search

moby / buildkit

concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
https://github.com/moby/moby/issues/34227
Apache License 2.0
8.22k stars 1.16k forks source link

bind mount in RUN doesn't work when source is not in build context #940

Open tbeadle opened 5 years ago

tbeadle commented 5 years ago

If I have the following Dockerfile:

#syntax=docker/dockerfile:experimental
FROM alpine:3.7

COPY . /app
WORKDIR /app
RUN --mount=type=bind,source=.git,target=/app/.git \
        ls -a /app/

and the following .dockerignore file:

.git/

When I try to build the image, I get this:

laptop [~/buildkit-bug]$ docker build -t buildkit-bug .
[+] Building 2.0s (10/10) FINISHED                                                                                                                                                                                                                                               
 => [internal] load .dockerignore                                                                                                                                                                                                                                           0.0s
 => => transferring context: 34B                                                                                                                                                                                                                                            0.0s
 => [internal] load build definition from Dockerfile                                                                                                                                                                                                                        0.0s
 => => transferring dockerfile: 192B                                                                                                                                                                                                                                        0.0s
 => resolve image config for docker.io/docker/dockerfile:experimental                                                                                                                                                                                                       0.4s
 => CACHED docker-image://docker.io/docker/dockerfile:experimental@sha256:cbd6491240cc8894d25e366ba83da19df1187f975dc3a5c2f88ce888ca696174                                                                                                                                  0.0s
 => [internal] load metadata for docker.io/library/alpine:3.7                                                                                                                                                                                                               0.0s
 => [1/3] FROM docker.io/library/alpine:3.7                                                                                                                                                                                                                                 0.0s
 => => resolve docker.io/library/alpine:3.7                                                                                                                                                                                                                                 0.0s
 => CACHED [internal] helper image for file operations                                                                                                                                                                                                                      0.0s
 => [internal] load build context                                                                                                                                                                                                                                           1.0s
 => => transferring context: 265B                                                                                                                                                                                                                                           1.0s
 => [2/3] COPY . /app                                                                                                                                                                                                                                                       0.2s
 => ERROR [3/3] RUN --mount=type=bind,source=.git,target=/app/.git  ls -a /app/                                                                                                                                                                                             0.0s
------
 > [3/3] RUN --mount=type=bind,source=.git,target=/app/.git     ls -a /app/:
------
rpc error: code = Unknown desc =  not found: not found

If I remove .git/ from the .dockerignore file, then the image is built successfully. My problem is that we have a large git repo and I don't want to copy the .git directory in to the build context and I don't want to include it with the rest of my source with a COPY . /app line, but I do want to be able to do git operations within the build, like generating version numbers from git tags and such. So I figured using RUN --mount=bind would be the solution, but it appears that you can only mount stuff that's been copied in to the build context (i.e. not in .dockerignore). Is there a solution to my problem?

tonistiigi commented 5 years ago

This is by design. type=bind mounts happen from the same files where COPY takes them and follow the dockerignore rules. If you want to avoid copying .git one way is to do the copy from a mount with cp or rsync and ignoring the .git directory while doing so.