buildkit icon indicating copy to clipboard operation
buildkit copied to clipboard

Published 20 hours ago verified publisher icon moby

buildkit WCOW cannot seemingly run `RUN powershell ...`, while vanilla dockerd can

Open doctorpangloss opened this issue 2 months ago • 5 comments

Dockerfile:

FROM mcr.microsoft.com/windows/servercore:ltsc2022
# example: install chocolatey
RUN powershell -NoProfile -ExecutionPolicy Bypass -Command "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))"

This errors with "is not a command" on buildkit / containerd (latest), runs fine in dockerd.

doctorpangloss avatar May 04 '24 00:05 doctorpangloss

To provide a bit more context:

The following works:

FROM mcr.microsoft.com/windows/servercore:ltsc2022
RUN C:/Windows/System32/WindowsPowerShell/v1.0/powershell.exe write-host Hello

# Outputs: Hello

While this doesn't:

FROM mcr.microsoft.com/windows/servercore:ltsc2022
RUN powershell.exe write-host Hello

# Error: 'powershell.exe' is not recognized as an internal or external command,
# operable program or batch file.

Seems that it doesn't load the PATH correctly. Docker/nerdctl works fine:

nerdctl.exe run --rm -it mcr.microsoft.com/windows/servercore:ltsc2022 powershell hello

# Outputs: hello

Additionally, buildkit seems to persist the PATH issue to the generated image:

# Default servercore
nerdctl run --rm mcr.microsoft.com/windows/servercore:ltsc2022 cmd /c echo %PATH%
# C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\ContainerAdministrator\AppData\Local\Microsoft\WindowsApps

# image built with buildkit based on servercore
nerdctl run --rm -it my-buildkit-image:latest cmd /c echo %PATH%
# c:\Windows\System32;c:\Windows

Versions: containerd v1.7.16 buildkitd v0.13.2

lippertmarkus avatar May 06 '24 13:05 lippertmarkus

ref https://github.com/moby/buildkit/pull/4895 https://github.com/moby/buildkit/pull/3158

lippertmarkus avatar May 07 '24 17:05 lippertmarkus

Sure, we're picking up this discussion from #3158 // For the time-being, a work-around will be adding this at the beginning:

SHELL ["C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell"]

profnandaa avatar May 13 '24 04:05 profnandaa

/cc. @danielgithinji

profnandaa avatar May 13 '24 04:05 profnandaa