open /certs/client/ca.pem: no such file or directory

[peratik]

unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory
Exception ignored in: <_io.TextIOWrapper name='<stdout>' mode='w' encoding='ascii'>
BrokenPipeError: [Errno 32] Broken pipe
unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory
unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory
unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory

[jansauer]

This is the place where GitLab CI places the certs for accessing the docker service. @peratik How do you tried using this image?

[jansauer]

@peratik without more feedback I will need to close this issue. I thankful for you reaching out but I need to understand the problem.

[jansauer]

Closed due to no response.

[bryzgaloff]

I have encountered the same issue using your image within my .gitlab-ci.yml configuration. Complete configuration:

image: jansauer/dockercli-plus-awscli

services:
  - docker:20.10.12-dind

variables:
  REPO_NAME: my-repo-name

build-publish-dev:
  except:
    - tags
    - master
  before_script:
    - REGISTRY_URL="${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"
    - |-
      aws ecr get-login-password --region eu-central-1 \
        | docker login --username AWS --password-stdin "${REGISTRY_URL}"
    - ENV=dev
    - IMAGE_NAME="${REGISTRY_URL}/${REPO_NAME}-${ENV}:${CI_COMMIT_REF_NAME}"
    - docker build -t "${IMAGE_NAME}" .
    - docker push "${IMAGE_NAME}"

Gitlab CI log related to running your container (I have removed dind-service-related log part):

Pulling docker image jansauer/dockercli-plus-awscli ...
Using docker image sha256:ea6b53c6c53f9d8054920c82841d585d08cf2de242e94db820e0a969aad50706 for jansauer/dockercli-plus-awscli with digest jansauer/dockercli-plus-awscli@sha256:e0120117806ea741a3a0b5fd6ace5a16e2b386fa13b88b6bb27ce2697d6d26db ...
Preparing environment
00:02
Running on runner-jlguopmm-project-32288700-concurrent-0 via runner-jlguopmm-shared-1640267140-6945721e...
Getting source from Git repository
00:02
$ eval "$CI_PRE_CLONE_SCRIPT"
Fetching changes with git depth set to 50...
Initialized empty Git repository in /builds/mentorshow/data_projects/airflow-workflows-units/.git/
Created fresh repository.
Checking out b9fd0cc7 as gitlab-ci-ecr...
Skipping Git submodules setup
Executing "step_script" stage of the job script
00:02
Using docker image sha256:ea6b53c6c53f9d8054920c82841d585d08cf2de242e94db820e0a969aad50706 for jansauer/dockercli-plus-awscli with digest jansauer/dockercli-plus-awscli@sha256:e0120117806ea741a3a0b5fd6ace5a16e2b386fa13b88b6bb27ce2697d6d26db ...
$ ENV=dev
$ REGISTRY_URL="${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"
$ aws ecr get-login-password --region eu-central-1 \ # collapsed multi-line command
unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory
Exception ignored in: <_io.TextIOWrapper name='<stdout>' mode='w' encoding='ascii'>
BrokenPipeError: [Errno 32] Broken pipe
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit code 1

Running on public shared runners.

[bryzgaloff]

Hmmm, looks like this is a problem of Gitlab itself: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27384

Here is a solution: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27384#note_520701742

Wait for docker to be up:

before_script:
- until docker info; do sleep 1; done

I also recommend adding a reasonable timeout (this checks should not add more than extra 30 seconds to your job): https://docs.gitlab.com/ee/ci/yaml/index.html#timeout

[bryzgaloff]

However, this ☝️ did not help me :( And the problem seems to be with your package only. Regular docker image: docker:20.10.12 works fine. So I have to revert back to installing awscli manually :(

Please try to fix it and I may help you to test it on my case once you are done.