cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon devcontainers

issue: `docker.io` in `syntax=` definitions does not work in corporate network

Open georglauterbach opened this issue 9 months ago • 4 comments

Using a Dockerfile works in a corporate network because the syntax= definition is used correctly. But when using the image directive (because a build with a Dockerfile is not required), Dev Containers use a fallback

https://github.com/devcontainers/cli/blob/5c9623c78d17ee4f2d75899c1d9c59a9b266611e/src/spec-node/containerFeatures.ts#L262

that cannot be resolved properly in our network. Can we do something about this, or do I have to use a Dockerfile?

georglauterbach avatar Apr 10 '25 10:04 georglauterbach

Thanks for opening. @chrmarti I'd be curious to get your thoughts here.

bamurtaugh avatar Apr 29 '25 23:04 bamurtaugh

I am not sure what happened, but I tried again today and for some reason, it worked - without using a Dockerfile. I will test a few more times and close this if everything continues to work.

georglauterbach avatar Apr 30 '25 15:04 georglauterbach

I currently cannot replicate it. I will close this and re-open in case it pops up again.

georglauterbach avatar May 09 '25 12:05 georglauterbach

@bamurtaugh @chrmarti It has happened again. This time, I have some log for you:

Click to expand 
[2025-08-08T08:37:21.158Z] Dev Containers 0.424.0 over Remote - SSH 0.120.0 in VS Code 1.102.1 (7adae6a56e34cb64d08899664b814cf620465925).
[2025-08-08T08:37:21.158Z] Start: Resolving Remote
[2025-08-08T08:37:21.162Z] Start: Loading environment from ExecServer
[2025-08-08T08:37:21.163Z] Stop (1 ms): Loading environment from ExecServer
[2025-08-08T08:37:21.164Z] Host OS: linux 6.8.0-63-generic
[2025-08-08T08:37:21.164Z] Host CWD: <CWD>
[2025-08-08T08:37:21.164Z] Start: Run: /bin/sh 
[2025-08-08T08:37:21.169Z] Start: Run in host: echo ~
[2025-08-08T08:37:21.212Z] /home/<USERNAME>
[2025-08-08T08:37:21.212Z] 
[2025-08-08T08:37:21.212Z] Stop (43 ms): Run in host: echo ~
[2025-08-08T08:37:21.212Z] Start: Run in host: id -un
[2025-08-08T08:37:21.255Z] <USERNAME>
[2025-08-08T08:37:21.255Z] 
[2025-08-08T08:37:21.255Z] Stop (43 ms): Run in host: id -un
[2025-08-08T08:37:21.255Z] Start: Run in host:  (command -v getent >/dev/null 2>&1 && getent passwd '<USERNAME>' || grep -E '^<USERNAME>|^[^:]*:[^:]*:<USERNAME>:' /etc/passwd || true)
[2025-08-08T08:37:21.299Z] Stop (44 ms): Run in host:  (command -v getent >/dev/null 2>&1 && getent passwd '<USERNAME>' || grep -E '^<USERNAME>|^[^:]*:[^:]*:<USERNAME>:' /etc/passwd || true)
[2025-08-08T08:37:21.299Z] userEnvProbe: loginInteractiveShell (default)
[2025-08-08T08:37:21.299Z] userEnvProbe: not found in cache
[2025-08-08T08:37:21.300Z] userEnvProbe shell: /bin/bash
[2025-08-08T08:37:21.449Z] userEnvProbe PATHs:
Probe:     '<PATH>'
Container: None
[2025-08-08T08:37:21.452Z] Setting up container for folder or workspace: <CWD>
[2025-08-08T08:37:21.452Z] Host authority: ssh-remote+tower
[2025-08-08T08:37:21.542Z] Start: Check Docker is running
[2025-08-08T08:37:21.543Z] Start: Run: docker version
[2025-08-08T08:37:21.586Z] Client: Docker Engine - Community
[2025-08-08T08:37:21.586Z]  Version:           28.3.1
 API version:       
[2025-08-08T08:37:21.586Z] 1.51
 Go version:        go1.24.4
 Git commit:        38b7060
 Built:        
[2025-08-08T08:37:21.586Z]      Wed Jul  2 20:56:27 2025
 OS/Arch:           linux/amd64
[2025-08-08T08:37:21.587Z] 
 Context:           default
[2025-08-08T08:37:21.587Z] 
[2025-08-08T08:37:21.587Z] Server: Docker Engine - Community
[2025-08-08T08:37:21.587Z]  Engine:
