Not sure if this has been asked before, I could not find any reference to it...
My team is using a Dockerfile with experimental syntax, which basically allows using features from Docker build kit, allowing to mount secrets to the image during build phase for security reasons.
This buildkit feature has actually been available in Docker since 18.09, as the offical docs indicate.
Whenever we try and run a docker build inside our pipeline, we get the following error:
$ export DOCKER_BUILDKIT=1 && docker build --progress=plain -t "our-image-tag" --secret id=ourauth,src="$HOME/.xxx” .
#2 [internal] load build definition from Dockerfile
#2 digest: sha256:2afcf7d89ff49a08d90da71b3aba3930c8bb1cb8cdd728e3e4e31c1a573e1f8c
#2 name: "[internal] load build definition from Dockerfile"
#2 started: 2020-03-03 11:37:00.125995097 +0000 UTC
#2 completed: 2020-03-03 11:37:00.126086328 +0000 UTC
#2 duration: 91.231µs
#2 started: 2020-03-03 11:37:00.12622561 +0000 UTC
#2 completed: 2020-03-03 11:37:00.132543781 +0000 UTC
#2 duration: 6.318171ms
#2 error: "no active session for pdnh8ofawlvby9mkoc46ib94w: context canceled: context canceled"
#1 [internal] load .dockerignore
#1 digest: sha256:870dccb4e89095f80779748e699c4218a22a52db160ff1012487ca312d89299d
#1 name: "[internal] load .dockerignore"
#1 started: 2020-03-03 11:37:00.125995846 +0000 UTC
#1 completed: 2020-03-03 11:37:00.126194392 +0000 UTC
#1 duration: 198.546µs
#1 started: 2020-03-03 11:37:00.12628914 +0000 UTC
#1 completed: 2020-03-03 11:37:00.132486681 +0000 UTC
failed to dial gRPC: unable to upgrade to h2c, received 403
#1 duration: 6.197541ms
#1 error: "no active session for pdnh8ofawlvby9mkoc46ib94w: context canceled: context canceled"
I've also noticed some other people getting stuck with this issue
Is there any way that we can make this work in the pipeline?
Any feedback is appreciated.
I am sure you can understand the security benefits of allowing to use docker build kit for building images.
Is docker daemon needed in that version or would it suffice if the docker client is of a newer version?
Last time I've looked the docker client in Atlassion Bitbucket Cloud Pipelines Plugin would be in a matching version:
$ docker --version
Docker version 18.09.1, build 4c52b90
which might mean that there could be support.
Currently, there does not seem to be support for this. I am guessing their docker daemon is just not allowing things like experimental dockerfile syntax (which is required to define mounts on the dockerfile for secrets etc.)
There is some interest gathering about this topic though: https://jira.atlassian.com/browse/BCLOUD-17590
I recommend following that ticket until they add support for buildkit.
...hey are a part of us, shaping how we interact with the world around us. The same holds true for programming languages when we think about how different kinds of vulnerabilities raise their heads in t...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events