TechQA.

How do I fix a webui build that is causing CAfile error when git needs a cerfiticate for a npm install of noVNC

433 views Asked by At

The specific error is:

11634 verbose node v12.14.1
11635 verbose npm  v6.13.4
11636 error Error while executing:
11636 error /home/openbmc/code/openbmc/rpi-build/tmp/hosttools/git ls-remote -h -t https://github.com/novnc/noVNC.git
11636 error
11636 error fatal: unable to access 'https://github.com/novnc/noVNC.git/': error setting certificate verify locations:
11636 error   CAfile: /opt/poky/3.1/sysroots/x86_64-pokysdk-linux/etc/ssl/certs/ca-certificates.crt
11636 error   CApath: none

Testing manually:

If I run the command manually in a new shell, it fails the same, indicating it is using a default certificate path. If I run it in the shell with the environment for bitbake, it works. This is because GIT_SSL_CAINFO is properly defined.

The behavior suggests that when git is run from hosttools, it is not using the bitbake shell environment, because that environment defines a correct GIT_SSL_CAINFO with a path to the buildtools area with a valid certificate.

I assume that poky is creating a special environment for running hosttools independently from my main shell. If this is the case, there needs to be a way to add GIT_SSL_CAINFO into this environment, which I have no idea how to do.

I poked around other targets looking for clues but could not find anything that suggested to me this variable would be defined.

A search of the tree on GIT_SSL_CAINFO did not turn anything up, but it is possible there is a variable with another name.

perhaps there is a way to set http.sslCAInfo to take the place of GIT_SSL_CAINFO?

The context:

I first compiled up the raspberry pi build and tested that it runs. Then I added in meta-phosphor, which also pulls in webui.

webui has a dependency on noVNC, but with a specific version, which appears to cause this command to run and fail.

How I setup the build:

git clone https://github.com/openbmc/openbmc.git
git checkout cb91a77
# Modify layers to include meta-phosphor and webui
scripts/install-buildtools
. /home/openbmc/code/openbmc/poky/buildtools/environment-setup-x86_64-pokysdk-linux
bitbake bmap-tools-native -caddto_recipe_sysroot
. oe-init-build-env rpi-build (per session)
# Modify conf files in rpi-build
bitbake core-image-base
openbmc
Original Q&A
1

There are 1 answers

0
Mike Jones On

My work around:

sudo git config --system http.sslcainfo /home/openbmc/code/openbmc/poky/buildtools/sysroots/x86_64-pokysdk-linux/etc/ssl/certs/ca-certificates.crt

I would rather handle the problem in the build, but could not find a way to do so.

Related Questions in OPENBMC

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions