Open laversa opened 3 years ago
Yes, I want this feature
I have the same problem. Please help to fix this issue.
I install img
inside a container in Kubernetes
WARN[0000] Process sandbox is not available, consider unmasking procfs:
WARN[0000] using host network as the default
[+] Building 0.0s (2/2) FINISHED
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 32B 0.0s
Error: failed to solve: failed to solve with frontend dockerfile.v0: failed to read dockerfile: failed to mount /tmp/buildkit-mount4015711986: [{Type:bind Source:/root/.local/share/img/runc/native/snapshots/snapshots/2 Options:[rbind ro]}]: operation not permitted
UPDATED: It is mentioned here, https://github.com/genuinetools/img/issues/115
I am not able to build images when enable security best practices to run the container with read-only root file system.
Using --read-only option to make root file system read-only get the following error
Using temporary file system --tmpfs /home/user/.local
Using volume --volume ${PWD}/.local:/home/user/.local
Using volume --volume ${PWD}/.local:/home/user/.local and --tmpfs /tmp
is it posible to use img build with read-only root file system restriction ?