search

GoogleContainerTools / kaniko

Build Container Images In Kubernetes
Apache License 2.0
14.68k stars 1.43k forks source link

--single-snapshot seems to be ignored #3215

Open cdprete opened 3 months ago

cdprete commented 3 months ago

Hello. I've a GitLab job like the following:

.docker:
  image:
    name: artifactory.foo.net/kaniko-project/executor:debug
    entrypoint: [ "" ]
  before_script:
    - APP_VERSION=$(cat "$APP_VERSION_FILE")
  script:
    - |
      if [ "$REPOSITORY_TYPE" = "" ]; then 
        /kaniko/executor --no-push --context "$CHART_PATH" --single-snapshot --use-new-run --build-arg APP_VERSION="$APP_VERSION"
      else
        /kaniko/executor --context "$CHART_PATH" --single-snapshot --cache=true --use-new-run --build-arg APP_VERSION="$APP_VERSION" --destination "news-docker-$REPOSITORY_TYPE-local.artifactory.foo.net/opensearchproject/opensearch:$APP_VERSION"
      fi
  rules:
  - exists: [ "$CHART_PATH/Dockerfile" ]

and from the output I can see that multiple snapshots are created, even if --single-snapshot is specified:

$ APP_VERSION=$(cat "$APP_VERSION_FILE") $ if [ "$REPOSITORY_TYPE" = "" ]; then # collapsed multi-line command INFO[0000] Retrieving image manifest artifactory.foo.net/opensearchproject/opensearch:2.14.0 INFO[0000] Retrieving image artifactory.foo.net/opensearchproject/opensearch:2.14.0 from registry artifactory.foo.net INFO[0000] Built cross stage deps: map[]
INFO[0000] Retrieving image manifest artifactory.foo.net/opensearchproject/opensearch:2.14.0 INFO[0000] Returning cached image manifest
INFO[0000] Executing 0 build triggers
INFO[0000] Building stage 'artifactory.foo.net/opensearchproject/opensearch:2.14.0' [idx: '0', base-idx: '-1'] INFO[0000] Unpacking rootfs as cmd RUN chmod -R 777 /usr/share/opensearch requires it. INFO[0043] Initializing snapshotter ...
INFO[0043] Taking snapshot of full filesystem...
INFO[0045] RUN chmod -R 777 /usr/share/opensearch
INFO[0045] Cmd: /bin/sh
INFO[0045] Args: [-c chmod -R 777 /usr/share/opensearch] INFO[0045] Util.Lookup returned: &{Uid:1000 Gid:1000 Username:root Name: HomeDir:/home/1000} INFO[0045] Performing slow lookup of group ids for root INFO[0045] Running: [/bin/sh -c chmod -R 777 /usr/share/opensearch] INFO[0046] Taking snapshot of full filesystem...
INFO[0072] Skipping push to container registry due to --no-push flag Cleaning up project directory and file based variables 00:00 Job succeeded

The Dockerfile is just

ARG APP_VERSION=2.14.0
FROM artifactory.foo.net/opensearchproject/opensearch:$APP_VERSION

RUN chmod -R 777 /usr/share/opensearch
FilDevTronic commented 3 months ago

Seeing the exact same thing, with the snapshotter taking a full filesystem snapshot at each new stage/FROM.

CI log exceprt:

  • unzip -q /opt/kotlin-compiler-||||||.zip -d /opt

  • rm /opt/kotlin-compiler-||||||.zip INFO[0103] Taking snapshot of full filesystem...
    INFO[0105] Saving file opt/kotlinc for later use
    INFO[0105] Deleting filesystem...
    INFO[0105] Base image from previous stage 1 found, using saved tar at path /kaniko/stages/1 INFO[0105] Executing 0 build triggers
    INFO[0105] Building stage 'java' [idx: '4', base-idx: '1'] INFO[0105] Unpacking rootfs as cmd RUN export ANDROID_HOME="/opt/android-sdk" .......... INFO[0108] Initializing snapshotter ...
    INFO[0108] Taking snapshot of full filesystem...
    INFO[0113] SHELL ["/bin/bash", "-exo", "pipefail", "-c"] INFO[0113] RUN export ANDROID_HOME="/opt/android-sdk" && export ............... ..................

    Accept? (y/N): All SDK package licenses accepted

  • true INFO[0142] Taking snapshot of full filesystem...
    INFO[0212] Saving file opt/android-sdk for later use
    INFO[0275] Deleting filesystem...
    INFO[0276] Base image from previous stage 1 found, using saved tar at path /kaniko/stages/1 INFO[0276] Executing 0 build triggers
    INFO[0277] Building stage 'java' [idx: '5', base-idx: '1'] INFO[0309] Unpacking rootfs as cmd COPY --from=gradle /opt/gradle /opt/gradle requires it. INFO[0313] Initializing snapshotter ...
    INFO[0313] Taking snapshot of full filesystem... .......................

Dockerfile structure is similar to this:

FROM ... AS base

LABEL ...
LABEL ...

ARG ...
ARG ...
ARG ...
ARG ...
ARG ...
ARG ...
ARG ...
ARG ...
ARG ...
ARG ...

ENV ...

SHELL ...
RUN ...

FROM base AS java

SHELL ...
RUN ...

FROM base AS gradle

SHELL ...
RUN ...

FROM base AS kotlin

SHELL ...
RUN ...

FROM java AS android

SHELL ...
RUN ...

FROM java AS final

COPY --from=gradle ... ...
COPY --from=kotlin ... ...
COPY --from=android ... ...

ENV ....
ENV ....

SHELL ....
RUN .....

ENTRYPOINT ...

The kaniko arguments, related to caching etc, are like this:

--single-snapshot --snapshot-mode=redo --cache=true --cache-copy-layers=false --cache-ttl=24h --use-new-run
FilDevTronic commented 3 months ago

@cdprete have you noticed any difference without --use-new-run?

cdprete commented 3 months ago

Not at all.

Il mer 19 giu 2024, 22:58 Filip M @.***> ha scritto:

@cdprete https://github.com/cdprete have you noticed any difference without --use-new-run?

— Reply to this email directly, view it on GitHub https://github.com/GoogleContainerTools/kaniko/issues/3215#issuecomment-2179448895, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACAZGWF4UVWQKN7WUZHE563ZIHWITAVCNFSM6AAAAABJPTQEUWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNZZGQ2DQOBZGU . You are receiving this because you were mentioned.Message ID: @.***>

cdprete commented 2 months ago

@FilDevTronic does for you --snapshot-mode work? I see it being ignored as well for me: https://github.com/GoogleContainerTools/kaniko/issues/3233

agilebean commented 2 months ago

I can confirm that the flags --single-snapshot, --use-new-run, --snapshot-mode=redo

have no impact on the build snapshotting each layer.