healthcheck: add support for --start-interval

[flouthoc]

Add support for --start-interval which is present in newer version of docker
Ref: https://docs.docker.com/reference/dockerfile/#healthcheck

Needed by: containers/podman#21701

[openshift-ci]

Hi @flouthoc. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[flouthoc]

@nalind @rhatdan @TomSweeneyRedHat PTAL

[flouthoc]

If this gets merged I'll open a followup PR in buildah and vendor new imagebuilder there.

[nalind]

If this gets merged I'll open a followup PR in buildah and vendor new imagebuilder there.

Then this should probably include a commit to bump the release version.

[flouthoc]

If this gets merged I'll open a followup PR in buildah and vendor new imagebuilder there.

Then this should probably include a commit to bump the release version.

@nalind Did you mean a version bump for imagebuilder itself ?

[nalind]

If this gets merged I'll open a followup PR in buildah and vendor new imagebuilder there.

Then this should probably include a commit to bump the release version.

@nalind Did you mean a version bump for imagebuilder itself ?

Yes, unless there's some reason not to.

[TomSweeneyRedHat]

Other than @nalind 's comments, LGTM

[flouthoc]

@nalind @TomSweeneyRedHat done.

[nalind]

This one could use a "--start-period" flag, since it's exercising the parser, and I don't see anything else in this directory checking that the flag is recognized.

[flouthoc]

Done.

[nalind]

LGTM with one nit, which isn't a blocker.

[flouthoc]

@nalind Is it that CI is using older docker for conformance tests ? I error on travis now for the flag --start-interval

[nalind]

@nalind Is it that CI is using older docker for conformance tests ? I error on travis now for the flag --start-interval

It's certainly plausible. My access is limited, so I can't actually read the error logs.

[flouthoc]

@nalind In error logs at least it is saying that docker cannot parse start-interval and I don't get that in my local so i guess it must be it. Do you have any clue how can i bump docker version in CI ?

=== RUN   TestConformanceInternal/healthcheck

    conformance_test.go:922: 41: unable to build Docker image "": API error (400): dockerfile parse error on line 5: unknown flag: start-interval
    ```

[flouthoc]

Should i try this ? https://docs.travis-ci.com/user/docker/#installing-a-newer-docker-version in a different commit.

[nalind]

@nalind In error logs at least it is saying that docker cannot parse start-interval and I don't get that in my local so i guess it must be it.

That's consistent with the version information at https://docs.travis-ci.com/user/reference/jammy/.

Should i try this ? https://docs.travis-ci.com/user/docker/#installing-a-newer-docker-version in a different commit.

Any reason not to?

[flouthoc]

@nalind A different test is failing i.e TestConformanceInternal/copy_chmod , I think this is failing because changes in newer version of docker.

[flouthoc]

@nalind This fixes error for me and is compatible with newer buildkit, but I am not sure why this additional & was added, do you have any hints ? I can't think of a reason why it was added all the test pass without it as well.

diff --git a/dockerclient/client.go b/dockerclient/client.go
index 1e8c83f..1236d66 100644
--- a/dockerclient/client.go
+++ b/dockerclient/client.go
@@ -1058,7 +1058,7 @@ func (e *ClientExecutor) CopyContainer(container *docker.Container, excludes []s
                        }
                        chmod = func(h *tar.Header, r io.Reader) (data []byte, update bool, skip bool, err error) {
                                mode := h.Mode &^ 0o777
-                               mode |= parsed & 0o777
+                               mode |= parsed
                                h.Mode = mode
                                return nil, false, false, nil

[nalind]

@nalind This fixes error for me and is compatible with newer buildkit, but I am not sure why this additional & was added, do you have any hints ? I can't think of a reason why it was added all the test pass without it as well.

diff --git a/dockerclient/client.go b/dockerclient/client.go
index 1e8c83f..1236d66 100644
--- a/dockerclient/client.go
+++ b/dockerclient/client.go
@@ -1058,7 +1058,7 @@ func (e *ClientExecutor) CopyContainer(container *docker.Container, excludes []s
                        }
                        chmod = func(h *tar.Header, r io.Reader) (data []byte, update bool, skip bool, err error) {
                                mode := h.Mode &^ 0o777
-                               mode |= parsed & 0o777
+                               mode |= parsed
                                h.Mode = mode
                                return nil, false, false, nil

The intent there was to avoid cases where bits that attempt to change the file type were added (the bits for block and character devices fit within g 16-bit numbers). 0o7777 might work better there, since that'll also allow setuid/setgid/sticky, though I think that'd be kind of a weird thing to use in a COPY --chown.

[flouthoc]

The intent there was to avoid cases where bits that attempt to change the file type were added (the bits for block and character devices fit within g 16-bit numbers). 0o7777 might work better there, since that'll also allow setuid/setgid/sticky, though I think that'd be kind of a weird thing to use in a COPY --chown.

Thanks this worked, I think CI should pass now.

[nalind]

Oof, I meant chmod, but anyway, LGTM.

[flouthoc]

Okay I think all the test passed last time except one which failed and I think it was a size diff fluke in conformance test, I think it should pass in this re-push.

[flouthoc]

@nalind @rhatdan @TomSweeneyRedHat PTAL , finally CI is green.

[TomSweeneyRedHat]

LGTM and happy green test buttons

[flouthoc]

@nalind @rhatdan PTAL

[rhatdan]

/lgtm
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: flouthoc, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [rhatdan]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@flouthoc: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[flouthoc]

@nalind @TomSweeneyRedHat Could we cut a new imagebuilder version whenever possible, thanks.