Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(docker): Multi-arch Docker images, attempt two #2114

Merged
merged 4 commits into from
Mar 4, 2022
Merged

fix(docker): Multi-arch Docker images, attempt two #2114

merged 4 commits into from
Mar 4, 2022

Conversation

Tenzer
Copy link
Contributor

@Tenzer Tenzer commented Mar 4, 2022

This reintroduces the changes that were reverted in #2106 and adds one extra change in 697ea17 which fixes the problem reported in #2104.

The gist is the path to dumb-init changes from /bin/dumb-init to /usr/bin/dumb-init when we install it via apk rather than downloading the binary directly. Since it's the first binary Docker tries to execute and it can't find it, it gives the somewhat cryptic error message:

standard_init_linux.go:228: exec user process caused: no such file or directory

I believe the steps for getting this merged and built correctly are:

  1. Merge this PR
  2. Wait for the atlantis-base image to be built
  3. Change the tag for the atlantis-base image in Dockerfile to point at the newly built base image
  4. Wait for the atlantis:dev image to be built and do some quick testing to make sure it works as expected

Then it should be ready for a release after that.

Tenzer added 4 commits March 4, 2022 13:52
* Correct indentation of run commands

* Split installation of packages into the ones needed at run time and build time

This allows us to now repeat the packages which need to be uninstalled again by
making use of a virtual package, which - when removed - removes the packages
installed as a dependency of it.

* Remove unnecessary `rm -rf /var/cache/apk/*` command

It's no needed when `apt add` is run with the `--no-cache` option.

* Add vertical spacing so it's clearer what is happening when

* Test the downloaded binaries to make sure they work on the platform

This can help find issues where binaries are downloaded for the wrong platform
compared to the architecture the Docker image is built for.

* Install dumb-init via apk

It's available as a package for Alpine Linux in version 1.2.5 as well, which
makes it easier to handle for the different architectures.

* Get git-lfs binaries in the right architecture for the Docker image

This makes use of the `TARGETPLATFORM` argument which automatically is
populated by Docker BuildKit with a string such as "linux/amd64" when the image
is being build for an x86_64 architecture.

* Install gosu for the right architecture

The `case` statement was taken from
https://github.com/BretFisher/multi-platform-docker-build as a way of
translating the platform name into what we needed for downloading gosu.
This uses a similar pattern than what is used for `GOSU_ARCH` to map the
`TARGETPLATFORM` argument into the name of the architecture git-lfs use for
their release binaries, as "linux/arm/v7" otherwise would be mapped into "v7"
which is wrong.
…rchitecture (#2101)

* Remove Terraform versions from Docker image which don't have all archs

Terraform versions earlier than 0.11.15 does not have binaries available for
both amd64, arm64 and armv7, so are being dropped as we can't install the older
versions in all the architectures the Docker image is built for.

* Download Terraform version depending on the architecture Docker image is for

This avoids us having arm64 binaries for the ARM Docker images, which won't
work.

* Download arm64 conftest binaries for arm64 Docker image

This doesn't fix the armv7 Docker image because conftest doesn't have a binary
available for that, so it for now still downloads the x86_64 binary, which is
likely to not work - but it's the same as it did before.
The path changed after dumb-init was switched to be installed via `apk` rather
than downloaded directly as a binary.
@Tenzer Tenzer requested a review from a team as a code owner March 4, 2022 14:12
@chenrui333
Copy link
Member

Nice work!! Just some QQ, how did you find out ``/bin/dumb-initto/usr/bin/dumb-init` when we install it via apk`? Thanks!

@chenrui333 chenrui333 merged commit 19d41ab into runatlantis:master Mar 4, 2022
@chenrui333
Copy link
Member

Once the base image got built out, I will try it out in my local.

@chenrui333
Copy link
Member

looks good.

$ docker run -it ghcr.io/runatlantis/atlantis-base:2022.03.03 sh
/ # which dumb-init
/bin/dumb-init

$ docker run -it ghcr.io/runatlantis/atlantis-base:2022.03.04 sh
/ # which dumb-init
/usr/bin/dumb-init

@Tenzer
Copy link
Contributor Author

Tenzer commented Mar 4, 2022

Nice work!! Just some QQ, how did you find out ``/bin/dumb-initto/usr/bin/dumb-init` when we install it via apk`? Thanks!

I tried to add set -x to the entrypoint script and realised it didn't make any difference, so I instead looked at how the script was run, and found the discrepancy when I realised the script used dumb-init in the shebang line.

@Tenzer Tenzer deleted the multi-arch-docker-build branch March 4, 2022 18:58
@chenrui333
Copy link
Member

Got you, thanks for the work on this!!

@Tenzer
Copy link
Contributor Author

Tenzer commented Mar 4, 2022

From what I can see the :dev image looks good, both for amd64 and arm64.

@chenrui333
Copy link
Member

yes, same here. I will cut a release today.

krrrr38 pushed a commit to krrrr38/atlantis that referenced this pull request Dec 16, 2022
* fix(docker): fix base image for multi-platform build (runatlantis#2099)

* Correct indentation of run commands

* Split installation of packages into the ones needed at run time and build time

This allows us to now repeat the packages which need to be uninstalled again by
making use of a virtual package, which - when removed - removes the packages
installed as a dependency of it.

* Remove unnecessary `rm -rf /var/cache/apk/*` command

It's no needed when `apt add` is run with the `--no-cache` option.

* Add vertical spacing so it's clearer what is happening when

* Test the downloaded binaries to make sure they work on the platform

This can help find issues where binaries are downloaded for the wrong platform
compared to the architecture the Docker image is built for.

* Install dumb-init via apk

It's available as a package for Alpine Linux in version 1.2.5 as well, which
makes it easier to handle for the different architectures.

* Get git-lfs binaries in the right architecture for the Docker image

This makes use of the `TARGETPLATFORM` argument which automatically is
populated by Docker BuildKit with a string such as "linux/amd64" when the image
is being build for an x86_64 architecture.

* Install gosu for the right architecture

The `case` statement was taken from
https://github.com/BretFisher/multi-platform-docker-build as a way of
translating the platform name into what we needed for downloading gosu.

* fix(docker): fix installation of git-lfs in armv7 image (runatlantis#2100)

This uses a similar pattern than what is used for `GOSU_ARCH` to map the
`TARGETPLATFORM` argument into the name of the architecture git-lfs use for
their release binaries, as "linux/arm/v7" otherwise would be mapped into "v7"
which is wrong.

* fix(docker): download Terraform and conftest versions maching image architecture (runatlantis#2101)

* Remove Terraform versions from Docker image which don't have all archs

Terraform versions earlier than 0.11.15 does not have binaries available for
both amd64, arm64 and armv7, so are being dropped as we can't install the older
versions in all the architectures the Docker image is built for.

* Download Terraform version depending on the architecture Docker image is for

This avoids us having arm64 binaries for the ARM Docker images, which won't
work.

* Download arm64 conftest binaries for arm64 Docker image

This doesn't fix the armv7 Docker image because conftest doesn't have a binary
available for that, so it for now still downloads the x86_64 binary, which is
likely to not work - but it's the same as it did before.

* Correct path to dumb-init in docker-entrypoint.sh

The path changed after dumb-init was switched to be installed via `apk` rather
than downloaded directly as a binary.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants