InternalException - certificate unknown with mkKubeClientConfig
#64
Comments
|
@cirquit You are right implementation of #63 should solve your problem. You get the error because the native Haskell TLS implementation doesn't support validating servers based on IP address. There is a PR pending for this: haskell-tls/hs-certificate#113, when it is merged, this should work. Easiest thing you can do is to replace the package |
|
So, after adding the your current PR to the ...
extra-deps:
- git: https://github.com/akshaymankar/hs-certificate
commit: 2a71b5
subdirs:
- x509-validation
- ...I get the following error as I -- While building package connection-0.2.8 using:
/home/asa/.stack/setup-exe-cache/x86_64-linux/Cabal-simple_mPHDZzAJ_2.4.0.1_ghc-8.6.5 --builddir=.stack-work/dist/x86_64-linux/Cabal-2.4.0.1 build --ghc-options " -ddump-hi -ddump-to-file"
Process exited with code: ExitFailure 1
Logs have been written to: /home/asa/Documents/github-repos/kubernetes-playground/haskell-amqp+kube-example/haskell-test/.stack-work/logs/connection-0.2.8.log
Configuring connection-0.2.8...
Preprocessing library for connection-0.2.8..
Building library for connection-0.2.8..
[1 of 2] Compiling Network.Connection.Types ( Network/Connection/Types.hs, .stack-work/dist/x86_64-linux/Cabal-2.4.0.1/build/Network/Connection/Types.o )
/tmp/stack9755/connection-0.2.8/Network/Connection/Types.hs:19:1: warning: [-Wdeprecations]
Module ‘Network.BSD’ is deprecated:
This platform dependent module is no longer supported.
|
19 | import Network.BSD (HostName)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[2 of 2] Compiling Network.Connection ( Network/Connection.hs, .stack-work/dist/x86_64-linux/Cabal-2.4.0.1/build/Network/Connection.o )
/tmp/stack9755/connection-0.2.8/Network/Connection.hs:63:1: error:
Could not find module ‘Network.Socks5’
There are files missing in the ‘socks-0.5.6’ package,
try running 'ghc-pkg check'.
Use -v to see a list of the files searched for.
|
63 | import Network.Socks5
| ^^^^^^^^^^^^^^^^^^^^^The full paste is found here. I've checked the source of EDIT: Got it running by creating a fresh project. My extra-deps:
- http-client-0.5.14@sha256:4880b27d6741e331454a1d4c887d96ce3d7d625322c8433983a4b1cd08538577
- http-media-0.7.1.3@sha256:481a40a26f71caaa1a9d9bf4c0fabdd4b51847c6bfa59b8e790fa07ef52dfea6
- socks-0.5.6@sha256:bb051589a00d18301556dbff82d89955a5534baf91a5e050e5f3a65f3415609c
- oidc-client-0.4.0.1@sha256:d35d29351ea7db2aa0ecd4b4792b8bac4bf13f10c050e3c0cab0072b74acd996
- git: https://github.com/kubernetes-client/haskell
commit: 95eb28b
subdirs:
- kubernetes-client
- kubernetes
- git: https://github.com/akshaymankar/hs-certificate
commit: 2a71b5
subdirs:
- x509-validation
- connection-0.2.8My ...
dependencies:
- base >= 4.7 && < 5
- kubernetes-client >= 0.1.0.1 && < 2
- kubernetes-client-core >= 0.1.0.1 && < 2
- connection >= 0.2.8 && < 3
- containers
- x509-validation
- stm >= 2.5.0.0 && < 3
... |
|
@akshaymankar: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
After trying this snippet (thanks to @akshaymankar for proving the functionality) and replacing it with my local kube configuration file I got the following error:
I'm slightly out of my domain with managing certificates, but it seems that the underlying SSL library (#63?) can not find the needed certificates / does not trust them for some reason.
To set up helm it sufficed to point it to the kubernetes config file, so I'm not really sure what to do now.
Versions:
Currently using the
95eb28bcommit for bothkubernetes-clientandkubernetes-client-core.The text was updated successfully, but these errors were encountered: