tachoknight commented 4 years ago

Description

Aloha! When trying to build an image via Podman (it was the Podman repo that sent me here), I have found that ARG values do not get passed to ENV in the Dockerfile. This does work with Docker.

I am using Podman 1.9.1 on a new installation of Fedora 32. Buildah version is 1.14.8 (both installed via dnf).

Steps to reproduce the issue:

Using this Dockerfile:


FROM centos:8
ARG FOO=bar
ARG WEBROOT=https://example.org/

ENV WEBROOT="$WEBROOT/$FOO"

RUN echo "${WEBROOT}/latest-build.yml"

2. Run `docker build -f ./Dockerfile . -t "nothing:nothing"`

**Describe the results you received:**

STEP 1: FROM centos:8 STEP 2: ARG FOO=bar --> e0570e10c8c STEP 3: ARG WEBROOT=https://example.org/ --> cf6a073b395 STEP 4: ENV WEBROOT="$WEBROOT/$FOO" --> 5bb67731c71 STEP 5: RUN echo "${WEBROOT}/latest-build.yml" https://example.org//latest-build.yml STEP 6: COMMIT nothing:nothing --> 2b4886a3eac 2b4886a3eacb548121813dba8fa1f9e2740475961940bace77a6429896977119

Note that the result of the echo is **https://example.org//latest-build.yml**

**Describe the results you expected:**

When run using Docker:

Sending build context to Docker daemon 3.072 kB Step 1/5 : FROM centos:8 ---> 470671670cac Step 2/5 : ARG FOO=bar ---> Running in 51af1f6d924f ---> 8965f2299110 Removing intermediate container 51af1f6d924f Step 3/5 : ARG WEBROOT=https://example.org ---> Running in aa23d8feaa69 ---> 6214e2a80239 Removing intermediate container aa23d8feaa69 Step 4/5 : ENV WEBROOT "$WEBROOT/$FOO" ---> Running in 350af92a3854 ---> 5d7126dc1520 Removing intermediate container 350af92a3854 Step 5/5 : RUN echo "${WEBROOT}/latest-build.yml" ---> Running in b714c4be51d1 https://example.org/bar/latest-build.yml ---> 4292ac41d5e9 Removing intermediate container b714c4be51d1 Successfully built 4292ac41d5e9

The result of the echo correct: **https://example.org/bar/latest-build.yml**

**Output of `buildah version`:**
`buildah-1.14.8-1.fc32.x86_64`

**Output of `podman version` if reporting a `podman build` issue:**
`podman version 1.9.1`

**Output of `cat /etc/*release`:**

Fedora release 32 (Thirty Two) NAME=Fedora VERSION="32 (Server Edition)" ID=fedora VERSION_ID=32 VERSION_CODENAME="" PLATFORM_ID="platform:f32" PRETTY_NAME="Fedora 32 (Server Edition)" ANSI_COLOR="0;34" LOGO=fedora-logo-icon CPE_NAME="cpe:/o:fedoraproject:fedora:32" HOME_URL="https://fedoraproject.org/" DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f32/system-administrators-guide/" SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help" BUG_REPORT_URL="https://bugzilla.redhat.com/" REDHAT_BUGZILLA_PRODUCT="Fedora" REDHAT_BUGZILLA_PRODUCT_VERSION=32 REDHAT_SUPPORT_PRODUCT="Fedora" REDHAT_SUPPORT_PRODUCT_VERSION=32 PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy" VARIANT="Server Edition" VARIANT_ID=server Fedora release 32 (Thirty Two) Fedora release 32 (Thirty Two)


**Output of `uname -a`:**

Linux tkdockery 5.6.8-300.fc32.x86_64 #1 SMP Wed Apr 29 19:01:34 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux


**Output of `cat /etc/containers/storage.conf`:**

This file is is the configuration file for all tools

that use the containers/storage library.

See man 5 containers-storage.conf for more information

The "container storage" table contains all of the server options.

[storage]

Default Storage Driver

driver = "overlay"

Temporary storage location

runroot = "/var/run/containers/storage"

Primary Read/Write location of container storage

graphroot = "/var/lib/containers/storage"

[storage.options]

Storage options to be passed to underlying storage drivers

AdditionalImageStores is used to pass paths to additional Read/Only image stores

Must be comma separated list.

additionalimagestores = [ ]

Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of

a container, to the UIDs/GIDs as they should appear outside of the container,

and the length of the range of UIDs/GIDs. Additional mapped sets can be

listed and will be heeded by libraries, but there are limits to the number of

mappings which the kernel will allow when you later attempt to run a

container.

