Falco Installation failure due to GPG key - oracle-cloud-infrastructure

I am trying to install Falco on OCI instance but it is failing with the following error:
Following this blog: https://blogs.oracle.com/cloud-infrastructure/post/monitor-oke-cluster-using-falco?source=:so:ch:or:awr::::Cloud&SC=:so:ch:or:awr::::Cloud&pcode=
GPG key at https://falco.org/repo/falcosecurity-packages.asc (0x14CB7A8D) is already installed
The GPG keys listed for the "falcosecurity-rpm" repository are already installed but they are not correct for this package.
Check that the correct key URLs are configured for this repository.. Failing package is: falco-0.33.1-1.x86_64
GPG Keys are configured as: https://falco.org/repo/falcosecurity-packages.asc
Any suggestions on how this can be resolved? I am using the latest GPG key.

Related

Registry key js.debugger.use.chrome.extension is not defined

When i tried to install plugin Live edit in PHPStorm, and run it by debugging i get this error
Registry key js.debugger.use.chrome.extension is not defined. I don't know what's the problem with it.

msys2 ssh: invalid key format (under Github CI only)

I am cloning repoB within GitHub CI workflow of repoA, using deployment key of repoB (stored in repoA). I understand this might not be a good practice, no need to comment on that (thanks).
The workflow tests this procedure natively on ubuntu-20.04 and using MSYS2 on windows-latest. It works on Ubuntu, I can run the commands manually on regular MSYS2 installation, but it fails on GitHub CI. The CI log has all the details, the essential command being
git -c core.sshCommand='ssh -vvv -i repoB_deployment_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' clone -b main git#github.com:eudoxos/repoB.git repoB
The failure under Windows is Load key "repoB_deployment_key": invalid format and I am not able to find out what's wrong. I tried changing permissions for the private key (chmod 600), adding the -o UserKnownHostsFile=/dev/null and -o StrictHostKeyChecking=no, running the key through unix2dos, adding extra trailing newline — nothing helped.
Again, the same command works under Ubuntu and under MSYS2 on desktop Windows.
The repos are publicly accessible fro reading; you are welcome to open a PR to the repoA repository; a PR should trigger the CI run.
Running the key through dos2unix (not unix2dos) fixed the issue. I will file that as an issue with msys2, as this should be documented.
Try in your GitHub workflow to display the key first, in order to visually check its content and its format (as seen here)
Check also which SSH you used when creating the key, the c:\Program Files\OpenSSH-Win64 one, or the one with Git for Windows (c:\Program Files\git\usr\bin\ssh.exe).

OCI CLI fails to load default profile from config file even if I have proper default profile

When I run any oci cli command I'm getting below error:
ERROR: Profile '<DEFAULT>' not found in config file C:\Users\user1\.oci\config
Below is my config file for OCI CLI:
[DEFAULT]
user=<admin user ocid>
fingerprint=<fingerprint>
key_file=<path/to/private/key>
tenancy=<tenancy ocid>
region=ap-mumbai-1
I had a similar problem to this. If you use Python and have changed some of the libraries it's possible you may have updated some of the needed dependencies. Upgrade/reinstall oci ie.
pip install oci-cli --upgrade
This sorted the problem for me.
I would suggest you take a backup of this config file, delete it and reconfigure CLI automatically by executing "oci setup config"
I guest that you are using pacman to install oci-cli. You should remove it and reinstall with official method.
https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm
bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"
Please refer this document on Configuring the CLI and tally it with the config file of yours.
And refer the discussion in this forum OCI Config not found issue, this might be useful as well.

