docker buildx errors

[killsnow]

No description provided.

[killsnow]

Hi:
when I use docker buildx to build arm64 image in x86 there are some errors。

`docker buildx build --platform linux/arm64 -t gitlab:14.10.0 .

[+] Building 77.4s (8/14)
=> [internal] load .dockerignore 0.1s
=> => transferring context: 128B 0.0s
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 3.71kB 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:focal-20220531 7.2s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
=> [1/9] FROM docker.io/library/ubuntu:focal-20220531@sha256:fd92c36d3cb9b1d027c4d2a72c6bf0125da82425fc2ca37c414d4f010180dc19 0.0s
=> => resolve docker.io/library/ubuntu:focal-20220531@sha256:fd92c36d3cb9b1d027c4d2a72c6bf0125da82425fc2ca37c414d4f010180dc19 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 1.85kB 0.0s
=> CACHED [2/9] RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y wget ca-certificates apt-transport-https gnu 0.0s
=> CANCELED [3/9] RUN set -ex && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 && echo "deb http:// 70.1s
WARNING: No output specified for docker-container driver. Build result will only remain in the build cache. To push result image into registry use --push or to load image into docker use --load
error: failed to solve: Canceled: context canceled
xujinshui@xujinshuideMacBook-Pro-6083 docker-gitlab % vi Dockerfile
xujinshui@xujinshuideMacBook-Pro-6083 docker-gitlab % docker buildx build --platform linux/arm64 -t gitlab:15.1.0 .
[+] Building 4.2s (7/13)
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 3.72kB 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 128B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:focal-20220531 1.6s
=> [1/9] FROM docker.io/library/ubuntu:focal-20220531@sha256:fd92c36d3cb9b1d027c4d2a72c6bf0125da82425fc2ca37c414d4f010180dc19 0.0s
=> => resolve docker.io/library/ubuntu:focal-20220531@sha256:fd92c36d3cb9b1d027c4d2a72c6bf0125da82425fc2ca37c414d4f010180dc19 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 1.85kB 0.0s
=> CACHED [2/9] RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y wget ca-certificates apt-transport-https gnu 0.0s
=> ERROR [3/9] RUN set -ex && apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 && echo "deb htt 2.4s

[3/9] RUN set -ex && apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && echo 'deb https://deb.nodesource.com/node_16.x focal main' > /etc/apt/sources.list.d/nodesource.list && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list && set -ex && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y sudo supervisor logrotate locales curl nginx openssh-server postgresql-client-12 postgresql-contrib-12 redis-tools python3 python3-docutils nodejs yarn gettext-base graphicsmagick libpq5 zlib1g libyaml-0-2 libssl1.1 libgdbm6 libreadline8 libncurses5 libffi7 libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl libmagic1 && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && locale-gen en_US.UTF-8 && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales && rm -rf /var/lib/apt/lists/*:
#0 0.184 + apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24
#0 2.103 Usage: apt-key [--keyring file] [command] [arguments]
#0 2.103
#0 2.103 Manage apt's list of trusted keys
#0 2.103
#0 2.104 apt-key add - add the key contained in ('-' for stdin)
#0 2.104 apt-key del - remove the key
#0 2.106 apt-key export - output the key
#0 2.106 apt-key exportall - output all trusted keys
#0 2.106 apt-key update - update keys using the keyring package
#0 2.106 apt-key net-update - update keys using the network
#0 2.106 apt-key list - list keys
#0 2.108 apt-key finger - list fingerprints
#0 2.108 apt-key adv - pass advanced options to gpg (download key)
#0 2.108
#0 2.108 If no specific keyring file is given the command applies to all keyring files.

---

WARNING: No output specified for docker-container driver. Build result will only remain in the build cache. To push result image into registry use --push or to load image into docker use --load
Dockerfile:32

31 |
32 | >>> RUN set -ex &&
33 | >>> apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24
34 | >>> && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list
35 | >>> && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C
36 | >>> && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list
37 | >>> && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
38 | >>> && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list
39 | >>> && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
40 | >>> && echo 'deb https://deb.nodesource.com/node_16.x focal main' > /etc/apt/sources.list.d/nodesource.list
41 | >>> && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
42 | >>> && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list
43 | >>> && set -ex
44 | >>> && apt-get update
45 | >>> && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y
46 | >>> sudo supervisor logrotate locales curl
47 | >>> nginx openssh-server postgresql-client-12 postgresql-contrib-12 redis-tools
48 | >>> python3 python3-docutils nodejs yarn gettext-base graphicsmagick
49 | >>> libpq5 zlib1g libyaml-0-2 libssl1.1
50 | >>> libgdbm6 libreadline8 libncurses5 libffi7
51 | >>> libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl
52 | >>> libmagic1
53 | >>> && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX
54 | >>> && locale-gen en_US.UTF-8
55 | >>> && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
56 | >>> && rm -rf /var/lib/apt/lists/*
57 |

