Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

COPY --chown fails image build with unknown user #1603

Open
chris-asl opened this issue Mar 20, 2021 · 2 comments
Open

COPY --chown fails image build with unknown user #1603

chris-asl opened this issue Mar 20, 2021 · 2 comments
Labels
categorized cmd/user differs-from-docker issue/chown issue/unknown-user issue/USER works-with-docker

Comments

@chris-asl
Copy link

chris-asl commented Mar 20, 2021
edited
Loading

Actual behavior
Building a Docker image containing a COPY directive using --chown fails the build with

...
INFO[0036] COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ 
error building image: error building stage: failed to execute command: getting user group from chown: user: unknown user 1001

I've created a repository as a minimal, complete and verifiable example which reproduces the problem I've noticed on GitLab CI, here
https://github.com/chris-asl/quarkus-dummy-project

It seems to be related with #477 and #1456, which are both closed due to no reproducibility.
@tejal29 In the provided MCVE, I can reproduce the error that's happening both on GitLab CI and my local workstation.
Please let me know if you need more information.

Expected behavior
The build of the image should succeed, copying the files inside the container layer, with the appropriate user id.

To Reproduce
Steps to reproduce the behavior:

  1. git clone https://github.com/chris-asl/quarkus-dummy-project
  2. cd quarkus-dummy-project
  3. ./mvnw clean package
  4.  docker run \
 -v "/path/to/quarkus-dummy-project":/workspace \
 gcr.io/kaniko-project/executor:v1.5.1-debug \
 --dockerfile "src/main/docker/Dockerfile.jvm" \
 --context dir:///workspace/ \
 --no-push

Additional Information

Triage Notes for the Maintainers

Description Yes/No
Please check if this a new feature you are proposing
Please check if the build works in docker but not in kaniko
Please check if this error is seen when you use --cache flag
Please check if your dockerfile is a multistage dockerfile
@chris-asl chris-asl changed the title COPY --chown fails image build for unknown user COPY --chown fails image build with unknown user Mar 20, 2021
@masini
Copy link

masini commented Mar 26, 2021

We have the same issue.

The problem is in the USER 1001 used inside Dockefile generated by Quarkus site.

I asked a Red Hat engineering and she said is ok because:

  1. They don't want to use root
  2. OpenShift randomize the user running the container, so every number is ok, but not root

Is this a bug or a wanted behaviour ?

@lenalebt
Copy link

lenalebt commented Jul 6, 2021

Just in case someone else stumbles upon this and wants a workaround: The package that contains useradd is called shadow-utils for the Dcokerfile.jvm that is generated by quarkus to be able to then add the user. Took me a while to find this out.

But I'd rather want kaniko to just function the same way docker does - simply accepting that the user id does not exist and carry on...

@xasx xasx mentioned this issue Aug 26, 2021
Open
@hurzelpurzel hurzelpurzel mentioned this issue Sep 19, 2021
Closed
10 tasks
@JeromeJu JeromeJu mentioned this issue Feb 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
categorized cmd/user differs-from-docker issue/chown issue/unknown-user issue/USER works-with-docker
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lenalebt @aaron-prindle @masini @chris-asl