php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79445 Connection timed out when accessing website from github actions
Submitted: 2020-04-02 07:47 UTC Modified: 2020-04-02 08:28 UTC
Votes:9
Avg. Score:4.6 ± 0.5
Reproduced:9 of 9 (100.0%)
Same Version:6 (66.7%)
Same OS:7 (77.8%)
From: eric at thisisdevelopment dot nl Assigned: sas (profile)
Status: Assigned Package: Systems problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-04-02 07:47 UTC] eric at thisisdevelopment dot nl
Description:
------------
When trying to setup a github action which automatically tracks upstream php releases, I have ran into a problem. When running the script locally, it works great. However if I run the script via a github action; it will exit (most of the time) with a connection timed out error.

At first it seemed to work sometimes, but now it doesn't seem to work at all.

Things I have tried:
- explicitly using only ipv4 (as it seemed ipv6 gave some issues), this seemed to work at first, but now it doesn't anymore.
- using a different user-agent; this does not seem to make any difference


Test script:
---------------
curl -4 -vso- "https://www.php.net/releases/?json&version=7.2"

See https://github.com/thisisdevelopment/php/blob/master/update.sh for the full script


Expected result:
----------------
*   Trying 185.85.0.29...
* TCP_NODELAY set
* Connected to www.php.net (185.85.0.29) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=*.php.net
*  start date: May 24 00:00:00 2019 GMT
*  expire date: May 23 12:00:00 2021 GMT
*  subjectAltName: host "www.php.net" matched cert's "*.php.net"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Thawte TLS RSA CA G1
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55ede8034580)
> GET /releases/?json&version=7.2 HTTP/2
> Host: www.php.net
> User-Agent: curl/7.58.0
> Accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 200 
< server: myracloud
< date: Thu, 02 Apr 2020 07:38:57 GMT
< content-type: application/json
< content-language: en
< x-frame-options: SAMEORIGIN
< set-cookie: COUNTRY=NA%2C62.251.38.5; expires=Thu, 09-Apr-2020 07:38:57 GMT; Max-Age=604800; path=/; domain=.php.net
< expires: Thu, 02 Apr 2020 07:38:57 GMT
< cache-control: max-age=0
< etag: "myra-e3d36e81"
< 
* Connection #0 to host www.php.net left intact
{"announcement":true,"tags":["security"],"date":"19 Mar 2020","source":[{"filename":"php-7.2.29.tar.bz2","name":"PHP 7.2.29 (tar.bz2)","sha256":"eaa1f5503f2bf0c8569ec4ae80ffd8ca8cbc260f01c2503dd0e83dfc9cf0b923","date":"19 Mar 2020"},{"filename":"php-7.2.29.tar.gz","name":"PHP 7.2.29 (tar.gz)","sha256":"ea5c96309394a03a38828cc182058be0c09dde1f00f35809622c2d05c50ee890","date":"19 Mar 2020"},{"filename":"php-7.2.29.tar.xz","name":"PHP 7.2.29 (tar.xz)","sha256":"b117de74136bf4b439d663be9cf0c8e06a260c1f340f6b75ccadb609153a7fe8","date":"19 Mar 2020"}],"version":"7.2.29"}

Actual result:
--------------
*   Trying 185.85.0.29...
* TCP_NODELAY set
* connect to 185.85.0.29 port 443 failed: Connection timed out
* Failed to connect to www.php.net port 443: Connection timed out


Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-04-02 08:20 UTC] cmb@php.net
-Package: Website problem +Package: Systems problem
 [2020-04-02 08:28 UTC] salathe@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: sas
 [2020-04-02 08:28 UTC] salathe@php.net
Assigning to Sascha from Myra.
 [2020-04-11 19:33 UTC] Unclepecos at icloud dot com
The following pull request has been associated:

Patch Name: protect master branches except for the pecl repos against force pushes
On GitHub:  https://github.com/php/karma/pull/4
Patch:      https://github.com/php/karma/pull/4.patch
 [2020-04-27 04:01 UTC] rynbty at gmail dot com
Same issue with downloading PHP distribution during docker build using github actions:


