Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.1.0 OnBuild Error #2469

Closed
TomSweeneyRedHat opened this issue Feb 27, 2019 · 16 comments

Comments

Projects
None yet
3 participants
@TomSweeneyRedHat
Copy link
Collaborator

commented Feb 27, 2019

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

kind bug

Description
Look ups of local images seems to be failing.

Steps to reproduce the issue:

# FILE=./Dockerfile
/bin/cat <<EOM >$FILE
FROM docker.io/library/alpine:latest
RUN touch /foo
ONBUILD RUN touch /bar
EOM
chmod +x $FILE

# FILE=./Dockerfile-2
/bin/cat <<EOM >$FILE
FROM onbuild-image
RUN touch /baz
EOM
chmod +x $FILE

# podman build -f ./Dockerfile --format=docker -t onbuild-image .
# podman build -f ./Dockerfile-2 --format=docker -t result-image .
STEP 1: FROM onbuild-image
Error: error creating build container: The following failures happened while trying to pull image specified by "onbuild-image" based on search registries in /etc/containers/registries.conf:
* "localhost/onbuild-image": Error determining manifest MIME type for docker://localhost/onbuild-image:latest: pinging docker registry returned: Get https://localhost/v2/: dial tcp [::1]:443: connect: connection refused
* "docker.io/library/onbuild-image": Error determining manifest MIME type for docker://onbuild-image:latest: Error reading manifest latest in docker.io/library/onbuild-image: errors:
denied: requested access to the resource is denied
unauthorized: authentication required

* "registry.fedoraproject.org/onbuild-image": Error determining manifest MIME type for docker://registry.fedoraproject.org/onbuild-image:latest: Error reading manifest latest in registry.fedoraproject.org/onbuild-image: manifest unknown: manifest unknown
* "quay.io/onbuild-image": Error determining manifest MIME type for docker://quay.io/onbuild-image:latest: Error reading manifest latest in quay.io/onbuild-image: error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>404 Not Found</title>\n<h1>Not Found</h1>\n<p>The requested URL was not found on the server.  If you entered the URL manually please check your spelling and try again.</p>\n"
* "registry.access.redhat.com/onbuild-image": Error determining manifest MIME type for docker://registry.access.redhat.com/onbuild-image:latest: Error reading manifest latest in registry.access.redhat.com/onbuild-image: unknown: Not Found
* "registry.centos.org/onbuild-image": Error determining manifest MIME type for docker://registry.centos.org/onbuild-image:latest: Error reading manifest latest in registry.centos.org/onbuild-image: manifest unknown: manifest unknown

Describe the results you received:

See steps to reproduce.

Describe the results you expected:
Happy image build.

Additional information you deem important (e.g. issue happens only occasionally):

This passes on the same VM with v1.0 installed.

Output of podman version:

# podman version
Version:       1.0.0
Go Version:    go1.11.4
Git Commit:    "49780a1cf10d572edc4e1ea3b8a8429ce391d47d"
Built:         Mon Jan 14 15:38:17 2019
OS/Arch:       linux/amd64

Output of podman info --debug:

# podman info --debug
debug:
  compiler: gc
  git commit: '"49780a1cf10d572edc4e1ea3b8a8429ce391d47d"'
  go version: go1.11.4
  podman version: 1.0.0
host:
  BuildahVersion: 1.6-dev
  Conmon:
    package: podman-1.0.0-1.git82e8011.fc29.x86_64
    path: /usr/libexec/podman/conmon
    version: 'conmon version 1.12.0-dev, commit: 49780a1cf10d572edc4e1ea3b8a8429ce391d47d'
  Distribution:
    distribution: fedora
    version: "29"
  MemFree: 1264709632
  MemTotal: 2087501824
  OCIRuntime:
    package: runc-1.0.0-68.dev.git6635b4f.fc29.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc6+dev
      commit: ef9132178ccc3d2775d4fb51f1e431f30cac1398-dirty
      spec: 1.0.1-dev
  SwapFree: 2111393792
  SwapTotal: 2147479552
  arch: amd64
  cpus: 1
  hostname: localhost.localdomain
  kernel: 4.20.3-200.fc29.x86_64
  os: linux
  rootless: false
  uptime: 3h 22m 26.06s (Approximately 0.12 days)
insecure registries:
  registries: []
registries:
  registries:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  ConfigFile: /etc/containers/storage.conf
  ContainerStore:
    number: 0
  GraphDriverName: overlay
  GraphOptions: null
  GraphRoot: /var/lib/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
  ImageStore:
    number: 0
  RunRoot: /var/run/containers/storage

Additional environment details (AWS, VirtualBox, physical, etc.):

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

Hmmm, and this works with Buildah v1.7 released.

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

Could be the --pull-all default being changed

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

Sorry, --pull-always (--always-pull?)

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

And works on Buildah 1.8-dev which is at this point 1.7.1.

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

@mheon same error with --pull-always

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

Different vendored c/image than buildah? Running out of ideas here, there aren't many differences.

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

We've the same vendoring for c/image and c/storage....

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

Confirmed, I can reproduce locally

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

We're trying to pull onbuild-image and failing when we can't find it in registries (because it's not there).

This is 100% --pull-always - setting it to false fixes.

I think we need to change --pull-always to check locally if pulling from all sources fails.

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 27, 2019

@rhatdan It looks like this is going to break people trying to do a FROM with an image they tagged themselves

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

Ah, I tried setting it to true, not false. Nice catch @mheon.

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 27, 2019

FWIW, I can confirm that this:

docker build -f ./Dockerfile -t onbuild-image .
docker build -f ./Dockerfile-2 -t result-image .

works, so I think we need to make it work again without the pull-always.

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 28, 2019

I think we need to refile this against Buildah and get a fix landed there and vendored here

@rhatdan

This comment has been minimized.

Copy link
Member

commented Feb 28, 2019

My understanding is we wanted to turn on --pull not --pull-always.

@mheon

This comment has been minimized.

Copy link
Collaborator

commented Feb 28, 2019

@rhatdan We enabled --pull-always by default, so if that was a mistake, we need to fix it.

The reason was that we weren't pulling the latest version of the tag if it was present on disk, so we need to verify that --pull does that.

@TomSweeneyRedHat

This comment has been minimized.

Copy link
Collaborator Author

commented Feb 28, 2019

I'll take a look at this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.