Atlantis v0.18.1 Docker Builds do not run on ECS/Fargate ARM Graviton

[virgofx]

Summary

Using the latest Atlantis v0.18.1 docker builds result in errors when running on ARM ECS/Fargate. I tested using the following container image

ghcr.io/runatlantis/atlantis:latest@sha256:66d431df3cd1893175abf7133aeef96f9ab212a3c260daf8ef2a54042259f503

in ECS/Fargate that is set to run in ARM. This results in the following output:

standard_init_linux.go:228: exec user process caused: exec format error

Referenced ECS Task Definition (Sensitive values masked)

Task Definition

{
  "ipcMode": null,
  "executionRoleArn": "arn:aws:iam::XXXXXXXXXXX:role/ecs/ZZZZZZ-prod-atlantis-ecs-execution-role",
  "containerDefinitions": [
    {
      "dnsSearchDomains": null,
      "environmentFiles": null,
      "logConfiguration": {
        "logDriver": "awslogs",
        "secretOptions": null,
        "options": {
          "awslogs-group": "/ZZZZZZ/prod/ecs/atlantis",
          "awslogs-region": "us-east-1",
          "awslogs-stream-prefix": "atlantis"
        }
      },
      "entryPoint": null,
      "portMappings": [
        {
          "hostPort": 4141,
          "protocol": "tcp",
          "containerPort": 4141
        }
      ],
      "command": null,
      "linuxParameters": null,
      "cpu": 512,
      "environment": [
        {
          "name": "ATLANTIS_ATLANTIS_URL",
          "value": "XXXXXXXXXXXX"
        },
        {
          "name": "ATLANTIS_GH_USER",
          "value": "XXXXXXXXXXXX"
        },
        {
          "name": "ATLANTIS_HIDE_PREV_PLAN_COMMENTS",
          "value": "true"
        },
        {
          "name": "ATLANTIS_LOG_LEVEL",
          "value": "info"
        },
        {
          "name": "ATLANTIS_PARALLEL_POOL_SIZE",
          "value": "100"
        },
        {
          "name": "ATLANTIS_PORT",
          "value": "4141"
        },
        {
          "name": "ATLANTIS_REPO_ALLOWLIST",
          "value": "XXXXXXXXXXXX"
        },
        {
          "name": "ATLANTIS_REPO_CONFIG_JSON",
          "value": "XXXXXXXXXXXX"
        }
      ],
      "resourceRequirements": null,
      "ulimits": [],
      "dnsServers": null,
      "mountPoints": [],
      "workingDirectory": null,
      "secrets": [
        {
          "valueFrom": "arn:aws:ssm:us-east-1:XXXXXXXXXXXX:parameter/atlantis/prod/XXXXXXXXXXXX",
          "name": "XXXXXXXXXXXX"
        },
        {
          "valueFrom": "arn:aws:ssm:us-east-1:XXXXXXXXXXXX:parameter/atlantis/prod/XXXXXXXXXXXX",
          "name": "XXXXXXXXXXXX"
        },
        {
          "valueFrom": "arn:aws:ssm:us-east-1:XXXXXXXXXXXX:parameter/atlantis/prod/XXXXXXXXXXXX",
          "name": "XXXXXXXXXXXX"
        },
        {
          "valueFrom": "arn:aws:ssm:us-east-1:XXXXXXXXXXXX:parameter/atlantis/prod/XXXXXXXXXXXX",
          "name": "XXXXXXXXXXXX"
        },
        {
          "valueFrom": "arn:aws:ssm:us-east-1:XXXXXXXXXXXX:parameter/atlantis/prod/XXXXXXXXXXXX",
          "name": "XXXXXXXXXXXX"
        }
      ],
      "dockerSecurityOptions": null,
      "memory": 1024,
      "memoryReservation": 1024,
      "volumesFrom": [],
      "stopTimeout": 30,
      "image": "ghcr.io/runatlantis/atlantis:latest@sha256:66d431df3cd1893175abf7133aeef96f9ab212a3c260daf8ef2a54042259f503",
      "startTimeout": 30,
      "firelensConfiguration": null,
      "dependsOn": null,
      "disableNetworking": null,
      "interactive": null,
      "healthCheck": null,
      "essential": true,
      "links": null,
      "hostname": null,
      "extraHosts": null,
      "pseudoTerminal": null,
      "user": "atlantis",
      "readonlyRootFilesystem": false,
      "dockerLabels": {
        "org.opencontainers.image.title": "Atlantis",
        "org.opencontainers.image.url": "https://github.com/runatlantis/atlantis/pkgs/container/atlantis",
        "org.opencontainers.image.description": "A self-hosted golang application that listens for Terraform pull request events via webhooks."
      },
      "systemControls": null,
      "privileged": null,
      "name": "atlantis"
    }
  ],
  "placementConstraints": [],
  "memory": "1024",
  "taskRoleArn": "arn:aws:iam::XXXXXXXXXXXX:role/ecs/XXXXXXXXXXXX-prod-atlantis-ecs-task-role",
  "compatibilities": [
    "EC2",
    "FARGATE"
  ],
  "taskDefinitionArn": "arn:aws:ecs:us-east-1:XXXXXXXXXXXX:task-definition/XXXXXXXXXXXX-prod-atlantis-ecs-task-definition:67",
  "family": "XXXXXXXXXXXX-prod-atlantis-ecs-task-definition",
  "requiresAttributes": [
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.execution-role-awslogs"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.17"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.task-iam-role"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.container-ordering"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.secrets.ssm.environment-variables"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18"
    },
    {
      "targetId": null,
      "targetType": null,
      "value": null,
      "name": "ecs.capability.task-eni"
    }
  ],
  "pidMode": null,
  "requiresCompatibilities": [
    "FARGATE"
  ],
  "networkMode": "awsvpc",
  "runtimePlatform": {
    "operatingSystemFamily": "LINUX",
    "cpuArchitecture": "ARM64"
  },
  "cpu": "512",
  "revision": 67,
  "status": "ACTIVE",
  "inferenceAccelerators": null,
  "proxyConfiguration": null,
  "volumes": []
}

