Skip to content

containerd integration: Passing a build context via tarball to the /build endpoint is broken #47717

Closed
#49178
Closed
containerd integration: Passing a build context via tarball to the /build endpoint is broken#47717
#49178
Labels
area/apiAPIarea/builderBuildarea/builder/buildkitBuildcontainerd-integrationIssues and PRs related to containerd integrationkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.
Milestone
28.0.0
@vvoland

Description

@vvoland
vvoland
opened on Apr 15, 2024

Related downstream issues:

Description

Building via the /build endpoint with Version=BuilderBuildkit fails with:

failed to read downloaded context: failed to load cache key: invalid response status 403

When passing a build context via a tar without a build session.

It works with graphdrivers, because the mobyworker makes use of the passed http.RoundTripper:

moby/builder/builder-next/controller.go

Line 355 in 8d5d655

Transport: rt,

moby/builder/builder-next/controller.go

Line 193 in 8d5d655

func newGraphDriverController(ctx context.Context, rt http.RoundTripper, opt Opt) (*control.Controller, error) {

which is used to respond to a fake url echoing the passed build context:

moby/builder/builder-next/builder.go

Line 294 in 8d5d655

url, cancel := b.reqBodyHandler.newRequest(rc)

With the containerd integration, the ContainerdWorker doesn't use this RoundTripper so it isn't able to access the build context.

Reproduce

package main

import (
	"context"
	"io"
	"os"

	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
)

func main() {
	cli, err := client.NewClientWithOpts(client.FromEnv)
	if err != nil {
		panic(err)
	}

	rd, err := os.Open("context.tar")
	if err != nil {
		panic(err)
	}
	defer rd.Close()

	imageBuildResponse, err := cli.ImageBuild(context.Background(), rd, types.ImageBuildOptions{
		Version: types.BuilderBuildKit, // without this, classic builder is used
		Tags:    []string{"myimage:latest"},
	})
	if err != nil {
		panic(err)
	}
	defer imageBuildResponse.Body.Close()

	_, err = io.Copy(os.Stdout, imageBuildResponse.Body)
	if err != nil {
		panic(err)
	}
}

context.tar.zip
(zipping a tar, because github doesn't allow uploading tars 🙈)

Expected behavior

No response

docker version

Client:
 Cloud integration: v1.0.35+desktop.13
 Version:           26.0.0
 API version:       1.45
 Go version:        go1.21.8
 Git commit:        2ae903e
 Built:             Wed Mar 20 15:14:46 2024
 OS/Arch:           darwin/arm64
 Context:           desktop-linux

Server: Docker Desktop 4.30.0 (145546)
 Engine:
  Version:          26.0.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.8
  Git commit:       8b79278
  Built:            Wed Mar 20 15:18:02 2024
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

N/A

Additional Info

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/apiAPIarea/builderBuildarea/builder/buildkitBuildcontainerd-integrationIssues and PRs related to containerd integrationkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.

    Type

    No type

    Projects

    containerd integration

    Status

    Done

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions