Closed haizaar closed 4 years ago
I experience this problem too.
Current workaround for me is using gcr.io/kaniko-project/executor:v0.13.0
.
Just found this having the exact same issue using kaniko on cloud build. will try suggested work aorund/roll back.
this appears to the same underlying problem as #845 and #589
@cvgw Any movement on getting that fix merged?
@mcfedr hoping to get merged this week
I can also confirm this does not exist in 0.13.0
but not sure why
hope the fixes can get merged soon and released
This is how I recreated the issue locally using a test Dockerfile and AWS ECR as a Cache repo
We can replicate this bug on our machine using Docker
Dockerfile
# set some variables
docker_image="gcr.io/kaniko-project/executor:debug-v0.14.0"
ecr_endpoint="YOUR_AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com"
ecr_repo="YOUR_ECR_REPO_NAME"
mkdir -p ./tmp/ cat <<'EOF' > ./tmp/Dockerfile FROM busybox:latest as builder COPY ./date.txt /tmp/date.txt
FROM busybox:latest COPY --from=builder /tmp/date.txt /tmp/test.txt EOF
- [ ] Run Kaniko locally using docker
```sh
# run kaniko debug image with some env vars
docker run \
--tty \
--interactive \
--rm \
--volume "$(pwd)/tmp:/app" \
--volume "$HOME/.aws":/root/.aws \
--env "AWS_DEFAULT_REGION=us-east-1" \
--env "ECR_ENDPOINT=${ecr_endpoint}" \
--env "ECR_REPO=${ecr_repo}" \
--entrypoint "" \
"${docker_image}" \
sh
# create ECR config file for kaniko
mkdir -p /kaniko/.docker/
cat <<EOF > /kaniko/.docker/config.json
{
"credHelpers": {
"${ECR_ENDPOINT}": "ecr-login"
}
}
EOF
# Create first image
echo $(date) > /app/date.txt
ecr_tag="test-$(date +%s)"
/kaniko/executor \
--context "/app" \
--dockerfile "/app/Dockerfile" \
--destination "${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag}" \
--cache-repo "${ECR_ENDPOINT}/${ECR_REPO}/cache" \
--cache=true \
--cleanup
echo "docker run -it --rm ${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag} cat /tmp/test.txt > image1.txt"
- [ ] Create 2nd Image w/ cache
```sh
# Create 2nd Image
echo $(date) > /app/date.txt
ecr_tag="test-$(date +%s)"
/kaniko/executor \
--context "/app" \
--dockerfile "/app/Dockerfile" \
--destination "${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag}" \
--cache-repo "${ECR_ENDPOINT}/${ECR_REPO}/cache" \
--cache=true \
--cleanup
echo "docker run -it --rm ${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag} cat /tmp/test.txt > image2.txt"
# Create 3rd Image w/o Cache
echo $(date) > /app/date.txt
ecr_tag="test-$(date +%s)"
/kaniko/executor \
--context "/app" \
--dockerfile "/app/Dockerfile" \
--destination "${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag}" \
--cache-repo "${ECR_ENDPOINT}/${ECR_REPO}/cache" \
--cache=false \
--cleanup
echo "docker run -it --rm ${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag} cat /tmp/test.txt > image3.txt"
- [ ] Run the 3 docker commands which output 3 text files and cat them
```sh
$ cat image{1..3}.txt
cat image1.
