CMake failing to fetch source tarballs from GitHub when building in an SDK

cpswan · October 28, 2024, 4:59pm

This is a slightly weird one, as everything works fine with a git clone of the OpenWRT repo, but if I start with an SDK it gets to the point where CMake is pulling in dependent packages, and that fails:

CMake Error at mbedtls-subbuild/mbedtls-populate-prefix/src/mbedtls-populate-stamp/download-mbedtls-populate.cmake:163 (message):
  Each download failed!

    error: downloading 'https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2' failed
          status_code: 6
          status_string: "Couldn't resolve host name"
          log:
          --- LOG BEGIN ---
          timeout on name lookup is not supported

  getaddrinfo(3) failed for github.com:443

  Could not resolve host: github.com

  Closing connection



          --- LOG END ---

The V=s logs running up to that are:

-- [MbedTLS] fetching package...
[0/8] Performing download step (download, verify and extract) for 'mbedtls-populate'
-- verifying file...
       file='/home/chris/openwrt_sdk/openwrt-sdk-mediatek-filogic_gcc-13.3.0_musl.Linux-x86_64/build_dir/target-aarch64_cortex-a53_musl/csshnpd-c0.2.0/_deps/mbedtls-subbuild/mbedtls-populate-prefix/src/mbedtls-3.6.1.tar.bz2'
-- SHA256 hash of
    /home/chris/openwrt_sdk/openwrt-sdk-mediatek-filogic_gcc-13.3.0_musl.Linux-x86_64/build_dir/target-aarch64_cortex-a53_musl/csshnpd-c0.2.0/_deps/mbedtls-subbuild/mbedtls-populate-prefix/src/mbedtls-3.6.1.tar.bz2
  does not match expected value
    expected: 'fc8bef0991b43629b7e5319de6f34f13359011105e08e3e16eed3a9fe6ffd3a3'
      actual: 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
-- File already exists but hash mismatch. Removing...
-- Downloading...
   dst='/home/chris/openwrt_sdk/openwrt-sdk-mediatek-filogic_gcc-13.3.0_musl.Linux-x86_64/build_dir/target-aarch64_cortex-a53_musl/csshnpd-c0.2.0/_deps/mbedtls-subbuild/mbedtls-populate-prefix/src/mbedtls-3.6.1.tar.bz2'
   timeout='none'
   inactivity timeout='none'
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'
-- Retrying...
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'
-- Retry after 5 seconds (attempt #2) ...
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'
-- Retry after 5 seconds (attempt #3) ...
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'
-- Retry after 15 seconds (attempt #4) ...
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'
-- Retry after 60 seconds (attempt #5) ...
-- Using src='https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-3.6.1/mbedtls-3.6.1.tar.bz2'

It's not just mbedtls, but everything else - cjson, uuid4 etc.

It's also not just the filogic SDK, but so far every one I've tried.

When I go to the target directory (in this case /home/chris/openwrt_sdk/openwrt-sdk-mediatek-filogic_gcc-13.3.0_musl.Linux-x86_64/build_dir/target-aarch64_cortex-a53_musl/csshnpd-c0.2.0/_deps/mbedtls-subbuild/mbedtls-populate-prefix/src/ I find an empty mbedtls-3.6.1.tar.bz2. If I delete that and wget the source tarball manually the build is able to proceed (and fail on the next dependency - ultimately working after I've manually downloaded all the dependent packages).

Host OS: Ubuntu 24.04.01 and Debian 12
./staging_dir/host/bin/cmake --version is 3.30.5

The package I'm building sits in a git clone of Atsign OpenWRT packages with feeds.conf pointed to src-link atsign /home/chris/git/github.com/atsign-foundation/Atsign_OpenWRT_packages/packages

This looks like some kind of sandboxing issue (where the sandbox isn't allowed to connect out to GitHub). But I don't know where to start in terms of why the SDKs would have a sandbox when a clone of the source doesn't.

frollic · October 30, 2024, 12:14pm

DLed how ?
same host and user as where you're building ?

doesn't really sound like an openwrt issue though.... ?

cpswan · October 30, 2024, 4:05pm

DLed how ?
same host and user as where you're building ?

I delete the empty file and download with wget.
It's the same host and user that I'm using for make

doesn't really sound like an openwrt issue though.... ?

The only place I've seen this is with OpenWRT SDKs. The CMakeLists.txt behaves itself in all other contexts I've tried (including feeds into clones of OpenWRT from git). So something's happening that's peculiar to the buildroot of an SDK.

I'd also note that this doesn't happen with the GL.iNet SDK(s).

cpswan · November 5, 2024, 1:52pm

I think I've figured out what the issue is, and I have a workaround..

A bit more googling took me to this issue, which suggested that the problem could be CMake without TLS support (as I'm trying to fetch stuff from https URLs).

Swapping out the ./staging_dir/host/bin/cmake for my system cmake (along with copying over /usr/share/cmake-3.25 to ./staging_dir/host/share/) got things working. NB I was being vary lazy here, as the CMake with the SDK I'm using is 3.30.5 and I could have gone off and got that precise version.

So... I now need to dig around to figure out why the SDKs are being built with a host CMake that can't handle https URLs (whilst the same in buildroot works just fine)?