verified the /dev/urandom replacement produces correct 64-char hex output inside the k3s container

@drew
fix(cluster): replace openssl with /dev/urandom in cluster image
ca60696 
The k3s base image is BusyBox-based with no package manager, so
`apk add openssl` fails. Replace the sole openssl usage (rand -hex 32)
with an equivalent using /dev/urandom + od, which are available in
BusyBox.
@drew drew self-assigned this Mar 6, 2026
@drew drew merged commit c30d9bd into main Mar 6, 2026
13 of 15 checks passed
@drew drew deleted the fix-cluster-openssl/an branch March 6, 2026 00:20
drew added a commit that referenced this pull request Mar 16, 2026
@drew
fix(cluster): replace openssl with /dev/urandom in cluster image (#139)
fc22cfd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@drew drew

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@drew