Tue Dec 10 14:30:10 UTC 2019
Tue Dec 10 14:30:10 UTC 2019
Tue Dec 10 15:09:24 UTC 2019
image3.txt
gave us an updated date.txt file because it did not use the cache.Lets try again to build but with docker image gcr.io/kaniko-project/executor:debug-v0.13.0
0.13.0
:
# Run Kaniko Image 0.13.0
docker_image="gcr.io/kaniko-project/executor:debug-v0.13.0"
docker run \ --tty \ --interactive \ --rm \ --volume "$(pwd)/tmp:/app" \ --volume "$HOME/.aws":/root/.aws \ --env "AWS_DEFAULT_REGION=us-east-1" \ --env "ECR_ENDPOINT=${ecr_endpoint}" \ --env "ECR_REPO=${ecr_repo}" \ --entrypoint "" \ "${docker_image}" \ sh
- [ ] Create ECR config for Kaniko
```sh
# create ECR config file for kaniko
mkdir -p /kaniko/.docker/
cat <<EOF > /kaniko/.docker/config.json
{
"credHelpers": {
"${ECR_ENDPOINT}": "ecr-login"
}
}
EOF
echo $(date) > /app/date.txt
ecr_tag="test-$(date +%s)"
/kaniko/executor \
--context "/app" \
--dockerfile "/app/Dockerfile" \
--destination "${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag}" \
--cache-repo "${ECR_ENDPOINT}/${ECR_REPO}/cache" \
--cache=true \
--cleanup
echo "docker run -it --rm ${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag} cat /tmp/test.txt > image4.txt"
- [ ] Create 5th Docker Image w/ Cache and 0.13.0
```sh
echo $(date) > /app/date.txt
ecr_tag="test-$(date +%s)"
/kaniko/executor \
--context "/app" \
--dockerfile "/app/Dockerfile" \
--destination "${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag}" \
--cache-repo "${ECR_ENDPOINT}/${ECR_REPO}/cache" \
--cache=true \
--cleanup
echo "docker run -it --rm ${ECR_ENDPOINT}/${ECR_REPO}:${ecr_tag} cat /tmp/test.txt > image5.txt"
$ cat image{4..5}.txt
Tue Dec 10 15:32:45 UTC 2019
cat image5. Tue Dec 10 15:35:38 UTC 2019
Once https://github.com/GoogleContainerTools/kaniko/issues/899 is fixed this issue should be resolved
This should be fixed as of master@https://github.com/GoogleContainerTools/kaniko/commit/a675098b452d020bf678063a3ac2d3be84b0e545
Some assistance verifying that it is fixed would be appreciated. Thank you
This should be fixed as of master@a675098
Some assistance verifying that it is fixed would be appreciated. Thank you
Is there a prebuilt image from master that I can test with? it looks like gcr.io/kaniko-project/executor:latest
is fixed at the last release
@mcfedr I think you can use the git hash, like gcr.io/kaniko-project/executor:a675098b452d020bf678063a3ac2d3be84b0e545
@mcfedr you can check image versions in GCR https://console.cloud.google.com/gcr/images/kaniko-project/GLOBAL/executor?gcrImageListsize=30
This should be fixed as of master@a675098
Some assistance verifying that it is fixed would be appreciated. Thank you
@cvgw fix is working on the latest version for me.
Dockerfile
FROM maven:3.6.2-jdk-11-slim AS build
WORKDIR /usr/src/app
COPY pom.xml .
RUN mvn dependency:go-offline
COPY src ./src
RUN mvn clean package
FROM openjdk:11.0.4-jre-slim
WORKDIR /home/user
COPY --from=build /usr/src/app/target/app-0.0.1.jar /home/user/app.jar
RUN chmod +x /home/user/app.jar
ENTRYPOINT ["java", "-jar", "app.jar"]
EXPOSE 8080
kaniko output running multiple builds, changing source code
INFO[0390] No cached layer found for cmd COPY --from=build /usr/src/app/target/app-0.0.1.jar /home/user/app.jar
@cvgw works for me too. Thanks!
Thanks everyone for the help solving and verifying this issue. Closing, but feel free to reopen if it isn't 100% fixed
Any info on when release version lands(0.15.0?)? (I can test commit based version, but won't be able to use non-release version in production.)
@stroncium plan is to release v0.15.0 this week
Hey folks, we're seeing the same issue on the most recent debug
build. In a multi-stage build, the first layer generates a new image and yet the second layer still results to the cached version, not sure if there's been a regression in this
Also seeing this in latest
Also seeing this in 1.6, examples described here https://github.com/GoogleContainerTools/kaniko/issues/1348 as well.
Actual behavior I have a two stage docker image that first build sphinx docs and then copies it to the second nginx image:
I build it on Google Cloud Build using
gcr.io/kaniko-project/executor:latest
builder.The problem is the last copy instruction - even through generated HTML files differ from the previously built revision, kaniko still prefers to use the cached version:
Expected behavior Detect that stage 0 image files' have changes and discard cache for
COPY --from
directive in the stage 1.To Reproduce Steps to reproduce the behavior:
Run:
Then add the above Dockerfile under
docs/
.Now add it all to git, commit and trigger Cloud Build using the following step:
Change
docs/index.rst
, commit, trigger new build and see that resulting images still has the old version of the docsAdditional Information
Kaniko Image sha256:9c40a04cf1bc9d886f7f000e0b7fa5300c31c89e2ad001e97eeeecdce9f07a29
Triage Notes for the Maintainers
--cache
flag