Signature verification failed when installing MySQL 5.7.29 on Suse Linux Leap 15.1

I want to install MySQL community edition 5.7.29 on OpenSuse Linux leap 15.1 as following:
Download the file: mysql-5.7.29-1.sles12.x86_64.rpm-bundle.tar;
untar the file then get 8 files
>mysql-community-client-5.7.29-1.sles12.x86_64.rpm
>mysql-community-common-5.7.29-1.sles12.x86_64.rpm
>mysql-community-devel-5.7.29-1.sles12.x86_64.rpm
>mysql-community-embedded-5.7.29-1.sles12.x86_64.rpm
>mysql-community-embedded-devel-5.7.29-1.sles12.x86_64.rpm
>mysql-community-libs-5.7.29-1.sles12.x86_64.rpm
>mysql-community-server-5.7.29-1.sles12.x86_64.rpm
>mysql-community-test-5.7.29-1.sles12.x86_64.rpm
install the 4 files rpm using the command:
>sudo zypper install mysql-community-{server,client,common,libs}-*
Then the error message shows as below:
>mysql-community-common-5.7.29-1.sles12.x86_64.rpm:
Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
>Looking for gpg key ID 5072E1F5 in cache /var/cache/zypp/pubkeys.
Repository Plain RPM files cache does not define additional
'gpgkey=' URLs.
mysql-community-common-5.7.29-1.sles12.x86_64 (Plain RPM files
cache): Signature verification failed [4-Signatures public key is
not available]
>Abort, retry, ignore? [a/r/i] (a):
Any response will be appreciated.
Just write i to bypass this issue and successfully complete installation.
The issue because by default OpenSUSE use downloads.opensuse.org repository that seems to use proxy to nearest server mirror, but the problem is that it seems some mirrors does not update something on his servers so you found messages like "Signature verification failed".
You can try several solutions:
Use some VPN service to change your IP location to find a chance that download.opensuse.org will redirect you on some good mirror.
Change "download.opensuse.org" domain in the repo configuration in the /etc/repo.d (or /etc/zypp/repo.d) to some other server from the list: https://mirrors.opensuse.org/list/15.0.html and put it into the repository files (/etc/repo.d/* or /etc/zypp/*), e.g. http://nrt.edge.kernel.org/opensuse (instead of http://download.opensuse.org).
Also you can change source server even in the OpenSUSE installation mode while use graphical install. For that you should cancel graphical install and when text mode menu opened, in the "Expert mode" you can edit configuration from the console. In the console you can't use "vi" so use "sed" command to change the file contents.
Scan configs:
grep "downloads.opensuse.org" -r /etc
Change content for every file:
sed -i s/downloads.opensuse.org/nrt.edge.kernel.org\/opensuse/g /etc/products.d/openSUSE.prod
...

Upgrading to Ansible 2.0 with Digital Ocean api v2 Issues

I have a working vagrant + ansible setup to provision my digital ocean, it was running on api v1, but when DO deprecated it I got an error message telling me there was no support for v1 anymore. After a research I found out I needed to upgrade to ansible 2.0 + update my digital_ocean.py since the older one was still using client_id and api_key, the new one however now uses the api_token.
Basically I've updated
1.digital_ocean.py which I got from ansible repo module
2. digital_ocean.ini to contain the api_token
3. updated my api token from DO to make sure it's using the new one
but when I execute my ansible playbook I initially got this error
ERROR! The file provisioning/inventory/staging/digital_ocean.py looks like it should be an executable inventory script, but is not marked executable. Perhaps you want to correct this with `chmod +x provisioning/inventory/staging/digital_ocean.py`?
So naturally had to chmod +x it but when I did I get a new error which is
ERROR! The file provisioning/inventory/staging/digital_ocean.py is marked as executable, but failed to execute correctly. If this is not supposed to be an executable script, correct this with `chmod -x provisioning/inventory/staging/digital_ocean.py`.
ERROR! Inventory script (provisioning/inventory/staging/digital_ocean.py) had an execution error:
ERROR! provisioning/inventory/staging/digital_ocean.py:3: Error parsing host definition ''''': No closing quotation
The next one seem to be json parsing related, my only problem is that it's on line 3 which if you check on the code itself are still on the comment side
https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/digital_ocean.py
I received both errors mentioned and solved them with the following:
The dopy related error was due to the fact that my python and pip were installed differently. dopy was installed via pip which was installed via homebrew. I was using the system python. When I installed python via homebrew, the script found dopy just fine.
Regarding the second error, that is the result I got when not setting the DO_API_TOKEN. I set mine in the command itself with:
DO_API_TOKEN=<api_token> ansible -i digital_ocean.py all -m ping