search

getporter / porter

Porter enables you to package your application artifact, client tools, configuration and deployment logic together as an installer that you can distribute, and install with a single command.
https://porter.sh
Apache License 2.0
1.23k stars 206 forks source link

Toggle buildkit features in porter.yaml #1268

Closed BastienM closed 3 years ago

BastienM commented 4 years ago

Is your feature request related to a problem? Please describe. Porter build fails when using the terraform mixin with git-based modules.

Starting Invocation Image Build =======> 
Error: unable to build CNAB invocation image: failed to stream docker build output: The command '/bin/sh -c cd /cnab/app/terraform && terraform init -backend=false' returned a non-zero code: 1

Using the --debug flag clearly shows:

Error: Failed to download module         

Could not download module "app" (main.tf:248) source code from
"git::ssh://git@my.gitlab.com/terraform-modules/app?ref=v1.0.0":
error downloading
'ssh://git@my.gitlab.com/terraform-modules/app?ref=v1.0.0':
/usr/bin/git exited with 128: Cloning into
'.terraform/modules/app'...
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Describe the solution you'd like

Quick and dirt solution

Execute terraform init before porter build.

More elaborated solution

Add a toggle to allow Porter (and mixins) to enable buildkit features on demand, i.e

name: my-cnab
version: 0.1.0

mixins:
  - terraform:
      clientVersion: 0.12.24
      sshAgentForwarding: true

The mixin would then be instructed to use --mount=type=ssh when generating its Dockerfile instructions, i.e

RUN --mount=type=ssh /usr/bin/terraform init -backend=false

Describe alternatives you've considered Circumvented the build issue by directly create my own Dockerfile. (not tested a 100%)

Here is a Dockerfile sample:

# syntax=docker/dockerfile:experimental

FROM alpine:3.12

ARG BUNDLE_DIR
ENV TERRAFORM_VERSION=0.12.24

RUN apk add --update-cache --no-cache ca-certificates openssh-client git
RUN mkdir -p -m 0600 /root/.ssh && ssh-keyscan my.gitlab.com >> /root/.ssh/known_hosts

RUN wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/bin

COPY . $BUNDLE_DIR

RUN --mount=type=ssh  cd /cnab/app/terraform && terraform init -backend=false

COPY . $BUNDLE_DIR
RUN rm -fr $BUNDLE_DIR/.cnab
COPY .cnab /cnab
COPY porter.yaml $BUNDLE_DIR/porter.yaml
WORKDIR $BUNDLE_DIR
CMD ["/cnab/app/run"]

Additional context

$ porter --version
porter v0.29.0 (5e7240cf)

$ porter mixins list
Name         Version         Author
arm          v0.8.1-beta.1   Porter Authors
aws          v0.3.1-beta.1   Porter Authors
az           v0.5.1-beta.1   Porter Authors
exec         v0.29.0         Porter Authors
gcloud       v0.4.1-beta.1   Porter Authors
helm         v0.13.2         Porter Authors
kubernetes   v0.28.1         Porter Authors
terraform    v0.6.0          Porter Authors
carolynvs commented 3 years ago

Thanks for the suggestion! Yes, we would like to get Porter using buildkit. There are new discussions about this idea, and related ones, at https://github.com/getporter/porter/discussions/1312.

BastienM commented 3 years ago

Thanks for letting me know @carolynvs. I'll monitor the discussion 👍

carolynvs commented 3 years ago

This has been implemented in the v1 branch. I will work this week to get an alpha build out for people to try.