KeychainStore not found

GarbageYard · October 30, 2017, 11:15am

I am running a docker build in GitLab CI and getting following error during build:

14:08:13.130 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] FAILURE: Build failed with an exception.
14:08:13.130 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] 
14:08:13.130 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] * What went wrong:
14:08:13.131 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] A problem occurred configuring root project 'com.abc.demo.cia'.
14:08:13.131 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] > Could not resolve all files for configuration ':classpath'.
14:08:13.132 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]    > Could not resolve com.github.jacobono:gradle-jaxb-plugin:1.3.6.
14:08:13.132 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]      Required by:
14:08:13.132 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          project :
14:08:13.142 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]       > Could not resolve com.github.jacobono:gradle-jaxb-plugin:1.3.6.
14:08:13.143 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          > Could not get resource 'https://artifactory.abc.net/artifactory/plugins/com/github/jacobono/gradle-jaxb-plugin/1.3.6/gradle-jaxb-plugin-1.3.6.pom'.
14:08:13.144 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]             > org.apache.http.ssl.SSLInitializationException: KeychainStore not found
14:08:13.145 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]    > Could not resolve org.jfrog.buildinfo:build-info-extractor-gradle:latest.release.
14:08:13.145 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]      Required by:
14:08:13.146 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          project :
14:08:13.146 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]       > Could not resolve org.jfrog.buildinfo:build-info-extractor-gradle:latest.release.
14:08:13.147 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          > Failed to list versions for org.jfrog.buildinfo:build-info-extractor-gradle.
14:08:13.147 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]             > Unable to load Maven meta-data from https://artifactory.abc.net/artifactory/plugins/org/jfrog/buildinfo/build-info-extractor-gradle/maven-metadata.xml.
14:08:13.147 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]                > Could not get resource 'https://artifactory.abc.net/artifactory/plugins/org/jfrog/buildinfo/build-info-extractor-gradle/maven-metadata.xml'.
14:08:13.148 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]                   > org.apache.http.ssl.SSLInitializationException: KeychainStore not found
14:08:13.148 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]    > Could not resolve org.springframework.boot:spring-boot-gradle-plugin:1.5.8.RELEASE.
14:08:13.151 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]      Required by:
14:08:13.152 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          project :
14:08:13.162 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]       > Could not resolve org.springframework.boot:spring-boot-gradle-plugin:1.5.8.RELEASE.
14:08:13.163 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]          > Could not get resource 'https://artifactory.abc.net/artifactory/plugins/org/springframework/boot/spring-boot-gradle-plugin/1.5.8.RELEASE/spring-boot-gradle-plugin-1.5.8.RELEASE.pom'.
14:08:13.165 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter]             > org.apache.http.ssl.SSLInitializationException: KeychainStore not found
14:08:13.166 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] 
14:08:13.167 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] * Try:
14:08:13.168 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] Run with --stacktrace option to get the stack trace. 
14:08:13.169 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] 
14:08:13.169 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] * Get more help at https://help.gradle.org
14:08:13.170 [ERROR] [org.gradle.internal.buildevents.BuildResultLogger] 
14:08:13.172 [ERROR] [org.gradle.internal.buildevents.BuildResultLogger] BUILD FAILED in 4s

Content of GitLab .gitlab-ci.yml:

image: gradle-base:1.0

variables:
 GRADLE_OPTS: "-Dorg.gradle.daemon=false"
 COMPOSE_PROJECT_NAME: "TEST-RDI"

stages:
  - build
  - package
  - deploy


build:
  stage: build
  script:
   - gradle --debug wrapper
   - "./gradlew clean build"
  artifacts:
    paths:
      - target/*.jar

docker-build:
  stage: package
  ...
  ...

docker-deploy:
  stage: deploy
  ...
  ...

Image gradle-base:1.0 shown above was built using the following Dockerfile:

FROM docker.artifactory.abc.net/gradle:4.2-alpine

COPY abc-root-ca.pem /tmp/

RUN set -x; \
        keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts \
                -storepass changeit -noprompt -alias abcrootca -file /tmp/abc-root-ca.pem \
        ; \
        keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts | grep -A1 abc \
        ; \

When i built the Dockerfile, i could see that the cert i was trying to import was successfully imported.

GarbageYard · October 31, 2017, 5:58am

Hello. I hope this question was posted on a relevant forum. Please comment if i’m wrong in my assumption. If that’s the case, please let me know where should this be posted.

mcskocsis · November 6, 2017, 10:02pm

Hey!

I had a similar problem and took me couple of hours to figure it out.
The general problem is that you are probably running the build via gradle wrapper. Now for this there is a hardcoded jvmargs located in the gradle.properties that does not exists. This gradle docker base is built on some kind of a ubuntu like scheme, so there is this package facility called: ca-certificates that handles all the trust cert related goodies.

build a custom docker image like this
Now try the following in the Dockerfile:

FROM gradle
COPY your-root_ca.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates
CMD [“gradle”]

use this new docker image in your gitlab ci yaml

Remove this part of the the jvmargs in the gradle.properties: -Djavax.net.ssl.keystore="$JAVA_HOME/jre/lib/security/cacerts"

After this the build ran fine for me.

GarbageYard · November 7, 2017, 5:44am

Thanks Mate for the reply. Unfortunately, i am no longer part of that project so i cannot verify it now as i don’t have the code base with me.