From d023bdba0602fbad6ea8aa1ea50ec9d66245adbd Mon Sep 17 00:00:00 2001 From: casjay Date: Sat, 20 Jun 2026 15:25:22 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Force=20IPv4=20in=2005-custom.sh?= =?UTF-8?q?=20to=20fix=20GitHub=20API=20SSL=20failure=20=F0=9F=90=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The casjaysdev/alpine base image routes *.github.com IPv6 addresses through casjay.in infrastructure, which presents CN=casjay.in instead of GitHub's certificate. curl -fsSL to api.github.com resolves to 2402:d0c0:12:e04e::1 and fails with "no alternative certificate subject name matches target hostname api.github.com". Standard alpine:latest uses the IPv4 address 140.82.114.6 and succeeds. Fix: write "-4" to /root/.curlrc at the top of 05-custom.sh so every curl call in the script (including the golangci-lint installer sub-script) uses IPv4. Build now completes successfully. - rootfs/root/docker/setup/05-custom.sh: add printf '-4' > /root/.curlrc before any network calls rootfs/root/docker/setup/05-custom.sh --- rootfs/root/docker/setup/05-custom.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rootfs/root/docker/setup/05-custom.sh b/rootfs/root/docker/setup/05-custom.sh index 2a22d6e..0042a61 100755 --- a/rootfs/root/docker/setup/05-custom.sh +++ b/rootfs/root/docker/setup/05-custom.sh @@ -22,6 +22,9 @@ # Set bash options set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# Force IPv4 for all curl calls in this script — the base image IPv6 routing +# intercepts *.github.com and presents a cert for casjay.in, causing SAN mismatch +printf -- '-4\n' > /root/.curlrc # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables exitCode=0