[2025-08-08T08:37:21.587Z]   Version:          28.3.1
  API version:      
[2025-08-08T08:37:21.587Z] 1.51 (minimum version 1.24)
  Go version:       go1.24.4
  Git commit:       5beb93d
[2025-08-08T08:37:21.587Z]   Built:            Wed Jul  2 20:56:27 2025
  OS/Arch:          linux/amd64
[2025-08-08T08:37:21.587Z] 
  Experimental:     false
 containerd:
[2025-08-08T08:37:21.587Z]   Version:          1.7.27
  GitCommit:        
[2025-08-08T08:37:21.587Z] 05044ec0a9a75232cad458027ca83437aae3f4da
 runc:
[2025-08-08T08:37:21.587Z]   Version:          1.2.5
  GitCommit:        
[2025-08-08T08:37:21.587Z] v1.2.5-0-g59923ef
 docker-init:
[2025-08-08T08:37:21.587Z]   Version:          0.19.0
  GitCommit:        
[2025-08-08T08:37:21.587Z] de40ad0
[2025-08-08T08:37:21.587Z] Stop (44 ms): Run: docker version
[2025-08-08T08:37:21.587Z] Stop (45 ms): Check Docker is running
[2025-08-08T08:37:21.588Z] Start: Run: docker volume ls -q
[2025-08-08T08:37:21.633Z] Stop (45 ms): Run: docker volume ls -q
[2025-08-08T08:37:21.633Z] Start: Run: docker ps -q -a --filter label=vsch.local.folder=<CWD> --filter label=vsch.quality=stable
[2025-08-08T08:37:21.679Z] Stop (46 ms): Run: docker ps -q -a --filter label=vsch.local.folder=<CWD> --filter label=vsch.quality=stable
[2025-08-08T08:37:21.679Z] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD> --filter label=devcontainer.config_file=<CWD>/.devcontainer.json
[2025-08-08T08:37:21.726Z] Stop (47 ms): Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD> --filter label=devcontainer.config_file=<CWD>/.devcontainer.json
[2025-08-08T08:37:21.727Z] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD>
[2025-08-08T08:37:21.772Z] Stop (45 ms): Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD>
[2025-08-08T08:37:21.772Z] Running Dev Containers CLI:   up --container-session-data-folder /tmp/devcontainers-cf830626-dca6-4a97-b45b-8a92987e54a51754642240386 --workspace-folder <CWD> --workspace-mount-consistency cached --gpu-availability detect --id-label devcontainer.local_folder=<CWD> --id-label devcontainer.config_file=<CWD>/.devcontainer.json --log-level debug --log-format json --config <CWD>/.devcontainer.json --default-user-env-probe loginInteractiveShell --remove-existing-container --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root --include-configuration --include-merged-configuration
[2025-08-08T08:37:21.772Z] Start: Checking for Dev Containers CLI
[2025-08-08T08:37:21.774Z] Stop (2 ms): Checking for Dev Containers CLI
[2025-08-08T08:37:21.776Z] Start: Run: /home/<USERNAME>/.vscode-server/cli/servers/Stable-7adae6a56e34cb64d08899664b814cf620465925/server/node /home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js up --container-session-data-folder /tmp/devcontainers-cf830626-dca6-4a97-b45b-8a92987e54a51754642240386 --workspace-folder <CWD> --workspace-mount-consistency cached --gpu-availability detect --id-label devcontainer.local_folder=<CWD> --id-label devcontainer.config_file=<CWD>/.devcontainer.json --log-level debug --log-format json --config <CWD>/.devcontainer.json --default-user-env-probe loginInteractiveShell --remove-existing-container --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root --include-configuration --include-merged-configuration
[2025-08-08T08:37:21.890Z] @devcontainers/cli 0.80.0. Node.js v22.15.1. linux 6.8.0-63-generic x64.
[2025-08-08T08:37:21.890Z] Start: Run: docker buildx version
[2025-08-08T08:37:21.930Z] Stop (40 ms): Run: docker buildx version
[2025-08-08T08:37:21.930Z] github.com/docker/buildx v0.25.0 faaea65
[2025-08-08T08:37:21.930Z] 
