terraform-provider-docker
terraform-provider-docker copied to clipboard
kreuzwerker
Failure to build docker image on MacOs
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform (and docker Provider) Version
I am running: OS: MacOs TF: v1.2.7 Go: v1.19 Docker Provider : v2.20.2
Affected Resource(s)
-
docker_registry_image
Terraform Configuration Files
You can run the following example to reproduce the issue on MacOs : https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/container-image
# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp
# The code should be runnable for maintainers to reproduce the problem.
# We can't reproduce the problem with partial code.
# Don't include unknown input variables, local values, resources, etc.
# If you can reproduce the problem with public Docker images, please don't use private Docker images.
# Don't include unneeded resources to reproduce the problem.
# Don't set unneeded attributes to reproduce the problem.
Debug Output
Panic Output
Expected Behaviour
Docker Image should have been built and pushed to ECR.
Actual Behaviour
When triggering the exec, I ended up with the following error message:
╷ │ Error: Error building docker image: 0: failed to solve with frontend dockerfile.v0: failed to create LLB definition: dockerfile parse error line 1: unknown instruction: PAXHEADERS.0/DOCKERFILE0000000000000000000000000000002100000000000012204 │ │ with module.docker_image.docker_registry_image.this, │ on ../../modules/docker-build/main.tf line 12, in resource "docker_registry_image" "this": │ 12: resource "docker_registry_image" "this" { │
Steps to Reproduce
- Clone the following repo
https://github.com/terraform-aws-modules/terraform-aws-lambdalocally - cd into examples/container-image
- run
terraform apply
Important Factoids
I am running on MacOs.
Building the image manually through docker build works seamlessly.
I also tested the example on an Amazon Linux 2 Instance and it's also working.
References
I just tested this by checking out the repository and performing the steps described in https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/container-image and it worked
Can you post the output of docker version here? And also maybe update your terraform to the newst version?
It feels like your docker server backend somehow cannot correctly parse the Dockerfile in order to build the final image.
Hello @Junkern,
Sorry for the delay for the reply.
I reran the execution of the container image example and I still get the same issue.
I am running the most stable release of Terraform as of today which is v1.2.8
Below is the docker version output:
docker version Client: Cloud integration: v1.0.28 Version: 20.10.17 API version: 1.41 Go version: go1.17.11 Git commit: 100c701 Built: Mon Jun 6 23:04:45 2022 OS/Arch: darwin/amd64 Context: default Experimental: true
Server: Docker Desktop 4.11.1 (84025) Engine: Version: 20.10.17 API version: 1.41 (minimum version 1.12) Go version: go1.17.11 Git commit: a89b842 Built: Mon Jun 6 23:01:23 2022 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.6 GitCommit: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1 runc: Version: 1.1.2 GitCommit: v1.1.2-0-ga916309 docker-init: Version: 0.19.0 GitCommit: de40ad0
I think that this is specific to MacOs since as I mentioned in the issue this behaviour does not happen when using an Amazon Linux 2 image.
Feel free if you need more inputs.
Bests.
Facing similar issue with slightly different error 😢
also trying to use https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/container-image
Downgrading to 2.19.0 didn't also work.
│ Error: Error building docker image: 0: failed to solve with frontend dockerfile.v0: failed to create LLB definition: dockerfile line greater than max allowed size of 65535
│
│ with module.test_serverlesstf.docker_registry_image.this,
│ on ../../modules/test_serverlesstf/sample_container_lambda.tf line 77, in resource "docker_registry_image" "this":
│ 77: resource "docker_registry_image" "this" {
│
docker version
Client:
Cloud integration: v1.0.29
Version: 20.10.17
API version: 1.41
Go version: go1.17.11
Git commit: 100c701
Built: Mon Jun 6 23:04:45 2022
OS/Arch: darwin/arm64
Context: default
Experimental: true
Server: Docker Desktop 4.12.0 (85629)
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:01:01 2022
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.8
GitCommit: 9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Possible related Issue
My error says https://github.com/docker/buildx/issues/426#issuecomment-740419432
I get different error after adding COMPOSE_DOCKER_CLI_BUILD=0 DOCKER_BUILDKIT=0
Error: Error building docker image: invalid character 'c' looking for beginning of value
I am also running on MacOS with the exact same docker version output and it (the example you are both using) is running fine for me. Could you both post your docker daemon settings?
