Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Files from base not propagated to output container

See original GitHub issue

Description of the issue:

Running mvn compile jib:dockerBuild on https://github.com/TremoloSecurity/OpenUnison/blob/1.0.17/unison/myvirtualdirectory-server/pom.xml generates an image missing /licenses/LICENSE and /usr/local/myvd/bin/run_myvd.sh even though both files exist in the original base image. Whats really odd is that when the base image is built off of ubuntu this works great, but when it’s built off of red hat’s universal base image it doesn’t work.

Expected behavior:

both files should be present

Steps to reproduce:

Does NOT Work:

$ git clone https://github.com/TremoloSecurity/OpenUnison.git
$ cd OpenUnison
$ git checkout 1.0.17
$ cd unison/myvirtualdirectory-server/
$ export OU_CONTAINER_SOURCE=quay.io/tremolosecurity/myvirtualdirectory-base:latest
$ export OU_CONTAINER_DEST=docker.io/mlbiam/myvdtest
$ mvn package
$ mvn compile jib:dockerBuild
$ docker run -ti --entrypoint 'bash' docker.io/mlbiam/myvdtest
bash-4.2$ ls /usr/local/myvd/bin/
bash-4.2$

Works:

$ export OU_CONTAINER_SOURCE=tremolosecurity/myvd-jib-builder:latest
$ docker run -ti --entrypoint 'bash' docker.io/mlbiam/myvdtest
$ myvd@95b829523ccb:/$ ls /usr/local/myvd/bin/
run_myvd.sh
myvd@95b829523ccb:/$

Environment:

Apache Maven 3.5.4 (1edded0938998edf8bf061f1ceb3cfdeccf443fe; 2018-06-17T14:33:14-04:00)
Maven home: /usr/local/Cellar/maven/3.5.4/libexec
Java version: 1.8.0_181, vendor: Oracle Corporation, runtime: /Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "mac os x", version: "10.14.2", arch: "x86_64", family: "mac"

jib-maven-plugin Configuration:

<!--
    Copyright 2019 Tremolo Security, Inc.
   
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at
   
        http://www.apache.org/licenses/LICENSE-2.0
   
    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
 -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <parent>
    <groupId>com.tremolosecurity.unison</groupId>
    <artifactId>unison</artifactId>
    <version>1.0.17</version>
  </parent>
  <artifactId>myvirtualdirectory-server</artifactId>
  <name>myvirtualdirectory-server</name>
  <dependencies>
  <dependency>
  		<groupId>com.tremolosecurity.unison</groupId>
  		<artifactId>openunison-util-classes</artifactId>
  		<version>${openunison.version}</version>
  	</dependency>
  	<dependency>
  		<groupId>com.tremolosecurity.unison</groupId>
  		<artifactId>unison-server-core</artifactId>
  		<version>${openunison.version}</version>
  	</dependency>
  	<dependency>
			<groupId>org.yaml</groupId>
			<artifactId>snakeyaml</artifactId>
			<version>${snakeyaml.version}</version>
		</dependency>
		<dependency>
			<groupId>com.googlecode.json-simple</groupId>
			<artifactId>json-simple</artifactId>
			<version>${json-simple.version}</version>
		</dependency>
		<dependency>
			<groupId>com.tremolosecurity.myvd</groupId>
			<artifactId>apacheds-service</artifactId>
			<version>2.0.0-M20</version>
		</dependency>
  </dependencies>
  
  <build>
		<plugins>
			<plugin>
        <groupId>com.google.cloud.tools</groupId>
        <artifactId>jib-maven-plugin</artifactId>
        <version>1.0.2</version>
        <configuration>
          <from>
            <image>${env.OU_CONTAINER_SOURCE}</image>
            <auth>
              <username>${env.OU_SRC_REG_USER}</username>
              <password>${env.OU_SRC_REG_PASSWORD}</password>
            </auth> 
          </from> 
          <container>
            <user>431</user>
            <appRoot>/usr/local/myvd</appRoot>
            <entrypoint>/usr/local/myvd/bin/run_myvd.sh</entrypoint>
            <labels>
            	<name>MyVirtualDirectory</name>
            	<vendor>Tremolo Security, Inc.</vendor>
            	<version>1.0.6</version>
            	<release>latest</release>
            	<url>https://www.tremolosecurity.com/myvirtualdirectory/</url>
            	<summary>MyVirtualDirectory standard image.  You can use this image if you do not need any custom classes</summary>
            	<description>MyVirtualDirectory is an LDAP virtual directory and LDAP proxy</description>
            	<run>docker run -v /etc/myvd:/path/to/myvdsecrets -v /etc/myvd-config:/path/to/configs image</run>
            	<io.k8s.description>MyVirtualDirectory</io.k8s.description>
            	<io.k8s.display-name>MyVirtualDirectory</io.k8s.display-name>
            	<io.openshift.expose-services>10389:10636</io.openshift.expose-services>
            	<io.openshift.tags>ldap,virtual directory,identity management</io.openshift.tags>
            </labels>
          </container>
          <to>
            <image>${env.OU_CONTAINER_DEST}</image>
            <auth>
              <username>${env.OU_REG_USER}</username>
              <password>${env.OU_REG_PASSWORD}</password>
            </auth> 
            
          </to> 
        </configuration>
      </plugin>
        </plugins>
	</build>
</project>

Issue Analytics

State:
Created 4 years ago
Comments:9 (5 by maintainers)

Top GitHub Comments

1reaction

chanseokohcommented, Apr 15, 2019

I’ve got to the bottom of it. A V2.1 manifest JSON lists layers in reverse order. The V2.2 doc says

layers array

The layer list is ordered starting from the base image (opposite order of schema1).

So in V2.1 manifest, the first layer in the fsLayers list should be the most recent layer. This is a critical bug although should be trivial to fix.

0reactions

mlbiamcommented, Apr 17, 2019

confirmed, thanks for the quick fix (and great project)!

Top Results From Across the Web

Docker COPY not updating files when rebuilding container

This is because of cache. Run, docker-compose build --no-cache. This will rebuild images without using any cache. And then,

Bind mounts - Docker Documentation

When you use a bind mount, a file or directory on the host machine is mounted into a container. The file or directory...

Tutorial: Using Amazon EFS file systems with Amazon ECS ...

In the Container instance IAM role section, select the IAM role to use with your container instances. If your account has the ecsInstanceRole...

Podman - ArchWiki

See #Rootless Podman to set up running containers as a non-root user. ... files from being propagated to the rootless containers while the ......

Creating New Applications | OpenShift Container Platform 3.11

Any BuildConfig objects created as part of new-app processing will not be updated with environment variables passed via the -e|--env or --env-file argument....