Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shared ARG or Whitelist /dev/pts/ptmx in Cloud Build #1033

Closed
dinvlad opened this issue Feb 6, 2020 · 3 comments
Closed

Shared ARG or Whitelist /dev/pts/ptmx in Cloud Build #1033

dinvlad opened this issue Feb 6, 2020 · 3 comments
Milestone
Release v1.0.0

Comments

@dinvlad
Copy link

dinvlad commented Feb 6, 2020
edited
Loading

Actual behavior
When running a build in Cloud Build, it fails with

failed to execute command: extracting fs from image: removing whiteout .wh.dev: unlinkat //dev/pts/ptmx: operation not permitted

If I move ARG DIST=/opt after FROM (see below), then the build succeeds. However, I keep it above because it's used in multi-staged builds (where a single ARG value is shared among multiple stages). But the error appears even in the absence of other stages.

Expected behavior
Build succeeds.

Alternatively, would it be possible to whitelist /dev/pts?

To Reproduce
Steps to reproduce the behavior:

  1. Dockerfile:
ARG DIST=/opt

FROM gcr.io/cloud-builders/wget

ARG DIST
RUN echo ${DIST}
  1. cloudbuild.yaml:
steps:
- name: gcr.io/kaniko-project/executor
  args:
  - --destination=gcr.io/${PROJECT_ID}/kaniko-ptmx-repro
  - --cache=true

Additional Information

  • Dockerfile (see above)
  • Build Context: -
  • Kaniko Image (fully qualified with digest): gcr.io/kaniko-project/executor@sha256:565d31516f9bb91763dcf8e23ee161144fd4e27624b257674136c71559ce4493 (v0.17.1)
  • Debug log:
BUILD
Pulling image: gcr.io/kaniko-project/executor
Using default tag: latest
latest: Pulling from kaniko-project/executor
Digest: sha256:565d31516f9bb91763dcf8e23ee161144fd4e27624b257674136c71559ce4493
Status: Downloaded newer image for gcr.io/kaniko-project/executor:latest
gcr.io/kaniko-project/executor:latest
DEBU[0000] Copying file /workspace/Dockerfile to /kaniko/Dockerfile 
DEBU[0000] Skip resolving path /kaniko/Dockerfile       
DEBU[0000] Skip resolving path /workspace/              
DEBU[0000] Skip resolving path /cache                   
DEBU[0000] Skip resolving path                          
DEBU[0000] Skip resolving path                          
DEBU[0000] Skip resolving path                          
INFO[0000] Resolved base name gcr.io/cloud-builders/wget to gcr.io/cloud-builders/wget 
INFO[0000] Resolved base name gcr.io/cloud-builders/wget to gcr.io/cloud-builders/wget 
INFO[0000] Retrieving image manifest gcr.io/cloud-builders/wget 
DEBU[0000] No file found for cache key sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d stat /cache/sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d: no such file or directory 
DEBU[0000] Image gcr.io/cloud-builders/wget not found in cache 
INFO[0000] Retrieving image manifest gcr.io/cloud-builders/wget 
INFO[0000] Built cross stage deps: map[]                
INFO[0000] Retrieving image manifest gcr.io/cloud-builders/wget 
DEBU[0000] No file found for cache key sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d stat /cache/sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d: no such file or directory 
DEBU[0000] Image gcr.io/cloud-builders/wget not found in cache 
INFO[0000] Retrieving image manifest gcr.io/cloud-builders/wget 
DEBU[0001] optimize: composite key for command ARG DIST {[sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d ARG DIST]} 
DEBU[0001] optimize: cache key for command ARG DIST 0bfa8f9f752bd48e8540d6790d62fd31bea228295a0311c725368ea2c18834c3 
DEBU[0001] optimize: composite key for command RUN echo ${DIST} {[sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d ARG DIST RUN echo ${DIST}]} 
DEBU[0001] optimize: cache key for command RUN echo ${DIST} 99b2e2e1e2d558a9001845fb5bc050d0a10dc50d718df9f456bbae0cbdf07e9e 
INFO[0001] Checking for cached layer gcr.io/<project>/kaniko-ptmx-repro/cache:99b2e2e1e2d558a9001845fb5bc050d0a10dc50d718df9f456bbae0cbdf07e9e... 
INFO[0001] Using caching version of cmd: RUN echo ${DIST} 
INFO[0001] Skipping unpacking as no commands require it. 
INFO[0001] Taking snapshot of full filesystem...        
INFO[0001] ARG DIST                                     
INFO[0001] No files changed in this command, skipping snapshotting. 
DEBU[0001] build: composite key for command ARG DIST &{[sha256:fcbc52cce257e002accec94d8170900429ab51d3ddda629142a6f5a887079d6d ARG DIST]} 
DEBU[0001] build: cache key for command ARG DIST 0bfa8f9f752bd48e8540d6790d62fd31bea228295a0311c725368ea2c18834c3 
INFO[0001] RUN echo ${DIST}                             
INFO[0001] Found cached layer, extracting to filesystem 
DEBU[0001] Mounted directories: [{/kaniko false} {/etc/mtab false} {/tmp/apt-key-gpghome true} {/var/run false} {/proc false} {/dev false} {/dev/pts false} {/sys false} {/sys/fs/cgroup false} {/sys/fs/cgroup/systemd false} {/sys/fs/cgroup/hugetlb false} {/sys/fs/cgroup/pids false} {/sys/fs/cgroup/freezer false} {/sys/fs/cgroup/perf_event false} {/sys/fs/cgroup/cpu,cpuacct false} {/sys/fs/cgroup/rdma false} {/sys/fs/cgroup/net_cls,net_prio false} {/sys/fs/cgroup/devices false} {/sys/fs/cgroup/cpuset false} {/sys/fs/cgroup/blkio false} {/sys/fs/cgroup/memory false} {/dev/mqueue false} {/workspace false} {/builder/outputs false} {/root/tokencache false} {/builder/home false} {/etc/resolv.conf false} {/etc/hostname false} {/etc/hosts false} {/dev/shm false} {/var/run/docker.sock false}] 
DEBU[0001] Whiting out /.wh.dev                         
error building image: error building stage: failed to execute command: extracting fs from image: removing whiteout .wh.dev: unlinkat //dev/pts/ptmx: operation not permitted
ERROR
ERROR: build step 0 "gcr.io/kaniko-project/executor" failed: exit status 1

