pulumi-awsx
pulumi-awsx copied to clipboard
Published
20 hours ago •
pulumi
pulumi
ecr.NewImage CacheFrom adds --target to docker build
What happened?
When using ecr.NewImage and adding CacheFrom attribute on ImageArgs it also adds --target to `docker build.
Which causes:
error: Error: The target "123.dkr.ecr.eu-central-1.amazonaws.com/myImage:latest" was not found in the provided Dockerfile
Error:
docker build --cache-from 123.dkr.ecr.eu-central-1.amazonaws.com/myImage /a/b/c/myImage -t \
46b0e6fe-container-123.dkr.ecr.eu-central-1.amazonaws.com/myImage:latest \
--target 123.dkr.ecr.eu-central-1.amazonaws.com/myImage:latest
ailed with exit code 125
at /home/afreak/.pulumi/plugins/resource-awsx-v1.0.0-beta.2/node_modules/@pulumi/docker.ts:592:15
at Generator.next (<anonymous>)
at fulfilled (/home/afreak/.pulumi/plugins/resource-awsx-v1.0.0-beta.2/node_modules/@pulumi/docker/docker.js:18:58)
at processTicksAndRejections (node:internal/process/task_queues:95:5)
This is the code being used:
package main
import (
"github.com/pulumi/pulumi-awsx/sdk/go/awsx/ecr"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ecr.NewImage(ctx, "test", &ecr.ImageArgs{
RepositoryUrl: pulumi.String("123.dkr.ecr.eu-central-1.amazonaws.com/myImage"),
Path: pulumi.String("/home/afreak/myImage"),
CacheFrom: pulumi.StringArray{pulumi.String("123.dkr.ecr.eu-central-1.amazonaws.com/myImage:latest")},
})
return err
})
}
Expected Behavior
docker build should not have the --target flag, when I have only used the CacheFrom attribute.
Steps to reproduce
package main
import (
"github.com/pulumi/pulumi-awsx/sdk/go/awsx/ecr"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ecr.NewImage(ctx, "test", &ecr.ImageArgs{
RepositoryUrl: pulumi.String("123.dkr.ecr.eu-central-1.amazonaws.com/myImage"),
Path: pulumi.String("/home/afreak/myImage"),
CacheFrom: pulumi.StringArray{pulumi.String("123.dkr.ecr.eu-central-1.amazonaws.com/myImage:latest")},
})
return err
})
}
Output of pulumi about
at 08:37:46 ❯ pulumi about
CLI
Version 3.57.1
Go Version go1.20.2
Go Compiler gc
Plugins
NAME VERSION
go unknown
Host
OS nixos
Version 23.11 (Tapir)
Arch x86_64
This project is written in go: executable='/nix/store/ap84qp98r43gqpm6v9y6b1i5c7ybx344-go-1.18.10/bin/go' version='go version go1.18.10 linux/amd64'
Current Stack: fiveten/aws-auth-0-dev/euc1
TYPE URN
pulumi:pulumi:Stack urn:pulumi:euc1::aws-auth-0-dev::pulumi:pulumi:Stack::aws-auth-0-dev-euc1
pulumi:providers:pulumi urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:pulumi::default
pulumi:providers:aws urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:aws::default
pulumi:providers:random urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:random::default
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::Oauth2-Secret-bed6a3
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::Oauth2-Secret-ed0b1e
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::Oauth2-Secret-bf98e7
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::Oauth2-Secret-5b8da1e
random:index/randomPassword:RandomPassword urn:pulumi:euc1::aws-auth-0-dev::random:index/randomPassword:RandomPassword::password
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::kratosCipherSecret
pulumi:pulumi:StackReference urn:pulumi:euc1::aws-auth-0-dev::pulumi:pulumi:StackReference::fiveten/aws-cluster-0-dev/euc1
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::kratosDefaultSecret
fiveten:k8sComponent:nodeAuthorizer urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer::nodeauthorizer
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::kratosCookieSecret
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::HydraCookieSecret
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::HydraSystemSecret
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::BackofficeOauth2Secret
fiveten:k8sComponent:hydra urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra::hydra
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::ChristianClientSecret
pulumi:pulumi:StackReference urn:pulumi:euc1::aws-auth-0-dev::pulumi:pulumi:StackReference::fiveten/aws-region-0-dev/euc1
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::TrondAtDxKratosPassword
fiveten:k8sComponent:oathkeeper urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:oathkeeper::oathkeeper
pulumi:providers:command urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:command::default
fiveten:k8sComponent:deploymentSvcHPA urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA::nodeauthorizer
pulumi:providers:kubernetes urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:kubernetes::k8sProvider
command:local:Command urn:pulumi:euc1::aws-auth-0-dev::command:local:Command::jwksKeysetForOathkeeper
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::HansAtDxKratosPassword
random:index/randomString:RandomString urn:pulumi:euc1::aws-auth-0-dev::random:index/randomString:RandomString::ChristianAtDxKratosPassword
pulumi:providers:awsx urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:awsx::default
kubernetes:core/v1:Namespace urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:core/v1:Namespace::nodeauthorizer-ns
kubernetes:autoscaling/v2beta2:HorizontalPodAutoscaler urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:autoscaling/v2beta2:HorizontalPodAutoscaler::nodeauthorizer
aws:ec2/securityGroup:SecurityGroup urn:pulumi:euc1::aws-auth-0-dev::aws:ec2/securityGroup:SecurityGroup::authRdsClusterSecurityGroup
aws:rds/subnetGroup:SubnetGroup urn:pulumi:euc1::aws-auth-0-dev::aws:rds/subnetGroup:SubnetGroup::auth-rds-subnet-group
kubernetes:core/v1:Service urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:core/v1:Service::nodeauthorizer
