Open jmcnulty-mosaic opened 3 years ago
muuki88
commented
3 years ago Thanks @jmcnulty-mosaic for the detailed issue :hugs:
If you don't need a special user you can deactivate this by adding
Docker / daemonUserUid := None,
Docker / daemonGroupGid := NoneIf you do require this feature then what's the equivalent call in the amazon corretto docker image?
jmcnulty-mosaic
commented
3 years ago Thanks muuki88 for the quick response. Looks like my build does need that user so I'll need to figure out the answer to your question. I'm finding contradictory info so far so I've got a ways to go. Amazon Corretto should be Debian and Debian allegedly has adduser. I say "should be" since I haven't connected all the dots yet from the corretto:11 Dockerfile to a debian distribution and the fact that adduser clearly isn't present raises some doubt. I'll update this ticket with what I find once I have verified the details myself.
solarmosaic-kflorence
commented
3 years ago amazoncorretto:11 is based on the Amazon Linux 2 image, which doesn't seem to have adduser by default: https://github.com/amazonlinux/container-images/issues/28
I can work around this with:
dockerBaseImage := "amazoncorretto:11",
dockerCommands := {
val commands = dockerCommands.value
val index = commands.indexWhere {
case Cmd("RUN", args @ _*) => args.contains("demiourgos728")
case _ => false
}
commands.patch(index, Seq(ExecCmd("RUN", "yum", "-y", "install", "shadow-utils")), 0)
},This will install the required dependencies before the adduser command is used:
[info] * Cmd(FROM,WrappedArray(amazoncorretto:11, as, stage0))
[info] * Cmd(LABEL,WrappedArray(snp-multi-stage="intermediate"))
[info] * Cmd(LABEL,WrappedArray(snp-multi-stage-id="a06a43ee-1963-4956-83f0-39dc0e6145d4"))
[info] * Cmd(WORKDIR,WrappedArray(/opt/docker))
[info] * Cmd(COPY,WrappedArray(opt /opt))
[info] * Cmd(USER,WrappedArray(root))
[info] * ExecCmd(RUN,List(chmod, -R, u=rX,g=rX, /opt/docker))
[info] * ExecCmd(RUN,List(chmod, u+x,g+x, /opt/docker/bin/application))
[info] * DockerStageBreak
[info] * Cmd(FROM,WrappedArray(amazoncorretto:11))
[info] * Cmd(USER,WrappedArray(root))
[info] * ExecCmd(RUN,WrappedArray(yum, -y, install, shadow-utils))
[info] * Cmd(RUN,List(id, -u, demiourgos728, 1>/dev/null, 2>&1, ||, ((, getent, group, 0, 1>/dev/null, 2>&1, ||, (, type, groupadd, 1>/dev/null, 2>&1, &&, groupadd, -g, 0, root, ||, addgroup, -g, 0, -S, root, )), &&, (, type, useradd, 1>/dev/null, 2>&1, &&, useradd, --system, --create-home, --uid, 1001, --gid, 0, demiourgos728, ||, adduser, -S, -u, 1001, -G, root, demiourgos728, ))))
[info] * Cmd(WORKDIR,WrappedArray(/opt/docker))
[info] * Cmd(COPY,WrappedArray(--from=stage0 --chown=demiourgos728:root /opt/docker /opt/docker))
[info] * Cmd(EXPOSE,WrappedArray(9000))
[info] * Cmd(USER,WrappedArray(1001:0))
[info] * ExecCmd(ENTRYPOINT,List(/opt/docker/bin/application))
[info] * ExecCmd(CMD,List())But it does feel a bit messy.
solarmosaic-kflorence
commented
3 years ago Another workaround is to use amazoncorretto:11-alpine, which includes adduser already.
EDIT: although alpine does not include bash, which is causing other problems.
solarmosaic-kflorence
commented
3 years ago Another workaround:
daemonUserUid in Docker := None,
daemonUser in Docker := "daemon"Thanks for sharing everything you tried and worked.
Regarding the alpine / bash issue. There's an AshScriptPlugin that overrides the bash scripts and should work with alpine.
Expected behaviour
Latest version of sbt-native-packager resolves this issue: https://github.com/sbt/sbt-native-packager/issues/1262 However I am still seeing this with the latest version of sbt-native-packager 1.7.6 when I
sbt docker:publishLocalThis happened after I updated my base image to amazoncorretto:11. This was the only change in the project.Actual behaviour
sbt docker:publishfailsInformation
, my project/plugins.sbt:
addSbtPlugin("com.typesafe.sbt" % "sbt-native-packager" % "1.7.6")The native packager settings that I added to my project:
dockerBaseImage := "amazoncorretto:11"My build error:
rpm --version)