search

pulumi / pulumi-docker-build

A Pulumi native provider for Docker
Apache License 2.0
6 stars 2 forks source link

Custom Dockerfile syntax is not supported? #300

Open akramarev opened 3 days ago

akramarev commented 3 days ago

What happened?

I'm trying to use @pulumi/docker-build provider to build this Dockerfile:

# syntax=docker.io/docker/dockerfile:1.7-labs
FROM public.ecr.aws/docker/library/node:22-alpine AS base

WORKDIR /app
COPY --parents ./package.json ./package-lock.json ./apps/*/package.json ./packages/*/package.json ./

However when I run pulumi up I get this error:

Diagnostics:
  docker-build:index:Image (dev-api-app):
    error: docker-build:index:Image resource 'dev-api-app': property dockerfile.location value {<nil>} has a problem: dockerfile parse error on line 7: unknown flag: parents

My attempts to provide synax through build arguments failed as well - same error:

buildArgs: {
        ...buildArgs,
        BUILDKIT_SYNTAX: 'docker.io/docker/dockerfile:1.11.1-labs',
      },

Is there a way to support custom docker syntax and specifically COPY --parents flag?

Example

See above

Output of pulumi about

CLI
Version      3.133.0
Go Version   go1.23.1
Go Compiler  gc

Plugins
KIND      NAME    VERSION
language  nodejs  unknown

Host
OS       darwin
Version  15.1
Arch     arm64

This project is written in nodejs: executable='/opt/homebrew/bin/node' version='v22.6.0'

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

blampe commented 1 day ago

@akramarev as part of our validation checks we attempt to parse the Dockerfile for syntactic correctness, and it does seem we only understand the built-in syntax. At first glance I'm not sure how to best support this. At a minimum we could try to detect exotic syntax and disable this validation in those cases.

akramarev commented 1 day ago

I hear you @blampe. There are not that many docker parser directives, so it shouldn't be a problem to detect them and disable additional validation.

But out of curiosity (and without looking into the code), why does @pulumi/docker-build provider validate the syntax additionally, why not just delegate it to BuildKit entirely?