Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

setting up img Dockerfile #342

Open
paleozogt opened this issue Jun 14, 2021 · 2 comments
Open

setting up img Dockerfile #342

paleozogt opened this issue Jun 14, 2021 · 2 comments

Comments

@paleozogt
Copy link

paleozogt commented Jun 14, 2021
edited
Loading

I'd like to run img from Docker, but from a Debian-based image:

FROM debian:buster

RUN apt-get update && apt-get install -y \
        curl \
        git \
        uidmap \
 && rm -rf /var/lib/apt/lists/*

RUN export IMG_SHA256="cc9bf08794353ef57b400d32cd1065765253166b0a09fba360d927cfbd158088" \
 && curl -fSL "https://github.com/genuinetools/img/releases/download/v0.5.11/img-linux-amd64" -o "/usr/bin/img" \
 && echo "${IMG_SHA256}  /usr/bin/img" | sha256sum -c - \
 && chmod a+x "/usr/bin/img"

ARG USERNAME=user
RUN adduser --gecos "" --disabled-password --uid 1000 $USERNAME

ENTRYPOINT [ "/usr/bin/img" ]

But building and running it fails:

$ docker build -t myimg .
...
$ docker run --rm -it -v$PWD:$PWD -w$PWD \
   --security-opt seccomp=unconfined \
   --security-opt apparmor=unconfined \
   myimg build -t myimg .
Building docker.io/library/myimg:latest
Setting up the rootfs... this may take a bit.
WARN[0000] Process sandbox is not available, consider unmasking procfs:
WARN[0000] using host network as the default
[+] Building 3.1s (2/2) FINISHED
 => [internal] load .dockerignore                                                                                                                                                                                                    3.1s
 => => transferring context: 2B                                                                                                                                                                                                      0.0s
 => [internal] load build definition from Dockerfile                                                                                                                                                                                 3.1s
 => => transferring dockerfile: 596B                                                                                                                                                                                                 0.1s
Error: failed to solve: failed to solve with frontend dockerfile.v0: failed to read dockerfile: failed to mount /tmp/buildkit-mount483403341: [{Type:bind Source:/root/.local/share/img/runc/native/snapshots/snapshots/1 Options:[rbind ro]}]: operation not permitted

However, running with the standard r.j3ss.co/img image works:

$ docker run --rm -it -v$PWD:$PWD -w$PWD \
    --security-opt seccomp=unconfined \
    --security-opt apparmor=unconfined \
    r.j3ss.co/img build -t myimg .
Building docker.io/library/foo:latest
Setting up the rootfs... this may take a bit.
WARN[0000] Process sandbox is not available, consider unmasking procfs: mount: permission denied (are you root?)
WARN[0000] using host network as the default
[+] Building 24.9s (9/9) FINISHED
...
Successfully built docker.io/library/foo:latest

Clearly something is missing from my Dockerfile, but I'm not sure what.
@alex-bes
Copy link

Hi paleozogt! did you manage to fix this? I'm facing a very similar issue now...

@paleozogt
Copy link
Author

@alex-bes Sadly, no, I wasn't able to figure it out.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paleozogt @alex-bes