#12 [source 3/7] RUN curl -SL "https://www.php.net/distributions/php-7.4.4.t...
#12 0.074   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
#12 0.076                                  Dload  Upload   Total   Spent    Left  Speed
#12 0.077 
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:02 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:03 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:04 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:05 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:07 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:08 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:09 --:--:--     0
.
.
.
  0     0    0     0    0     0      0      0 --:--:--  0:00:25 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:26 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:27 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:28 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:29 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:30 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:31 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:31 --:--:--     0
#12 31.61 curl: (7) Failed to connect to www.php.net port 443: Operation timed out
#12 ERROR: executor failed running [/bin/sh -c curl -SL "https://www.php.net/distributions/php-${PHP_VERSION}.tar.xz" -o php.tar.xz]: buildkit-runc did not terminate successfully
------
 > [source 3/7] RUN curl -SL "https://www.php.net/distributions/php-7.4.4.tar.xz" -o php.tar.xz
 [2020-05-14 07:40 UTC] bbluegaston at gmail dot com
I have a project that builds PHP from source within a docker container using a fork of the official docker library repo. https://github.com/docker-library/php
Never had any issues locally. But when I put this within a github action, the curl request times out. 

GitHub Actions Output
---------------------
/var/lib/apt/lists/security.debian.org_debian-security_dists_buster_updates_InRelease /var/lib/apt/lists/security.debian.org_debian-security_dists_buster_updates_main_binary-amd64_Packages.lz4
+ mkdir -p /usr/src
+ cd /usr/src
+ curl -fsSL -o php.tar.xz https://www.php.net/get/php-7.4.3.tar.xz/from/this/mirror
curl: (7) Failed to connect to www.php.net port 443: Connection timed out
The command '/bin/sh -c set -eux; 		savedAptMark="$(apt-mark showmanual)"; 	apt-get update; 	apt-get install -y --no-install-recommends gnupg dirmngr; 	rm -rf /var/lib/apt/lists/*; 		mkdir -p /usr/src; 	cd /usr/src; 		curl -fsSL -o php.tar.xz "$PHP_URL"; 		if [ -n "$PHP_SHA256" ]; then 		echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; 	fi; 	if [ -n "$PHP_MD5" ]; then 		echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; 	fi; 		if [ -n "$PHP_ASC_URL" ]; then 		curl -fsSL -o php.tar.xz.asc "$PHP_ASC_URL"; 		export GNUPGHOME="$(mktemp -d)"; 		for key in $GPG_KEYS; do 			gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; 		done; 		gpg --batch --verify php.tar.xz.asc php.tar.xz; 		gpgconf --kill all; 		rm -rf "$GNUPGHOME"; 	fi; 		apt-mark auto '.*' > /dev/null; 	apt-mark manual $savedAptMark > /dev/null; 	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false' returned a non-zero code: 7

Github workflow
----------------------
name: Publish all php docker images 
on: [push]
jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Build Php
        run: docker build -t test .
        shell: bash
        working-directory: ./7.2/stretch/fpm/
 [2020-05-28 12:37 UTC] matthieu at mnapoli dot fr
I have the same problem when building AWS Lambda layers for the Bref project (inside GitHub Actions).

Is is a curl trace:

curl -v https://secure.php.net/get/php-7.4.4.tar.gz/from/this/mirror
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 185.85.0.29...
* TCP_NODELAY set
*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address
*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address

  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address

  0     0    0     0    0     0      0      0 --:--:--  0:00:02 --:--:--     0*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address


.....


  0     0    0     0    0     0      0      0 --:--:--  0:00:29 --:--:--     0*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address

  0     0    0     0    0     0      0      0 --:--:--  0:00:30 --:--:--     0*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address

  0     0    0     0    0     0      0      0 --:--:--  0:00:31 --:--:--     0* connect to 185.85.0.29 port 443 failed: Connection timed out
*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address
*   Trying 2a02:cb40:200::1ad...
* TCP_NODELAY set
* Immediate connect fail for 2a02:cb40:200::1ad: Cannot assign requested address
* Failed to connect to secure.php.net port 443: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to secure.php.net port 443: Connection timed out
 [2020-05-28 13:58 UTC] daniel at developerdan dot com
I have the same issue and also attempted the IPv4 and user-agent solutions with no success. In my case I'm trying to download https://www.php.net/eol.php from Github Actions. My tool 'php-version-audit' uses information in the EOL page to alert users if their PHP version has CVEs or is out of date. Full logs of the failure to connect errors can be found here: https://pipelines.actions.githubusercontent.com/n971RvdVsN3mbuNkoUEcSTiizTVkgjIAycSRUtGcKUB1xOev0Y/_apis/pipelines/1/runs/1198/signedlogcontent/3?urlExpires=2020-05-28T13%3A57%3A18.5542377Z&urlSigningMethod=HMACV1&urlSignature=TBMiwwkBITK4D4104t5WjHE%2FdFvQ2Bhvqa3qoBqWZqY%3D
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Jul 13 00:01:25 2020 UTC