search

dokku / ansible-dokku

Ansible modules for installing and configuring Dokku
MIT License
156 stars 44 forks source link

CI: `verify` stage fails #154

Closed ltalirz closed 8 months ago

ltalirz commented 1 year ago

The role runs through fine on CI, but when creating a new app at the verify stage https://github.com/dokku/ansible-dokku/blob/b40149b89bc7a33944f952d1c4e257755516243c/molecule/default/verify.yml#L43-L46

we get the error:

error during container init: error reopening /dev/null inside container: open /dev/null: operation not permitted: unknown.\\n !

Full context:

  TASK [clone example-app] *******************************************************
  fatal: [instance]: FAILED! => {"changed": false, "meta": {"error": "b'-----> Cloning example-app from https://github.com/heroku/node-js-getting-started#b10a4d7a20a6bbe49655769c526a2b424e0e5d0b\\n\\x1b[1G-----> Cleaning up...\\n\\x1b[1G-----> Building example-app from herokuish\\ndocker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error reopening /dev/null inside container: open /dev/null: operation not permitted: unknown.\\n !     Failure extracting app code\\n !     Removing invalid image tag dokku/example-app:latest\\n !     App build failed\\n'", "present": true}, "msg": "b'-----> Cloning example-app from https://github.com/heroku/node-js-getting-started#b10a4d7a20a6bbe49655769c526a2b424e0e5d0b\\n\\x1b[1G-----> Cleaning up...\\n\\x1b[1G-----> Building example-app from herokuish\\ndocker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error reopening /dev/null inside container: open /dev/null: operation not permitted: unknown.\\n !     Failure extracting app code\\n !     Removing invalid image tag dokku/example-app:latest\\n !     App build failed\\n'"}

It seems to me like dokku_app makes an assumption about the docker setup that is currently not fulfilled in the docker environment created by molecule?

@josegonzalez have you seen this before?

ltalirz commented 1 year ago

Possibly related: https://github.com/opencontainers/runc/issues/2204 , fixed by https://github.com/opencontainers/runc/pull/2391 for cgroups v1, but

A similar issue affects the cgroupv2 devices setup, but that is a topic for another time (as the solution is drastically different).

josegonzalez commented 1 year ago

No, seems weird. Sounds like a docker issue?

Niicck commented 9 months ago

Alright, I think I got all the CI bugs worked out.