Created attachment 1608585 [details] Dockerfile Description of problem: When the --squash switch is used, multi-stage builds fail to complete. Version-Release number of selected component (if applicable): podman-1.5.1-3.fc30.x86_64 How reproducible: Always Steps to Reproduce: 1. Take the attached Dockerfile 2. echo "Aaa" > artifact 3. Run "podman build --squash ." Actual results: Build is failing. Expected results: Build is succeeding. Additional info: Logs: STEP 1: FROM centos:7 AS builder Getting image source signatures Copying blob d8d02d457314 done Copying config 67fa590cfc done Writing manifest to image destination Storing signatures STEP 2: USER root 50064bbc0337a3887d23326cf72deffbe5139c370af575029dd2906aa879cd6b STEP 3: COPY artifact /artifact Error: error building at STEP "COPY artifact /artifact": error determining run uid: user: unknown user error looking up user "root"
Transferring to Buildah as we use Buildah to perform builds.
That's true, but the same code work perfectly with Buildah: $ buildah build-using-dockerfile --squash . STEP 1: FROM centos:7 AS builder Getting image source signatures Copying blob d8d02d457314 done Copying config 67fa590cfc done Writing manifest to image destination Storing signatures STEP 2: USER root STEP 3: COPY artifact /artifact STEP 4: FROM centos:7 STEP 5: COPY --from=builder /artifact /target-artifact STEP 6: COMMIT Getting image source signatures Copying blob c691ea77381a done Copying config 353d36543f done Writing manifest to image destination Storing signatures 353d36543fe09293da661deb8d804709b786ec51a1d175cb9d35ea994b3701cc And it fails with Podman. buildah-1.10.1-2.git8c1c2c5.fc30.x86_64
Likely a matter of defaults, then. Podman defaults '--layers' to true (and one other I'm forgetting). I'd imagine rulling 'buildah bug --layers=true' will have the same result as Podman.
I can confirm above, with "--layers=true" it fails. $ buildah build-using-dockerfile --layers=true --squash . STEP 1: FROM centos:7 AS builder Getting image source signatures Copying blob d8d02d457314 done Copying config 67fa590cfc done Writing manifest to image destination Storing signatures STEP 2: USER root 27884b3ce01a53ea2c1567f90a1cbf71884e5da05844ebe6f3429044b585b062 STEP 3: COPY artifact /artifact error building at STEP "COPY artifact /artifact": error determining run uid: user: unknown user error looking up user "root" ERRO[0012] exit status 1
podman build --layers=false ... Should probably work. Now we need to determine if it should work when --layers=true
I have confirmed that this is not limited to multi-stage builds. Reproducer: FROM alpine:3.10 USER root COPY Dockerfile /tmp/ Log: $ podman build --squash . STEP 1: FROM alpine:3.10 Getting image source signatures Copying blob 9d48c3bd43c5 done Copying config 9617696764 done Writing manifest to image destination Storing signatures STEP 2: USER root 7e8bd5cfbf0c8d7b6bb346fea529a0bd5da13ce6940de43362fcfc8947163aa9 STEP 3: COPY Dockerfile /tmp/ Error: error building at STEP "COPY Dockerfile /tmp/": error determining run uid: user: unknown user error looking up user "root"
Seems to work fine with buildah $ buildah bud -f /tmp/Dockerfile1 --squash /tmp/ STEP 1: FROM alpine:3.10 STEP 2: USER root STEP 3: COPY Dockerfile /tmp/ STEP 4: COMMIT Getting image source signatures Copying blob 4ebfff4bc645 done Copying config c0bbe46e70 done Writing manifest to image destination Storing signatures --> c0bbe46e70d9262f2e9cc7dec06e1f387a10a201f6f02394f17cae3f4ec68812
Buildah blows up with --layers=true $ buildah bud -f /tmp/Dockerfile1 --layers=true --squash /tmp STEP 1: FROM alpine:3.10 STEP 2: USER root --> 31de45d0d8f801bd9cd40311346a6f6a3806981341ea0f99e98a96e3d3d42b20 STEP 3: COPY Dockerfile /tmp/ error building at STEP "COPY Dockerfile /tmp/": error determining run uid: user: unknown user error looking up user "root" ERRO[0000] exit status 1
This message is a reminder that Fedora 30 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 30 on 2020-05-26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '30'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 30 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Jindrich, I think this one can just be closed out. However, I'm setting it to POST in case you've any bits you need to flip.
Lokesh handles Fedora these days.