Could not get image size for download (baremetal-deploy debian-unstable)

Ten64 Forum
1

I’m getting the error ERROR: Could not get image size for download when trying to do an install of debian-unstable onto the nvm device in a new ten64 device.

root@recovery000afa2428d1:/# appstore-list
Lists not downloaded, will attempt to download
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  9558  100  9558    0     0  41556      0 --:--:-- --:--:-- --:--:-- 65465
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1702  100  1702    0     0   7464      0 --:--:-- --:--:-- --:--:-- 12701
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   143  100   143    0     0    616      0 --:--:-- --:--:-- --:--:--  1083
registry        |appliance id                    |description                     
----------------|--------------------------------|--------------------------------
officialdistro  |ubuntu-bionic                  *|Ubuntu Server 18.04 LTS ("Bionic Beaver")
officialdistro  |ubuntu-focal                   *|Ubuntu Server 20.04 LTS ("Focal Fossa")
officialdistro  |ubuntu-hirsute                 *|Ubuntu Server 21.04 ("Hirsute Hippo")
officialdistro  |opensuse-tumbleweed-jeos        |OpenSUSE Tumbleweed JeOS        
officialdistro  |opensuse-leap-15.3-jeos         |OpenSUSE Leap 15.3 JeOS         
officialdistro  |debian-stable                  *|Debian stable (11)              
officialdistro  |debian-testing                 *|Debian testing (11)             
officialdistro  |debian-unstable                *|Debian unstable (sid)           
officialdistro  |fedora-34                      *|Fedora 34 Server/Cloud          
traverse        |traverse-openwrt-arm64          |Traverse OpenWrt build for ARM64 (disk devices)
traverse        |muvirt                          |muvirt (disk install)           
[4 entries hidden due to incompatibility with this platform, use --show-all to display them]
* = uses fixup manipulator to work on this platform
P = provisioner manipulator available
root@recovery000afa2428d1:/# baremetal-deploy debian-unstable /dev/nvme0
nvme0    nvme0n1
root@recovery000afa2428d1:/# baremetal-deploy debian-unstable /dev/nvme0n1 
Checking compatibility... 
NOTE: A manipulator will be used to fix compatibility issues between this image and hardware platform
ID: ten64-apt-manipulator            by Traverse Technologies
URL: https://archive.traverse.com.au/pub/arm-image-registry/manipulators/apt/apt-manipulator.lua


Appliance to deploy: debian-unstable - Debian unstable (sid)
Device to deploy to: /dev/nvme0n1 (931.51GiB)
Downloading image
ERROR: Could not get image size for download
If issue persists, please file a bug for this listing
root@recovery000afa2428d1:/# baremetal-deploy debian-unstable /dev/nvme0n1 
Checking compatibility... 
NOTE: A manipulator will be used to fix compatibility issues between this image and hardware platform
ID: ten64-apt-manipulator            by Traverse Technologies
URL: https://archive.traverse.com.au/pub/arm-image-registry/manipulators/apt/apt-manipulator.lua


Appliance to deploy: debian-unstable - Debian unstable (sid)
Device to deploy to: /dev/nvme0n1 (931.51GiB)
Downloading image
ERROR: Could not get image size for download
If issue persists, please file a bug for this listing
2

The issue seems to be something to do with CA verification,

root@recovery000afa2428d1:/# curl -L -I https://cloud.debian.org/images/cloud/sid/daily/20211001-782/debian-sid-generic-arm64-daily-20211001-782.qcow2
curl: (77)      CA signer not available for verification

I’m guessing this is fallout from the Let’s Encrypt certificate expiry.

3

As a temporary workaround I hacked the baremetal-deploy script to add -k to the curl command.

4

Was flagged in this thread as well:

The curl+opensslwolfssl in the recovery firmware isn’t seeing the newer ISRG root for Letsencrypt, I’m going to try and rebase the recovery firmware soon.
(edit: for some reason muvirt and it’s downstream consumers, e.g recovery firmware were using wolfssl for curl instead of openssl)