[2025-08-08T08:37:21.930Z] Start: Run: docker -v
[2025-08-08T08:37:21.941Z] Stop (11 ms): Run: docker -v
[2025-08-08T08:37:21.941Z] Start: Resolving Remote
[2025-08-08T08:37:21.944Z] Start: Run: git rev-parse --show-cdup
[2025-08-08T08:37:21.946Z] Stop (2 ms): Run: git rev-parse --show-cdup
[2025-08-08T08:37:21.948Z] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD> --filter label=devcontainer.config_file=<CWD>/.devcontainer.json
[2025-08-08T08:37:21.960Z] Stop (12 ms): Run: docker ps -q -a --filter label=devcontainer.local_folder=<CWD> --filter label=devcontainer.config_file=<CWD>/.devcontainer.json
[2025-08-08T08:37:21.960Z] Start: Run: docker inspect --type image <INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 1>
[2025-08-08T08:37:21.973Z] Stop (13 ms): Run: docker inspect --type image <INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 1>
[2025-08-08T08:37:21.975Z] Resolving Feature dependencies for '<INTERNAL REGISTRY>/ghcr.io/georglauterbach/dev-container-features/rust:7.1'...
[2025-08-08T08:37:21.975Z] * Processing feature: <INTERNAL REGISTRY>/ghcr.io/georglauterbach/dev-container-features/rust:7.1
[2025-08-08T08:37:22.316Z] Resolving Feature dependencies for '<INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 2>'...
[2025-08-08T08:37:22.316Z] * Processing feature: <INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 2>
[2025-08-08T08:37:25.489Z] Files to omit: ''
[2025-08-08T08:37:25.602Z] Resolving Feature dependencies for '<INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 3>'...
[2025-08-08T08:37:25.602Z] * Processing feature: <INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 3>
[2025-08-08T08:37:25.789Z] Files to omit: ''
[2025-08-08T08:37:25.803Z] * Processing feature: <INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 2>
[2025-08-08T08:37:28.745Z] Files to omit: ''
[2025-08-08T08:37:28.883Z] * Fetching feature: basics_0_oci
[2025-08-08T08:37:31.716Z] Files to omit: ''
[2025-08-08T08:37:31.802Z] * Fetched feature: basics_0_oci version 0.1.2
[2025-08-08T08:37:31.802Z] * Fetching feature: rust_1_oci
[2025-08-08T08:37:31.946Z] Files to omit: ''
[2025-08-08T08:37:31.949Z] * Fetched feature: rust_1_oci version 7.1.5
[2025-08-08T08:37:31.949Z] * Fetching feature: nodejs_2_oci
[2025-08-08T08:37:32.036Z] Files to omit: ''
[2025-08-08T08:37:32.043Z] * Fetched feature: nodejs_2_oci version 0.1.5
[2025-08-08T08:37:32.051Z] Start: Run: docker buildx build --load --build-context dev_containers_feature_content_source=/tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973 --build-arg _DEV_CONTAINERS_BASE_IMAGE=<INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 1> --build-arg _DEV_CONTAINERS_IMAGE_USER=user --build-arg _DEV_CONTAINERS_FEATURE_CONTENT_SOURCE=dev_container_feature_content_temp --target dev_containers_target_stage -f /tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973/Dockerfile.extended -t vsc-<NAME>-44cbfbe212e14a5179b2bd417e2225d006261e87f98332dfd19511d8d62f7113-features /tmp/devcontainercli-<USERNAME>/empty-folder
[2025-08-08T08:37:32.257Z] 
[2025-08-08T08:37:32.261Z] [+] Building 0.0s (0/1)                                          docker:default
[2025-08-08T08:37:32.394Z] [+] Building 0.1s (1/3)                                          docker:default
 => [internal] load build definition from Dockerfile.extended              0.0s
 => => transferring dockerfile: 5.64kB                                     0.0s
 => resolve image config for docker-image://docker.io/docker/dockerfile:1  0.1s
 => [auth] docker/dockerfile:pull dockerfile:pull token for docker.packag  0.0s

