Using --mount=type=ssh with kubernetes build engine, the socket does not exist to the build layer
chrisjohnson opened this issue · comments
Contributing guidelines
- I've read the contributing guidelines and wholeheartedly agree
I've found a bug and checked that ...
- ... the documentation does not mention anything about my problem
- ... there are no open or closed issues that are related to my problem
Description
Using a Dockerfile like the following:
# syntax=docker/dockerfile:1.0.0-experimental
FROM foo
USER deployer
RUN --mount=type=ssh,id=deployer ls -althr $SSH_AUTH_SOCK && exit 1
And running the following build command (where kube-apt-macaw
is a builder configured with the kubernetes engine):
docker buildx build --builder=kube-apt-macaw --ssh=default .
The following output is observed in the build log:
...
=> ERROR [9/13] RUN --mount=type=ssh,id=deployer ls -althr $SSH_AUTH_SOCK && exit 1 0.1s
------
> [9/13] RUN --mount=type=ssh,id=deployer ls -althr $SSH_AUTH_SOCK && exit 1:
0.109 ls: cannot access '/run/buildkit/ssh_agent.0': No such file or directory
...
It seems to assign a value for SSH_AUTH_SOCK but when trying to access the file at that location, none exists.
Expected behaviour
The SSH_AUTH_SOCK value should point to a valid socket that is a connection to my ssh-agent, allowing my RUN layers to execute with ssh access to my private dependencies.
Actual behaviour
The file specified by buildkit in SSH_AUTH_SOCK does not exist
Buildx version
github.com/docker/buildx v0.11.2-desktop.1 986ab6afe790e25f022969a18bc0111cff170bc2
Docker info
Client:
Version: 24.0.5
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2-desktop.1
Path: /Users/cjohnson/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.20.2-desktop.1
Path: /Users/cjohnson/.docker/cli-plugins/docker-compose
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/cjohnson/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.20
Path: /Users/cjohnson/.docker/cli-plugins/docker-extension
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v0.1.0-beta.6
Path: /Users/cjohnson/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/cjohnson/.docker/cli-plugins/docker-sbom
scan: Docker Scan (Docker Inc.)
Version: v0.26.0
Path: /Users/cjohnson/.docker/cli-plugins/docker-scan
scout: Command line tool for Docker Scout (Docker Inc.)
Version: 0.20.0
Path: /Users/cjohnson/.docker/cli-plugins/docker-scout
Server:
Containers: 139
Running: 0
Paused: 0
Stopped: 139
Images: 232
Server Version: 24.0.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc version: v1.1.7-0-g860f061
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 5.15.49-linuxkit-pr
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 5
Total Memory: 7.667GiB
Name: docker-desktop
ID: cac25917-2714-4354-bb6d-1113a05f07e1
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
Builders list
NAME/NODE DRIVER/ENDPOINT STATUS BUILDKIT PLATFORMS
kube-apt-macaw kubernetes
kube-apt-macaw0 kubernetes:///kube-apt-macaw?deployment=buildkit-7f721b1b-d58b-4c4e-8d8d-7789f4d752f3-lfgpq&kubeconfig= running v0.13.1 linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/386
default docker
default default running v0.11.6+0a15675913b7 linux/arm64, linux/amd64, linux/amd64/v2, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
desktop-linux * docker
desktop-linux desktop-linux running v0.11.6+0a15675913b7 linux/arm64, linux/amd64, linux/amd64/v2, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
Configuration
# syntax=docker/dockerfile:1.0.0-experimental
FROM foo
USER deployer
RUN --mount=type=ssh,id=deployer ls -althr $SSH_AUTH_SOCK && exit 1
Build logs
No response
Additional info
No response
You are using id=deployer
in the dockerfile but id=default
in the cli.
docker buildx build --builder=kube-apt-macaw --ssh deployer .
Thanks! I was mixing up uid and id in my case