#

remap-uids = 0:1668442479:65536

remap-gids = 0:1668442479:65536

Remap-User/Group is a user name which can be used to look up one or more UID/GID

ranges in the /etc/subuid or /etc/subgid file. Mappings are set up starting

with an in-container ID of 0 and then a host-level ID taken from the lowest

range that matches the specified name, and using the length of that range.

Additional ranges are then assigned, using the ranges which specify the

lowest host-level IDs first, to the lowest not-yet-mapped in-container ID,

until all of the entries have been used for maps.

#

remap-user = "storage"

remap-group = "storage"

[storage.options.overlay]

ignore_chown_errors can be set to allow a non privileged user running with

a single UID within a user namespace to run containers. The user can pull

and use any image even those with multiple uids. Note multiple UIDs will be

squashed down to the default uid in the container. These images will have no

separation between the users in the container. Only supported for the overlay

and vfs drivers.

ignore_chown_errors = false

Path to an helper program to use for mounting the file system instead of mounting it

directly.

mount_program = "/usr/bin/fuse-overlayfs"

mountopt specifies comma separated list of extra mount options

mountopt = "nodev,metacopy=on"

Size is used to set a maximum size of the container image.

size = ""

[storage.options.thinpool]

Storage Options for thinpool

autoextend_percent determines the amount by which pool needs to be

grown. This is specified in terms of % of pool size. So a value of 20 means

that when threshold is hit, pool will be grown by 20% of existing

pool size.

autoextend_percent = "20"

autoextend_threshold determines the pool extension threshold in terms

of percentage of pool size. For example, if threshold is 60, that means when

pool is 60% full, threshold has been hit.

autoextend_threshold = "80"

basesize specifies the size to use when creating the base device, which

limits the size of images and containers.

basesize = "10G"

blocksize specifies a custom blocksize to use for the thin pool.

blocksize="64k"

directlvm_device specifies a custom block storage device to use for the

thin pool. Required if you setup devicemapper.

directlvm_device = ""

directlvm_device_force wipes device even if device already has a filesystem.

directlvm_device_force = "True"

fs specifies the filesystem type to use for the base device.

fs="xfs"

log_level sets the log level of devicemapper.

0: LogLevelSuppress 0 (Default)

2: LogLevelFatal

3: LogLevelErr

4: LogLevelWarn

5: LogLevelNotice

6: LogLevelInfo

7: LogLevelDebug

log_level = "7"

min_free_space specifies the min free space percent in a thin pool require for

new device creation to succeed. Valid values are from 0% - 99%.

Value 0% disables

min_free_space = "10%"

mkfsarg specifies extra mkfs arguments to be used when creating the base.

device.

mkfsarg = ""

Size is used to set a maximum size of the container image.

size = ""

use_deferred_removal marks devicemapper block device for deferred removal.

If the thinpool is in use when the driver attempts to remove it, the driver

tells the kernel to remove it as soon as possible. Note this does not free

up the disk space, use deferred deletion to fully remove the thinpool.

use_deferred_removal = "True"

use_deferred_deletion marks thinpool device for deferred deletion.

If the device is busy when the driver attempts to delete it, the driver

will attempt to delete device every 30 seconds until successful.

If the program using the driver exits, the driver will continue attempting

to cleanup the next time the driver is used. Deferred deletion permanently

deletes the device and all data stored in device will be lost.

use_deferred_deletion = "True"

xfs_nospace_max_retries specifies the maximum number of retries XFS should

attempt to complete IO when ENOSPC (no space) error is returned by

underlying storage device.

xfs_nospace_max_retries = "0"

tachoknight commented 4 years ago

Adding an additional line:

ARG WEBROOT="$WEBROOT/$FOO"

makes it work, but this is not my Dockerfile so changing it isn't really an option.

TomSweeneyRedHat commented 4 years ago

@tachoknight thanks for the report. I think this may be related to https://github.com/containers/buildah/issues/2323.

