aws-codebuild-docker-images icon indicating copy to clipboard operation
aws-codebuild-docker-images copied to clipboard
verified publisher icon aws

Docker 25 support

Open bencwallace opened this issue 1 year ago • 13 comments

Would be great to have CodeBuild images with Docker 25, which was just released. As discussed here, this will make it easier to use BuildKit caching during build jobs.

bencwallace avatar Jan 22 '24 12:01 bencwallace

This is also an issue as with 25, running local builds fails with an API issue right away. The only solution is to downgrade/stick to 24.

JohnPreston avatar Feb 06 '24 09:02 JohnPreston

It looks like public.ecr.aws/codebuild/local-builds:latest has v18.09.0 of the docker CLI installed, and docker-compose 1.23.2 installed.

However, if the docker compose file within the local agent is just updated to version 2.1, then it works.

Suggestion found here: https://github.com/docker/compose/issues/5103#issuecomment-322272491

Aposhian avatar Feb 27 '24 00:02 Aposhian

I'd be happy to support v25 as well.

I tried Docker Engine v25, but I got error message

ERROR: client version 1.22 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version

I reinstalled Docker Desktop v4.26.1. It worked. v4.26.1 is the latest using Docker Engine v24. https://docs.docker.com/desktop/release-notes/#4261

souhub avatar Mar 05 '24 10:03 souhub

It looks like public.ecr.aws/codebuild/local-builds:latest has v18.09.0 of the docker CLI installed, and docker-compose 1.23.2 installed.

However, if the docker compose file within the local agent is just updated to version 2.1, then it works.

Suggestion found here: docker/compose#5103 (comment)

I'm a bit confused, where does the docker-compose file need to be updated?

dangeReis avatar Mar 07 '24 22:03 dangeReis

Inside the docker image, at /LocalBuild/agent-resources/docker-compose.yml, at the top of the file is:

version: '2'

If you change it to

version: '2.1'

then it doesn't complain anymore.

Aposhian avatar Mar 07 '24 23:03 Aposhian

@Aposhian In this repository? I'm not seeing that folder.

dangeReis avatar Mar 08 '24 15:03 dangeReis

It isn't in this repository. It is in the public.ecr.aws/codebuild/local-builds docker image. I'm not sure where the source for that is though (I don't think it is public).

Aposhian avatar Mar 08 '24 15:03 Aposhian

Now that there have been critical vulnerabilities detected in docker 4.26, as the workaround is no longer tenable.

dangeReis avatar Mar 12 '24 20:03 dangeReis

After updating the docker compose file within the local agent to version 2.1 the error ERROR: client version 1.22 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version disappeared. But I still had problems running the agent. During the execution, it just stuck on Waiting for agent ping step. To fix that, I had to upgrade the docker-compose binary.

I just built the new image using public.ecr.aws/codebuild/local-builds as a base. Dockerfile:

FROM public.ecr.aws/codebuild/local-builds:latest

RUN sed -i "s/version: '2'/version: '2.1'/g" /LocalBuild/agent-resources/docker-compose.yml
RUN curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
RUN chmod +x /usr/local/bin/docker-compose

This is my workaround, for now, to not use the old Docker engine version.

day4me avatar Mar 15 '24 17:03 day4me

During the execution, it just stuck on Waiting for agent ping step.

I ran into the same issue. I just presumed it wasn't docker related. But good to know.

Aposhian avatar Mar 16 '24 00:03 Aposhian

How can the version of docker compose be changed inside this docker image public.ecr.aws/codebuild/local-builds, when we don't have access to the source?

ghanavat avatar Mar 19 '24 23:03 ghanavat

@ghanavat

CodeBuild installs Docker and Docker Compose in the /usr/local/bin directory. You can manually update their versions by creating a Dockerfile that builds on top of the CodeBuild base images

Here is an example of Dockerfile:

FROM public.ecr.aws/codebuild/local-builds:latest AS layer1

WORKDIR /LocalBuild

RUN set -ex \
    && rm -rf /usr/local/bin/docker \
    && curl -fSL "https://download.docker.com/linux/static/stable/x86_64/docker-25.0.0.tgz" -o docker.tgz \
    && tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ \
    && rm docker.tgz \
    && docker -v

FROM layer1 AS layer2

RUN set -ex \
    && rm -rf /usr/local/bin/docker-compose \
    && curl -L "https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64" > /usr/local/bin/docker-compose \
    && chmod +x /usr/local/bin/docker-compose \
    && docker-compose version

This Dockerfile first removes the existing Docker and Docker Compose binaries, then downloads and extracts the specified Docker version into /usr/local/bin. In the second stage, it updates Docker Compose to the specified version. Remember to verify the downloaded versions and adjust the Dockerfile accordingly.

LZY7977 avatar Apr 11 '24 00:04 LZY7977

@LZY7977 Thank you. Is there a reason this hasn't made it into the official image?

dangeReis avatar Apr 11 '24 12:04 dangeReis

CodeBuild has released a new version of the local-build image, which includes upgrades to Docker version 26.1.4 and Docker Compose version 2.27.0. Please download and test the latest images to take advantage of these updates.

LZY7977 avatar Jun 20 '24 22:06 LZY7977

Added support in official images in https://github.com/aws/aws-codebuild-docker-images/commit/1bd6ad2e247b957c8597fc31e172e3d2df185a19

leoherran-aws avatar Aug 23 '24 23:08 leoherran-aws