[Bug]: wf_dockerfile_build exit status 255 "read-only file system"

[wesbragagt]

Prior Search

• [X] I have already searched this project's issues to determine if a bug report has already been made.

What happened?

When attempting to use the wf_dockerfile_build module from the panfactum stack I got an error due to not being able to write to the container's file system.

Steps to Reproduce

This is how I'm using it

module "projects_build_push_workflow" {
  source                    = "github.com/Panfactum/stack.git//packages/infrastructure/wf_dockerfile_build?ref=edge.24-08-12"

  for_each = {
    for key, value in var.projects : key => {
      code_repo = value.build.code_repo
      image_repo = value.build.image_repo
      dockerfile_path = value.build.dockerfile_path
      build_context = value.build.build_context
      secrets = value.build.secrets
      args = value.build.args
      push_image_enabled = value.build.push_image_enabled
      git_ref = value.build.git_ref
    } if value.build != null
  }

  name = "build-${each.key}"
  namespace = local.namespace
  eks_cluster_name          = var.eks_cluster_name
  pull_through_cache_enabled = var.pull_through_cache_enabled

  code_repo = "github.com/implentio/${each.value.code_repo}"
  dockerfile_path = each.value.dockerfile_path
  image_repo = each.value.image_repo
  build_context = each.value.build_context

  git_username = var.github_username
  git_password = var.github_token
  secrets = merge(each.value.secrets, {})

  args = each.value.args
  push_image_enabled = each.value.push_image_enabled
  git_ref = each.value.git_ref

  # pf-generate: pass_vars
  pf_stack_version = var.pf_stack_version
  pf_stack_commit  = var.pf_stack_commit
  environment      = var.environment
  region           = var.region
  pf_root_module   = var.pf_root_module
  is_local         = var.is_local
  extra_tags       = var.extra_tags
  # end-generate
}

Relevant log output

build-implentio-api-5tx7z-build-images-1885960150: {"argo":true,"level":"info","msg":"capturing logs","time":"2024-08-12T21:23:04.920Z"}
build-implentio-api-5tx7z-build-images-1885960150: error: could not lock config file //.gitconfig: Read-only file system
build-implentio-api-5tx7z-build-images-1885960150: {"argo":true,"error":null,"level":"info","msg":"sub-process exited","time":"2024-08-12T21:23:05.926Z"}
build-implentio-api-5tx7z-build-images-1885960150: {"argo":true,"level":"info","msg":"not saving outputs - not main container","time":"2024-08-12T21:23:05.926Z"}
build-implentio-api-5tx7z-build-images-1885960150: Error: exit status 255
build-implentio-api-5tx7z-build-images-1281818771: {"argo":true,"level":"info","msg":"capturing logs","time":"2024-08-12T21:24:08.228Z"}
build-implentio-api-5tx7z-build-images-1281818771: error: could not lock config file //.gitconfig: Read-only file system
build-implentio-api-5tx7z-build-images-1281818771: {"argo":true,"error":null,"level":"info","msg":"sub-process exited","time":"2024-08-12T21:24:09.233Z"}
build-implentio-api-5tx7z-build-images-1281818771: {"argo":true,"level":"info","msg":"not saving outputs - not main container","time":"2024-08-12T21:24:09.234Z"}
build-implentio-api-5tx7z-build-images-1281818771: Error: exit status 255

[wesbragagt]

@fullykubed I had to add to my sub-module the following attributes

  run_as_root = true
  read_only_root_fs = false
  privileged = true

[fullykubed]

I see the issue. I forgot to update the Panfactum base image used in the CI templates. Will include in the release tomorrow.

[fullykubed]

@wesbragagt Can you give this a test and let us know if the latest release resolved the issue?

[wesbragagt]

Confirming that it works

[fullykubed]

Nice