They had a pretty big hickup and even though they claim it’s resolved, various people on HN were saying they still had problems: GitHub Status - Incident with Actions
We had to make this change to unclog the CI on Github. Hope this helps people.
--- otp: ['24.3.4']
+++ otp: ['25.0.4']
Still a very weird fix – what if you are on a very legacy setup and cannot freely update such a integral part of your stack to a next major revision? I shudder to think.
Currently in this boat. Can’t just update OTP immediately. It seems to work okay on my up-to-date local Arch environment, but fails in our Ubuntu 22.04 production container (which is also up to date). Also, curl and wget inside the container can fetch the file just fine.
Interested in any other workarounds folks may find.
Migration to OTP 25 isn’t on the table for us due to legacy code.
This is super weird issue.
We locally build with mix release and Dockerfile (the target OS is different from dev OS) and it fails on mix assets.deploy with the dependency of dart-sass failing to download itself from GitHub.
However, running mix assets.deploy on dev OS there’s no issue with CA certs. (dev OS has same elixir/OTP setup).
Weird error, I’m getting exactly the same thing running the official Docker image elixir:1.13.4 only in Github CI. Not related to Dart but to downloading Tailwind.
Anyone upgraded to the 1.14rc image? Does that fix it?
EDIT: Looks like it will because it’s on OTP 25 - still rc code
There’s official docker image for elixir:1.13.4 based on OTP 25 and you might get away with that?
I found out that OTP 25 added two new methods to get OS provided CA-certs.
When I get on my laptop again I will simply disable HTTPS check in dart-sass library until it gets fixed in its castore dependency - if I understand this issue correctly…
EDIT: either upgrade to OTP 25 or wait for new release of castore if your code (and its dependencies) depend on this CA library.
For at least ex_cldr the issue was resolved by disabling TLS 1.3 on OTP versions less than 25. As always a warm thank you to @voltone for the pointer in the right direction.