All things docker
I’m seeing some weird behavior building images using buildx.
docker buildx build --cache-from $IMAGE:$PREVIOUS_BUILD_SHA --cache-to type=inline --file Dockerfile --output type=docker --progress plain --tag $IMAGE:$CURRENT_SHA --tag $IMAGE:latest .
I’m running this in a gitlab ci pipeline and it seems that the first build on a new branch (when there is no cache as $IMAGE includes the branch name) it works fine, but on following builds it’s like it’s skipping layers?
The output looks right, but when pull the images the first one is definitely larger than subsequent builds, and trying to run a container with the image fails as a bin that’s called from the entrypoint script is missing.
Anyone seen this kind of thing? Any pointers?
Client: Docker Engine - Community Version: 19.03.12 API version: 1.40 Go version: go1.13.10 Git commit: 48a66213fe Built: Mon Jun 22 15:45:50 2020 OS/Arch: linux/amd64 Experimental: true Server: Docker Engine - Community Engine: Version: 19.03.9 API version: 1.40 (minimum version 1.12) Go version: go1.13.10 Git commit: 9d988398e7 Built: Fri May 15 00:28:17 2020 OS/Arch: linux/amd64 Experimental: true containerd: Version: v1.2.13 GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc: Version: 1.0.0-rc10 GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd docker-init: Version: 0.18.0 GitCommit: fec3683
I'am building an image foo/app with the following aspects: The image gets the tag :build-latest, :build-latest-master, build-nr-<buildID> i build using CACHE_FROM=foo/app:build-latest-mas…
probably a dumb question but what are the cons of running a fargate container as root user instead of a non root user?