Bitbucket Pipelines: containerd and runc upgrades

As part of the planned container runtimes upgrade, we are going to upgrade runc 1.0.0-rc10 to runc 1.0.0-rc95 and containerd 1.4.3 to containerd 1.5.0 for various security fixes.

Unfortunately, it introduces some breaking changes which would impact a small number of users who are using Bitbucket Pipelines. And so far the breaking change we notice is runc has changed its validation of the VOLUME mount path to ensure it’s an absolute path and reject any relative pathing. You can see the related PR that cause the issue here:

and the reported issues by the community here:

If the image you rely on is using relative mount path, we suggest you to update the mount path from relative path to absolute path to avoid error in your pipeline. Also, given validation have the strict requirement of the prefix "/" and expansion like "~" will not work, please make sure you don’t use "~" in your path.


Following is an example Dockerfile that will have the error:

```

FROM ubuntu:18.04

VOLUME .testwhatever

RUN echo done

```

And here is the fix:

```

FROM ubuntu:18.04

VOLUME /home/test/.testwhatever

RUN echo done

```

0 comments

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events