Skip to content

[image-builder-mk3] Does not carry over env vars from base images #5597

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
geropl opened this issue Sep 8, 2021 · 9 comments · Fixed by #5693
Closed

[image-builder-mk3] Does not carry over env vars from base images #5597

geropl opened this issue Sep 8, 2021 · 9 comments · Fixed by #5693
Assignees
@csweichel
Labels
component: image-builder priority: highest (user impact) Directly user impacting team: workspace Issue belongs to the Workspace team type: bug Something isn't working

Comments

@geropl
Copy link
Member

geropl commented Sep 8, 2021

The underlying issues seems to be that env variables from base iamges are not carried over to the resulting image.
For instance, workspaces on gitpod-io/gitpod could not find gcloud because it was not in the PATH (but in the image).
Switching to old image-builder did fix this.

Incident: https://www.gitpodstatus.com/incidents/fk6prflgvvth

User reports:
@geropl geropl added type: bug Something isn't working component: image-builder priority: highest (user impact) Directly user impacting labels Sep 8, 2021
@geropl geropl mentioned this issue Sep 8, 2021
Closed
@meysholdt
Copy link
Member

we can re-enable image builder mk3 on staging, in case that is helpful: https://github.com/gitpod-com/gitpod/pull/5901 Thx @wulfthimm for the PR.

@geropl geropl mentioned this issue Sep 8, 2021
Closed
@geropl
Copy link
Member Author

geropl commented Sep 8, 2021

An integration test for this: #5609

@geropl
Copy link
Member Author

geropl commented Sep 8, 2021

Note that work on this on devstaging will likely be blocked by this PR: #5497

@csweichel csweichel added the team: workspace Issue belongs to the Workspace team label Sep 8, 2021
@csweichel
Copy link
Contributor

/schedule

@roboquat
Copy link
Contributor

roboquat commented Sep 8, 2021

@csweichel: Issue scheduled in the workspace team (WIP: 0)

In response to this:

/schedule

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@iQQBot
Copy link
Contributor

iQQBot commented Sep 9, 2021

I think because mk3 use buildkit LLB

gitpod/components/image-builder-bob/pkg/builder/builder.go

Line 200 in a4a8f39

def, err := llb.Image(b.Config.BaseRef).Marshal(context.Background())

Low-level builder only works on snapshots. There are no methods for controlling image metadata changes. Image metadata can be managed by a frontend, should it be needed. The only component that could know about the image format is image exporter.

@csweichel
Copy link
Contributor

csweichel commented Sep 9, 2021
edited
Loading

I think because mk3 use buildkit LLB

That's indeed the problem. llb.Image does nothing with the source image's metadata if there's no imagemetadataresolver present. Stepping through the code shows that if that's present the metadata is downloaded and applied to the state**. That said, the environment variables are still not present, and while debugging I've not seen the addenv state functions actually applied. I reckon we're still using llb wrong here somehow.

** the default imagemetadataresolver doesn't care much about authentication, this will be a problem

@csweichel
Copy link
Contributor

I've filed an issue with buildkit: moby/buildkit#2362

@csweichel csweichel mentioned this issue Sep 14, 2021
Merged
@csweichel
Copy link
Contributor

/assign

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@csweichel csweichel

Labels
component: image-builder priority: highest (user impact) Directly user impacting team: workspace Issue belongs to the Workspace team type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[image-builder] Export image config gitpod-io/gitpod
6 participants
@meysholdt @JanKoehnlein @csweichel @iQQBot @geropl @roboquat