kubernetes:core/v1:ConfigMap urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:core/v1:ConfigMap::env-vars
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:core/v1:Secret::secret-env-vars
awsx:ecr:Repository urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$awsx:ecr:Repository::nodeauthorizer
aws:rds/cluster:Cluster urn:pulumi:euc1::aws-auth-0-dev::aws:rds/cluster:Cluster::postgresql
pulumi:providers:aws urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:aws::default_5_4_0
aws:ecr/repository:Repository urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$awsx:ecr:Repository$aws:ecr/repository:Repository::nodeauthorizer
aws:rds/clusterInstance:ClusterInstance urn:pulumi:euc1::aws-auth-0-dev::aws:rds/clusterInstance:ClusterInstance::postgresql-instance-auth
aws:rds/clusterInstance:ClusterInstance urn:pulumi:euc1::aws-auth-0-dev::aws:rds/clusterInstance:ClusterInstance::postgresql-instance-auth-1
fiveten:k8sComponent:kratos urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos::kratos
pulumi:providers:postgresql urn:pulumi:euc1::aws-auth-0-dev::pulumi:providers:postgresql::provider-for-postgresql-rds
aws:ecr/lifecyclePolicy:LifecyclePolicy urn:pulumi:euc1::aws-auth-0-dev::aws:ecr/lifecyclePolicy:LifecyclePolicy::nodeauthorizer
postgresql:index/database:Database urn:pulumi:euc1::aws-auth-0-dev::postgresql:index/database:Database::hydradb
kubernetes:helm.sh/v3:Release urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos$kubernetes:helm.sh/v3:Release::kratos
kubernetes:helm.sh/v3:Release urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release::hydra
kubernetes:batch/v1:Job urn:pulumi:euc1::aws-auth-0-dev::kubernetes:batch/v1:Job::bootstrap-kratos-users
awsx:ecr:Repository urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos$awsx:ecr:Repository::kratos-selfservice-docker-image
kubernetes:helm.sh/v3:Release urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:oathkeeper$kubernetes:helm.sh/v3:Release::oathkeeper
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-christian
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-5b8da1e
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-backoffice-vercel-functions
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-ed0b1e
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-bed6a3
kubernetes:core/v1:Secret urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:core/v1:Secret::hydra-clients-secret-bf98e7
aws:ecr/repository:Repository urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos$awsx:ecr:Repository$aws:ecr/repository:Repository::kratos-selfservice-docker-image
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-backoffice-vercel-functions
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-christian
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-5b8da1e
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-ed0b1e
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-bf98e7
kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:hydra$kubernetes:helm.sh/v3:Release$kubernetes:hydra.ory.sh/v1alpha1:OAuth2Client::hydra-clients-crd-bed6a3
aws:ecr/lifecyclePolicy:LifecyclePolicy urn:pulumi:euc1::aws-auth-0-dev::aws:ecr/lifecyclePolicy:LifecyclePolicy::kratos-selfservice-docker-image
awsx:ecr:Image urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$awsx:ecr:Image::nodeauthorizer
awsx:ecr:Image urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos$awsx:ecr:Image::kratos-selfservice-docker-image
kubernetes:helm.sh/v3:Release urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:kratos$kubernetes:helm.sh/v3:Release::kratos-selfservice-helm
kubernetes:apps/v1:Deployment urn:pulumi:euc1::aws-auth-0-dev::fiveten:k8sComponent:nodeAuthorizer$fiveten:k8sComponent:deploymentSvcHPA$kubernetes:apps/v1:Deployment::nodeauthorizer
Found no pending operations associated with fiveten/euc1
Backend
Name pulumi.com
URL https://app.pulumi.com/afreakk
User afreakk
Organizations afreakk, fiveten
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
Hello @afreakk,
We appreciate you bringing this bug to our attention, and we apologize for any inconvenience it's causing. After replicating the issue you reported, I've managed to identify where the error might be originating.
It seems that the error is related to the underlying Docker provider that awsx utilizes. Specifically, the provider tries to build the specified caching stages sequentially and push them to the registry. Here's the part of the upstream code that's likely contributing to the issue: docker.ts Lines 406-414 and Lines 471-473.
It's possible that the logic in this section should be updated to handle caching more effectively. My initial local testing suggests that removing lines 408 to 414 might help resolve this issue.
As awsx relies on an older version of the upstream Docker provider, I will collaborate with the rest of the team to determine the most appropriate next steps in addressing this issue.
I'm including @guineveresaenger in this conversation for further input. We appreciate your patience and your valuable contribution to improving our services. If you have any additional insights or questions, please don't hesitate to share.
Hi, Are there any updates on this?
Kinda seems its fixed, but having different issues.
There is no path anymore, replaced with context, but it seems our images get built with missing files. (missing layer?)
And the resulting broken image do not get tagged as latest, and I cant seem to get it pushed with latest tag, even with ExtraOptions: pulumi.StringArray{pulumi.String("--tag"), pulumi.String("latest") },
Also it seems everyone gets the same tag,
using v2.0.3