Here is mine:
@Junkern : If this is working for you with the same setup then probably we are not running the same MacOs chipset. Probably there's a difference between intel based and M1 based.
I am running intel based.
FYI I'm encountering this error on Linux, so it likely is not specific to MacOS.
Some details from my system
docker daemon config:
{
"group": "docker",
"hosts": [
"fd://"
],
"live-restore": true,
"log-driver": "journald"
}
$ terraform --version
Terraform v1.2.9
on linux_amd64
+ provider registry.terraform.io/hashicorp/aws v4.31.0
+ provider registry.terraform.io/kreuzwerker/docker v2.22.0
$ terragrunt --version
terragrunt version v0.38.9
$ docker version
Client:
Version: 20.10.18
API version: 1.41
Go version: go1.18.5
Git commit: v20.10.18
Built: Thu Jan 1 00:00:00 1970
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.18.5
Git commit: v20.10.17
Built: Tue Jan 1 00:00:00 1980
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.6.8
GitCommit: v1.6.8
runc:
Version: 1.1.2
GitCommit:
docker-init:
Version: 0.19.0
GitCommit:
$ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.9.1)
compose: Docker Compose (Docker Inc., 2.10.2)
Server:
Containers: 10
Running: 1
Paused: 0
Stopped: 9
Images: 70
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: journald
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: v1.6.8
runc version:
init version:
Security Options:
seccomp
Profile: default
cgroupns
Kernel Version: 5.15.63
Operating System: NixOS 22.11 (Raccoon)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 30.99GiB
Name: alnilam
ID: US6P:LARR:IWEV:HEPF:EGJ4:GG4X:33HN:4NWA:U6EK:FLOW:Y6UB:L6VG
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: benley
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: true
I am able to make a docker_image build work if I specify a context directory that is completely empty, like so:
resource "docker_image" "this" {
name = "foo"
build {
path = "empty_dir"
}
}
(with a Dockerfile present next to the tf file of course).
If I add anything in the context dir, even a 0-length file, the PAXHEADERS.0 dockerfile parse error returns.
It looks like terraform-provider-docker is incorrectly passing the context archive to the daemon instead of the Dockerfile somehow.
slight correction: Dockerfile is part of the context submitted to the docker daemon. The provider only works if the Dockerfile is added from a file outside of the build context directory and the context directory is empty.
OK I found a fix. The docker API behaves differently if it thinks the build context is plain text - it assumes it's a plain Dockerfile, but it is guessing wrong for some reason. If you compress the build context before submitting to the daemon, everything seems to work.
diff --git a/internal/provider/resource_docker_image_funcs.go b/internal/provider/resource_docker_image_funcs.go
index cccd39f..e4fe845 100644
--- a/internal/provider/resource_docker_image_funcs.go
+++ b/internal/provider/resource_docker_image_funcs.go
@@ -433,6 +433,14 @@ func prepareBuildContext(specifiedContext string, specifiedDockerfile string) (i
if err != nil {
return nil, "", err
}
+ }
+ if buildCtx != nil {
+ buildCtx, err = build.Compress(buildCtx)
+ if err != nil {
+ return nil, "", err
+ }
+ }
+ if relDockerfile != "" {
return buildCtx, relDockerfile, nil
}
return buildCtx, specifiedDockerfile, nil
There's probably a cleaner way of doing this but I'm not sure what it is.
@benley really interesting find, thank you! Feel free to submit a PR, it would also be great to have some regression tests for that.
I will also perform some testing on my side, once I find some time.
Me too (on linux even), and I'm still hoping that #461 can be merged at some point.
I'm also experiencing issues with this on MacOS. Is there any chance of the fix submitted under https://github.com/kreuzwerker/terraform-provider-docker/pull/461 being merged sometime soon?