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

[nishkrishnan]

Are we good to close this?

[virgofx]

Let me test new version and confirm working.

[virgofx]

@nishkrishnan Was there a reason this should be closed?

The issue still exists. Reconfirmed and nothing in the 0.18.2 changelog suggests this has been fixed.

[virgofx]

@chenrui333 Any chance you'd be able to take a look at this?

[chenrui333]

@virgofx Have not spent enough time on this, but I am gonna bump the base image in this PR #2088, and see how it goes.

[Tenzer]

Thanks to your comment, @chenrui333, I realised the base image doesn't take different architectures into account. I have tried to fix that in #2099 which might be what is needed for getting the Docker image working correctly on ARM machines.

[virgofx]

Thank you so much! Looking forward to trying this soon as as the next release is cut !

[chenrui333]

Unfortunately, it did not quite work out and caused some runtime issue with #2104, so I have temporarily revert the multiplatform changes and we can revisit after a healthy release.

@Tenzer, still appreciate your work on the script changes.

[chenrui333]

@virgofx the multi-arch docker image work got released under 0.19.0, let me know if that works for you. Thanks! (👏 for @Tenzer)

[virgofx]

@chenrui333 Confirmed it works in ECS / Fargate / ARM64 👏 👏 Feel free to mark issue as resolved.

Side note: Version reported in lower right as v0.18.6 when testing the v0.19.0 release 🤷‍♂️

[chenrui333]

oh shit, that is my bad, I used 0.18.6 and decided to bump it to 0.19.0. Either way, glad it works now. 👍

[chenrui333]

Will fix it in next week. Thanks! :) Closing the issue now.