Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

library failing on Google Cloud Composer looking for openssl 3 #53

Open
ManikandanUV opened this issue Jun 7, 2024 · 4 comments
Open

library failing on Google Cloud Composer looking for openssl 3 #53

ManikandanUV opened this issue Jun 7, 2024 · 4 comments

Comments

@ManikandanUV
Copy link

We have a python script that works well on local machine which has openssl3, but fails to run on google cloud composer because it is looking for openssl 3 where as composer only comes with openssl 1.1.

Since it's not straightforward/possible to install/upgrade os level packages on cloud composer, please look into this issue and allow use of openssl 1.1

[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     from onepassword.client import Client
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/site-packages/onepassword/__init__.py", line 1, in <module>
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     from .client import Client
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/site-packages/onepassword/client.py", line 2, in <module>
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     from .core import _init_client, _release_client
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/site-packages/onepassword/core.py", line 6, in <module>
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     import onepassword.lib.x86_64.op_uniffi_core as core
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/site-packages/onepassword/lib/x86_64/op_uniffi_core.py", line 490, in <module>
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     _UniffiLib = _uniffi_load_indirect()
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/site-packages/onepassword/lib/x86_64/op_uniffi_core.py", line 468, in _uniffi_load_indirect
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     lib = ctypes.cdll.LoadLibrary(path)
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/ctypes/__init__.py", line 451, in LoadLibrary
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     return self._dlltype(name)
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -   File "/opt/python3.8/lib/python3.8/ctypes/__init__.py", line 373, in __init__
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO -     self._handle = _dlopen(self._name, mode)
[2024-06-03, 00:00:22 EDT] {process_utils.py:189} INFO - OSError: libssl.so.3: cannot open shared object file: No such file or directory
[2024-06-03, 00:00:22 EDT] {taskinstance.py:1826} ERROR - Task failed with exception
@ldelberg
Copy link

same issue for an Microsoft DevContainer with pyhton3:
mcr.microsoft.com/devcontainers/python:1-3.12-bullseye

openssl version -a
OpenSSL 1.1.1w 11 Sep 2023
built on: Wed Sep 13 19:21:33 2023 UTC
platform: debian-arm64
options: bn(64,64) rc4(char) des(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/reproducible-path/openssl-1.1.1w=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DVPAES_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/aarch64-linux-gnu/engines-1.1"
Seeding source: os-specific

@jedepels
Copy link

Same issue here. And even trying to install openssl3 manually in the container that tries to run this package (bitbucket pipelines) does not resolve the error for me...

@AndyTitu
Copy link
Contributor

AndyTitu commented Jun 19, 2024
edited
Loading

Hey folks, thanks for flagging this. Indeed the issue seems to be that openssl has an older version on some systems (usually 1.1.1) while our SDK requires openssl 3. I found this guide on how to install openssl 3, which should be followed until step 5. It is aimed at Ubuntu users, but it works for Debian as well. Most commands worked for me as is, but some needed some slight modifications (for me libssl.so.3 was in /usr/local/ssl/bin)

@ManikandanUV
Copy link
Author

Hey folks, thanks for flagging this. Indeed the issue seems to be that openssl has an older version on some systems (usually 1.1.1) while our SDK requires openssl 3. I found this guide on how to install openssl 3, which should be followed until step 5. It is aimed at Ubuntu users, but it works for Debian as well. Most commands worked for me as is, but some needed some slight modifications (for me libssl.so.3 was in /usr/local/ssl/bin)

The problem is that these services mentioned in the above comments are server less services, where you are not meant to have any control over the underlying OS. Even if you somehow manage to make changes, there is no guarantee that it would persist. We have already tried everything to upgrade the open SSL version on the Google Composer's underlying Ubuntu system. Is it not possible to add compatibility with openssl 1.1, especially considering these server less services?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ManikandanUV @AndyTitu @ldelberg @jedepels