search

containers / buildah

A tool that facilitates building OCI images.
https://buildah.io
Apache License 2.0
7.28k stars 769 forks source link

Buildah does not accept anonymous volumes #5167

Open deliciouslytyped opened 10 months ago

deliciouslytyped commented 10 months ago

Buildah version 1.32.1 Usecase is container nesting, issues like: 

Error: writing blob: adding layer with blob "sha256:87579ac672ec5928830c3d44e850f826a545df026931d3436209a8858602aec7": processing tar file(open /etc/ca-certificates/.wh..wh..opq: invalid argument): exit status 1

So I don't need to refer to the volume elsewhere.

Though in my case this wasn't fatal because it was trying to pull from the docker side instead of the podman side. (sidenote: Is there any way to turn this off? It should only be trying to use podman.

Tags "myimage:latest, myimage:myhash" found in Podman image storage
🔍 Checking if "myimage:latest, myimage:myhash" present in the local Docker image storage
::group::/nix/var/nix/profiles/default/bin/podman --root /tmp/podman-from-docker-yarU9O pull docker-daemon:myimage:latest

) I read in some other issue that this is (IIRC) an overlay-on-overlay problem or something, I'm not sure. Anyway;

Not supporting anonymous volumes:

::error::Error: buildah exited with code 125%0AError: validating volumes: incorrect volume format "/var/lib/containers", should be host-dir:ctr-dir[:option]%0A
deliciouslytyped commented 10 months ago

Ok, well, I rechecked the output and mounting that directory doesn't actually seem to have fixed the issue, so either I'm not mounting it in the correct place, or it's not the problem.

flouthoc commented 9 months ago

@deliciouslytyped You are correct, buildah's --volume does not accept podman's anonymous volumes. You will need to provide --volume to buildah in format of --volume <absolute-path-on-host>:<path-on-container>:<volume-options> ( see: https://github.com/containers/buildah/blob/main/docs/buildah-build.1.md )

Inorder to get absolute path of an anonymous volume of podman do podman volume inspect <volume-name> and get path from Mountpoint field of the inspect output.

deliciouslytyped commented 9 months ago

Does that make sense for my usecase? The whole point of my usecase would be that I want a volume to be created without having to worry about where. Is the issue that buildah may not have any mechanisms for volume creation?

flouthoc commented 9 months ago

@deliciouslytyped Unfortunately, buildah as-of now is not as advanced as podman it cannot manage/create/access volumes created by podman. I'd like to suggest this as a feature request for podman. Once implemented there you can use podman build ... where feature must allow mounting anonymous volumes inside build-container and not use buildah but podman build for your use-case. WDYT ?

Also could you explain your use-case a bit so maintainers can suggest a solution for this ?

Let me tag @containers/buildah-maintainers to see if I am missing anything.

rhatdan commented 9 months ago

Is this a discrepancy between Docker and Podman? Does Docker support anonymous volumes for build?

deliciouslytyped commented 9 months ago

Oh, OK. I was never really clear on the difference between podman build and buildah. I'm only using buildah because there was a github action for it.

I don't know about the situation docker currently and I don't have time to look into it right now.