error: failed to solve: process "/bin/sh -c set -ex && apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && echo 'deb https://deb.nodesource.com/node_16.x focal main' > /etc/apt/sources.list.d/nodesource.list && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list && set -ex && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y sudo supervisor logrotate locales curl nginx openssh-server postgresql-client-12 postgresql-contrib-12 redis-tools python3 python3-docutils nodejs yarn gettext-base graphicsmagick libpq5 zlib1g libyaml-0-2 libssl1.1 libgdbm6 libreadline8 libncurses5 libffi7 libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl libmagic1 && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && locale-gen en_US.UTF-8 && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales && rm -rf /var/lib/apt/lists/*" did not complete successfully: exit code: 1`

[kkimurak]

1. Did you modified Dockerfile?
   The message below shows the help message because you have passed invalid option -no-tty to apt-key command. I think this should be --no-tty.

   [3/9] RUN set -ex && apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24 && echo "deb http://ppa.launchpad.net/git-core/ppa/ubuntu focal main" >> /etc/apt/sources.list && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8B3981E7A6852F782CC4951600A6F0A3C300EE8C && echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu focal main" >> /etc/apt/sources.list && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && echo 'deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main' > /etc/apt/sources.list.d/pgdg.list && wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && echo 'deb https://deb.nodesource.com/node_16.x focal main' > /etc/apt/sources.list.d/nodesource.list && wget --quiet -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list && set -ex && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y sudo supervisor logrotate locales curl nginx openssh-server postgresql-client-12 postgresql-contrib-12 redis-tools python3 python3-docutils nodejs yarn gettext-base graphicsmagick libpq5 zlib1g libyaml-0-2 libssl1.1 libgdbm6 libreadline8 libncurses5 libffi7 libxml2 libxslt1.1 libcurl4 libicu66 libre2-dev tzdata unzip libimage-exiftool-perl libmagic1 && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && locale-gen en_US.UTF-8 && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales && rm -rf /var/lib/apt/lists/*:
   #0 0.184 + apt-key -no-tty adv --keyserver hkp://keyserver.ubuntu.com:80 --recv E1DD270288B4E6030699E45FA1715D88E1DF1F24
   #0 2.103 Usage: apt-key [--keyring file] [command] [arguments]
   #0 2.103
   #0 2.103 Manage apt's list of trusted keys
   #0 2.103
   #0 2.104 apt-key add - add the key contained in ('-' for stdin)
   #0 2.104 apt-key del - remove the key
   #0 2.106 apt-key export - output the key
   #0 2.106 apt-key exportall - output all trusted keys
   #0 2.106 apt-key update - update keys using the keyring package
   #0 2.106 apt-key net-update - update keys using the network
   #0 2.106 apt-key list - list keys
   #0 2.108 apt-key finger - list fingerprints
   #0 2.108 apt-key adv - pass advanced options to gpg (download key)
   #0 2.108
   #0 2.108 If no specific keyring file is given the command applies to all keyring files.

2. This project only provides amd64 based image at least now. There might be some task to achieve multi architecture support. For example, I found that we specify architecture on downloading go release binary.
   This limitation could be relaxed with a simple change like this:

   diff --git assets/build/install.sh assets/build/install.sh
   index f35bc155..862c3b2c 100755
   --- assets/build/install.sh
   +++ assets/build/install.sh
   @@ -14,6 +14,21 @@ RUBY_SRC_URL=https://cache.ruby-lang.org/pub/ruby/${RUBY_VERSION%.*}/ruby-${RUBY
    
    GEM_CACHE_DIR="${GITLAB_BUILD_DIR}/cache"
    
   +# check system architecture
   +case "$(uname -m)" in
   +  "x86_64")
   +    SYSTEM_ARCHITECTURE_NAME="amd64"
   +    ;;
   +  "aarch64")
   +    SYSTEM_ARCHITECTURE_NAME="arm64"
   +    ;;
   +  *)
   +    echo "The architecture not supported ("$(uname -a)")"
   +    exit 1
   +esac
   +
   +GOLANG_ARCHIVE="go${GOLANG_VERSION}.linux-${SYSTEM_ARCHITECTURE_NAME}.tar.gz"
   +
    GOROOT=/tmp/go
    PATH=${GOROOT}/bin:$PATH
    
   @@ -96,9 +111,9 @@ BUNDLER_VERSION="$(grep "BUNDLED WITH" ${GITLAB_INSTALL_DIR}/Gemfile.lock -A 1 |
    gem install bundler:"${BUNDLER_VERSION}"
    
    # download golang
   -echo "Downloading Go ${GOLANG_VERSION}..."
   -wget -cnv https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-amd64.tar.gz -P ${GITLAB_BUILD_DIR}/
   -tar -xf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz -C /tmp/
   +echo "Downloading Go ${GOLANG_VERSION} for ${SYSTEM_ARCHITECTURE_NAME}..."
   +wget -cnv https://storage.googleapis.com/golang/${GOLANG_ARCHIVE} -P ${GITLAB_BUILD_DIR}/
   +tar -xf ${GITLAB_BUILD_DIR}/${GOLANG_ARCHIVE} -C /tmp/
    
    # install gitlab-shell
    echo "Downloading gitlab-shell v.${GITLAB_SHELL_VERSION}..."
   @@ -157,7 +172,7 @@ rm -rf ${GITLAB_GITALY_BUILD_DIR}
    
    # remove go
    go clean --modcache
   -rm -rf ${GITLAB_BUILD_DIR}/go${GOLANG_VERSION}.linux-amd64.tar.gz ${GOROOT}
   +rm -rf ${GITLAB_BUILD_DIR}/${GOLANG_ARCHIVE} ${GOROOT}
    
    # remove HSTS config from the default headers, we configure it in nginx
    exec_as_git sed -i "/headers\['Strict-Transport-Security'\]/d" ${GITLAB_INSTALL_DIR}/app/controllers/application_controller.rb

3. I have noticed that copying database.yml.postgresql to (GitLab app root)/config as database.yml fails with permission error.

   #9 18192.6 drwxrwx--- 2 root root 4.0K Jul  4 08:28 .
   #9 18192.6 drwxr-xr-x 1 root root 4.0K Jul  5 02:33 ..
   #9 18192.6 -rwxrwx--- 1 root root 2.5K Jul  4 04:19 database.yml.postgresql
   #9 18192.8 /usr/bin/cp: cannot stat '/etc/docker-gitlab/build/config/database.yml.postgresql': Permission denied
   ------
   error: failed to solve: executor failed running [/bin/sh -c bash ${GITLAB_BUILD_DIR}/install.sh]: exit code: 1

   Note that I have added ls -lah ${GITLAB_BUILD_DIR}/config before exec_as_git cp .... It shows that the owner of the file is root:root and read/write/execute is not permitted for the user git ($GITLAB_USER).
   This can be fixed by following patch:

   diff --git assets/build/install.sh assets/build/install.sh
   index f35bc155..862c3b2c 100755
   --- assets/build/install.sh
   +++ assets/build/install.sh
   @@ -191,7 +206,8 @@ exec_as_git cp ${GITLAB_INSTALL_DIR}/config/gitlab.yml.example ${GITLAB_INSTALL_
    # Temporary workaround, see <https://github.com/sameersbn/docker-gitlab/pull/2596>
    #
    # exec_as_git cp ${GITLAB_INSTALL_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
   -exec_as_git cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
   +cp ${GITLAB_BUILD_DIR}/config/database.yml.postgresql ${GITLAB_INSTALL_DIR}/config/database.yml
   +chown ${GITLAB_USER}: ${GITLAB_INSTALL_DIR}/config/database.yml
   
    # Installs nodejs packages required to compile webpack
    exec_as_git yarn install --production --pure-lockfile

   However, I have never noticed the behavior and recent builds for this project all passed. It seems only happens when I use buildx. I don't know why.
   UPDATE: PR is going on Avoid permission error on creating config file #2717

   Anyway, I have started building with the patch I've wrote above now. I will report as soon as it is completed (it will take a few hours..).

4. As far as I tried it at hand, it takes a very long time to build (about 300 minutes even though it failed in the middle, which is more than 10 times the conventional one). I don't know if it will be officially incorporated into the project (and I don't have the right to have a decision).

---

P.S. It is helpful to share a full error log, but GitHub renders the text as markdown by default (and it will broke some original information). Please consider attach as a file or use code block to make it easier to read the log and let us help you.

[kkimurak]

Build using buildx succeed after applying patches I've wrote above. It took about 443 minutes. I have tested with gitlab 15.0.3 but there are no difference on build, I think.

(build log omitted. see attachment file for full log)

$ { time docker buildx build --platform linux/arm64 -t sameersbn/gitlab:15.0.3-arm64 . ; } 2>&1 | tee buildx_sameersbn_gitlab_15.0.3.arm64_include-platform-to-golang-install-url.log_change-user-to-cp-database.yml.log

real	443m3.571s
user	0m28.869s
sys	0m14.879s

build log: buildx_sameersbn_gitlab_15.0.3.arm64_include-platform-to-golang-install-url.log_change-user-to-cp-database.yml.log
patch: sameersbn_docker-gitlab_issue2603.patch.txt

[kkimurak]

I have submit a PR #2732.