search

oci-playground / freebsd-podman-testing

31 stars 4 forks source link

bug: image created "FROM scratch" is missing library #12

Open joh-ku opened 3 days ago

joh-ku commented 3 days ago

Playing around with the new OCI stack, I tried to port Vikunja to FreeBSD. I came up with the following Dockerfile:

# syntax=docker/dockerfile:1
FROM --platform=$BUILDPLATFORM quay.io/bergblume/freebsd:14.1 AS frontendbuilder

WORKDIR /build

ENV PNPM_CACHE_FOLDER=.cache/pnpm/
ENV PUPPETEER_SKIP_DOWNLOAD=true
ENV CYPRESS_INSTALL_BINARY=0

COPY frontend/ ./

RUN env ASSUME_ALWAYS_YES=YES pkg bootstrap && pkg update
RUN pkg install -y sentry-cli node20
RUN corepack enable && pnpm install && pnpm run build

FROM --platform=$BUILDPLATFORM quay.io/bergblume/freebsd:14.1 AS apibuilder

RUN fetch https://go.dev/dl/go1.23.1.freebsd-amd64.tar.gz -o /tmp/go.tar.gz
RUN rm -rf /usr/local/go && tar -C /usr/local -xzf /tmp/go.tar.gz
ENV PATH=$PATH:/usr/local/go/bin
RUN go install github.com/magefile/mage@latest

RUN env ASSUME_ALWAYS_YES=YES pkg bootstrap && pkg update
RUN pkg install -y git

WORKDIR /go/src/code.vikunja.io/api
COPY . ./
COPY --from=frontendbuilder /build/dist ./frontend/dist

ARG TARGETOS TARGETARCH TARGETVARIANT

ENV GOPROXY=https://goproxy.kolaente.de
RUN export PATH=$PATH:/go/bin && \
        mage build:clean && \
        mage build

#  ┬─┐┬ ┐┌┐┐┌┐┐┬─┐┬─┐
#  │┬┘│ │││││││├─ │┬┘
#  ┘└┘┘─┘┘└┘┘└┘┴─┘┘└┘

# The actual image
FROM scratch

LABEL org.opencontainers.image.authors='maintainers@vikunja.io'
LABEL org.opencontainers.image.url='https://vikunja.io'
LABEL org.opencontainers.image.documentation='https://vikunja.io/docs'
LABEL org.opencontainers.image.source='https://code.vikunja.io/vikunja'
LABEL org.opencontainers.image.licenses='AGPLv3'
LABEL org.opencontainers.image.title='Vikunja'

WORKDIR /app/vikunja
ENTRYPOINT [ "/app/vikunja/vikunja" ]
EXPOSE 3456

ENV VIKUNJA_SERVICE_ROOTPATH=/app/vikunja/
ENV VIKUNJA_DATABASE_PATH=/db/vikunja.db

COPY --from=apibuilder /go/src/code.vikunja.io/api/vikunja vikunja

The final image is built FROM scratch. While Buildah successfully builds the above image, it's not possible to run it, as it'll exit with code 134. The log indicates a missing library:

[root@freebsdtest ~/vikunja]# podman run -dt --name vikunja_scratch -p 3456:3456 -v /var/db/vikunja/files:/app/vikunja/files -v /var/db/vikunja/db:/db vikunja:scratch
[root@freebsdtest ~/vikunja]# podman container ls -l
CONTAINER ID  IMAGE                      COMMAND     CREATED        STATUS                      PORTS                             NAMES
a437f2fb6387  localhost/vikunja:scratch              5 minutes ago  Exited (134) 5 minutes ago  0.0.0.0:3456->3456/tcp, 3456/tcp  vikunja_scratch
[root@freebsdtest ~/vikunja]# podman logs vikunja_scratch
ELF interpreter /libexec/ld-elf.so.1 not found, error 2

When using a base image like quay.io/bergblume/freebsd:14.1 instead of scratch, the image will run without error. Seems like an edge case. I'm not sure how to handle FROM scratch correctly.

dfr commented 3 days ago

The scratch image is completely empty and it seem like your workload assumes that some of the dynamic linking infrastructure is present - e.g. /libexec/ld-elf.so.1. You can either re-link the workload to avoid dynamic linking (e.g. using something like clang -static) or replace scratch with an image which contains the dynamic linking stuff - quay.io/dougrabson/freebsd14.0-static:latest should work.