...

 => [internal] load build definition from Dockerfile.extended              0.0s
 => => transferring dockerfile: 5.64kB                                     0.0s
[2025-08-08T08:38:02.562Z]  => ERROR resolve image config for docker-image://docker.io/docker/docke  30.3s
 => [auth] docker/dockerfile:pull dockerfile:pull token for docker.packag  0.0s
[2025-08-08T08:38:02.630Z] [+] Building 30.4s (3/3) FINISHED                                docker:default
 => [internal] load build definition from Dockerfile.extended              0.0s
 => => transferring dockerfile: 5.64kB                                     0.0s
 => ERROR resolve image config for docker-image://docker.io/docker/docke  30.3s
 => [auth] docker/dockerfile:pull dockerfile:pull token for docker.packag  0.0s
------
 > resolve image config for docker-image://docker.io/docker/dockerfile:1.4:
------
[2025-08-08T08:38:02.634Z] Dockerfile.extended:1
--------------------
   1 | >>> # syntax=docker/dockerfile:1.4
   2 |     ARG _DEV_CONTAINERS_BASE_IMAGE=placeholder
   3 |     
--------------------
ERROR: failed to build: failed to solve: failed to resolve source metadata for docker.io/docker/dockerfile:1.4: docker.io/docker/dockerfile:1.4: not found
[2025-08-08T08:38:02.651Z] Stop (30600 ms): Run: docker buildx build --load --build-context dev_containers_feature_content_source=/tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973 --build-arg _DEV_CONTAINERS_BASE_IMAGE=<INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 1> --build-arg _DEV_CONTAINERS_IMAGE_USER=user --build-arg _DEV_CONTAINERS_FEATURE_CONTENT_SOURCE=dev_container_feature_content_temp --target dev_containers_target_stage -f /tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973/Dockerfile.extended -t vsc-<NAME>-44cbfbe212e14a5179b2bd417e2225d006261e87f98332dfd19511d8d62f7113-features /tmp/devcontainercli-<USERNAME>/empty-folder
[2025-08-08T08:38:02.655Z] Error: Command failed: docker buildx build --load --build-context dev_containers_feature_content_source=/tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973 --build-arg _DEV_CONTAINERS_BASE_IMAGE=<INTERNAL REGISTRY>/<INTERNAL NAMESPACE>/<INTERNAL FEATURE 1> --build-arg _DEV_CONTAINERS_IMAGE_USER=user --build-arg _DEV_CONTAINERS_FEATURE_CONTENT_SOURCE=dev_container_feature_content_temp --target dev_containers_target_stage -f /tmp/devcontainercli-<USERNAME>/container-features/0.80.0-1754642241973/Dockerfile.extended -t vsc-<NAME>-44cbfbe212e14a5179b2bd417e2225d006261e87f98332dfd19511d8d62f7113-features /tmp/devcontainercli-<USERNAME>/empty-folder
[2025-08-08T08:38:02.655Z]     at w6 (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:467:1253)
[2025-08-08T08:38:02.655Z]     at ax (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:467:997)
[2025-08-08T08:38:02.655Z]     at async Y6 (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:484:3842)
[2025-08-08T08:38:02.655Z]     at async BC (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:484:4957)
[2025-08-08T08:38:02.655Z]     at async p7 (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:665:202)
[2025-08-08T08:38:02.655Z]     at async d7 (/home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:664:14804)
[2025-08-08T08:38:02.655Z]     at async /home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js:484:1188
[2025-08-08T08:38:02.677Z] Stop (40901 ms): Run: /home/<USERNAME>/.vscode-server/cli/servers/Stable-7adae6a56e34cb64d08899664b814cf620465925/server/node /home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js up --container-session-data-folder /tmp/devcontainers-cf830626-dca6-4a97-b45b-8a92987e54a51754642240386 --workspace-folder <CWD> --workspace-mount-consistency cached --gpu-availability detect --id-label devcontainer.local_folder=<CWD> --id-label devcontainer.config_file=<CWD>/.devcontainer.json --log-level debug --log-format json --config <CWD>/.devcontainer.json --default-user-env-probe loginInteractiveShell --remove-existing-container --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root --include-configuration --include-merged-configuration
[2025-08-08T08:38:02.677Z] Exit code 1
[2025-08-08T08:38:02.679Z] Command failed: /home/<USERNAME>/.vscode-server/cli/servers/Stable-7adae6a56e34cb64d08899664b814cf620465925/server/node /home/<USERNAME>/.vscode-remote-containers/dist/dev-containers-cli-0.424.0/dist/spec-node/devContainersSpecCLI.js up --container-session-data-folder /tmp/devcontainers-cf830626-dca6-4a97-b45b-8a92987e54a51754642240386 --workspace-folder <CWD> --workspace-mount-consistency cached --gpu-availability detect --id-label devcontainer.local_folder=<CWD> --id-label devcontainer.config_file=<CWD>/.devcontainer.json --log-level debug --log-format json --config <CWD>/.devcontainer.json --default-user-env-probe loginInteractiveShell --remove-existing-container --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root --include-configuration --include-merged-configuration
[2025-08-08T08:38:02.679Z] Exit code 1

This issue has the same nature as #811 where docker.io is assumed. In my case, docker.io is not reachable behind the firewall, only an internal registry. When features are used, a new extended Dockerfile is built whose first line starts with # syntax=docker.io/..., and well, this does obviously not work.

georglauterbach avatar Aug 08 '25 08:08 georglauterbach