This might be related to #1001

Triage Notes for the Maintainers

Description Yes/No
Please check if this a new feature you are proposing
Please check if the build works in docker but not in kaniko
Please check if this error is seen when you use --cache flag
Please check if your dockerfile is a multistage dockerfile
@dinvlad dinvlad changed the title Whilelist /dev/pts/ptmx in Cloud Build Shared ARG or Whitelist /dev/pts/ptmx in Cloud Build Feb 6, 2020
BlueSpaceCanary added a commit to BlueSpaceCanary/rustbucket that referenced this issue Feb 6, 2020
@BlueSpaceCanary
Whitelist /dev/pts in kaniko build
75da530 
Work around GoogleContainerTools/kaniko#1033
@tejal29 tejal29 added this to the Release v1.0.0 milestone Feb 6, 2020
@dinvlad
Copy link
Author

dinvlad commented Feb 7, 2020

I should add that this issue started happening for us today (2/6/20) ~1:48 PM EST, without any changes to the Dockerfile or cloudbuild.yaml. Prior to that, a successful build happened earlier today ~10:29 AM EST, which I assume indicates that something changed on Cloud Build infra side..

@michaelfindlater
Copy link

michaelfindlater commented Feb 7, 2020
edited
Loading

Been getting this for two days now on Cloud Build.

For now, having to use --cache=false for builds to pass :(

If anyone has a solution or suggestion, it would be appreciated.

Args we are using are when encountering the error:

         '--cache=true',
         '--cache-ttl=8h',

@tejal29
Copy link
Contributor

tejal29 commented Feb 7, 2020

Dupe of #1039

@tejal29 tejal29 closed this as completed Feb 7, 2020
@dinvlad dinvlad mentioned this issue Feb 17, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release v1.0.0
Development

No branches or pull requests
3 participants
@dinvlad @tejal29 @michaelfindlater