TomSweeneyRedHat commented 4 years ago

Scratch #2323, likely related to #2192

TomSweeneyRedHat commented 4 years ago

@tachoknight unfortunately the other PR did not fix this issue. While testing with this further today, I found what's happening. The issue is you have an ARG named WEBROOT and the ENV variable named WEBROOT. That should be handled appropriately, but it is not at the moment. As a test, could you rename your ARG to WEBROOT1 and see if that works for you?

tachoknight commented 4 years ago

@TomSweeneyRedHat That does seem to work:

STEP 1: FROM centos:8
STEP 2: ARG FOO=bar
--> de575c3c4d1
STEP 3: ARG WEBROOT1=https://example.org/
--> 6c5acd1dd30
STEP 4: ARG WEBROOT1="$WEBROOT1/$FOO"
--> 394293fe2d0
STEP 5: ENV WEBROOT="$WEBROOT1"
--> 6f7a6363492
STEP 6: RUN echo "${WEBROOT}/latest-build.yml"
https://example.org//bar/latest-build.yml
STEP 7: COMMIT nothing:nothing
--> ea80b81fd49

where I modified the Dockerfile to look like:

FROM centos:8
ARG FOO=bar
ARG WEBROOT1=https://example.org/
ARG WEBROOT1="$WEBROOT1/$FOO"

ENV WEBROOT="$WEBROOT1"

RUN echo "${WEBROOT}/latest-build.yml"

TomSweeneyRedHat commented 4 years ago

@tachoknight TYVM for the test and results. I'm glad that works for you too. I ran into unrelated issues last night on my test machine, hope to dig further through the ENV/ARG handling code there later today. I've a suspicion of where the issue is, but haven't been able to test it out yet.

rhatdan commented 4 years ago

It looks like this is fixed in upstream. Reopen if I am mistaken.

containers / buildah

Podman doesn't pass ARG to ENV #2345

This file is is the configuration file for all tools

that use the containers/storage library.

See man 5 containers-storage.conf for more information

The "container storage" table contains all of the server options.

Default Storage Driver

Temporary storage location

Primary Read/Write location of container storage

Storage options to be passed to underlying storage drivers

AdditionalImageStores is used to pass paths to additional Read/Only image stores

Must be comma separated list.

Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of

a container, to the UIDs/GIDs as they should appear outside of the container,

and the length of the range of UIDs/GIDs. Additional mapped sets can be

listed and will be heeded by libraries, but there are limits to the number of

mappings which the kernel will allow when you later attempt to run a

container.

remap-uids = 0:1668442479:65536

remap-gids = 0:1668442479:65536

Remap-User/Group is a user name which can be used to look up one or more UID/GID

ranges in the /etc/subuid or /etc/subgid file. Mappings are set up starting

with an in-container ID of 0 and then a host-level ID taken from the lowest

range that matches the specified name, and using the length of that range.

Additional ranges are then assigned, using the ranges which specify the

lowest host-level IDs first, to the lowest not-yet-mapped in-container ID,

until all of the entries have been used for maps.

remap-user = "storage"

remap-group = "storage"

ignore_chown_errors can be set to allow a non privileged user running with

a single UID within a user namespace to run containers. The user can pull

and use any image even those with multiple uids. Note multiple UIDs will be

squashed down to the default uid in the container. These images will have no

separation between the users in the container. Only supported for the overlay

and vfs drivers.

ignore_chown_errors = false

Path to an helper program to use for mounting the file system instead of mounting it

directly.

mount_program = "/usr/bin/fuse-overlayfs"

mountopt specifies comma separated list of extra mount options

Size is used to set a maximum size of the container image.

size = ""

Storage Options for thinpool

autoextend_percent determines the amount by which pool needs to be

grown. This is specified in terms of % of pool size. So a value of 20 means

that when threshold is hit, pool will be grown by 20% of existing

pool size.

autoextend_percent = "20"

autoextend_threshold determines the pool extension threshold in terms

of percentage of pool size. For example, if threshold is 60, that means when

pool is 60% full, threshold has been hit.

autoextend_threshold = "80"

basesize specifies the size to use when creating the base device, which

limits the size of images and containers.

basesize = "10G"

blocksize specifies a custom blocksize to use for the thin pool.

blocksize="64k"

directlvm_device specifies a custom block storage device to use for the

thin pool. Required if you setup devicemapper.

directlvm_device = ""

directlvm_device_force wipes device even if device already has a filesystem.

directlvm_device_force = "True"

fs specifies the filesystem type to use for the base device.

fs="xfs"

log_level sets the log level of devicemapper.

0: LogLevelSuppress 0 (Default)

2: LogLevelFatal

3: LogLevelErr

4: LogLevelWarn

5: LogLevelNotice

6: LogLevelInfo

7: LogLevelDebug

log_level = "7"

min_free_space specifies the min free space percent in a thin pool require for

new device creation to succeed. Valid values are from 0% - 99%.

Value 0% disables

min_free_space = "10%"

mkfsarg specifies extra mkfs arguments to be used when creating the base.

device.

mkfsarg = ""