Comments (13)
I also filed a bug against
src:libseccomp
in Debian asking for 2.5.5 (or the syscall updates) in either bookworm or bookworm-backports: https://bugs.debian.org/1071822
This weekend's Debian stable update included this gem:
libseccomp (2.5.4-1+deb12u1) bookworm; urgency=medium
* Add support for syscalls up to Linux 6.7. (Closes: #1071822)
-- Felix Geyer <[email protected]> Sat, 25 May 2024 20:36:52 +0200
🥳 ❤️
from official-images.
(Reader: he couldn't resist and he wasn't wrong about BuildKit above, so that's next week's project)
from official-images.
ppc64le
was successful! And arm32v7
. 🎉
from official-images.
Got all my ducks in a row for builds of a newer Docker engine across all the architectures we support and the problem persists. I then recall that BuildKit needs the profile updates too, which might be why we're still seeing it. 🙃 🤞
https://github.com/moby/buildkit/blob/v0.12.5/go.mod#L31 is some semi-random commit between v24 and v25, which does not have any of moby/moby@9e10605 (v26 original merge), moby/moby@7a075ca (v25 backport), moby/moby@f11b55f (v24 backport), or moby/moby@5cc6748 (v23 backport) 😭
The good news is that https://github.com/moby/buildkit/blob/v0.13.2/go.mod#L32 is new enough (v25.0.3 is the version that received the backport). The bad news is that I refactored the way I'm building tianon/buildkit
and it's temporarily lost a few architectures as a result, so I need to sort that out. 😭
However, the build I'm still seeing fail is using the default BuildKit-built-into-dockerd (just raw docker buildx build
, no --builder
), so it's also very, very possible (and maybe even likely?) that this is something I also need to chase but is unrelated to still seeing the build fail. 😭
from official-images.
Oh man, we probably need libseccomp2
version 2.5.5+ also, which is actually newer than Debian Stable/bookworm currently has.
from official-images.
Confirmed 😭
from official-images.
Further confirmed -- started an infosiftr/moby:i386
container on my host, tried docker build 'https://github.com/tianon/docker-bash.git#967275700d273c985448c889a4e825008cd1fb97:5.2'
to reproduce the failure, then installed libseccomp2
version 2.5.5 from unstable and tried the build again with great success (so at least I can apply a workaround in my Docker-in-Docker images! still not sure about the BuildKit bits but one bridge at a time).
I also filed a bug against src:libseccomp
in Debian asking for 2.5.5 (or the syscall updates) in either bookworm or bookworm-backports: https://bugs.debian.org/1071822
from official-images.
Ok, in theory, fixes are deployed everywhere now. I'll check back in next week and hopefully everything will be resolved and all these failing Alpine 3.20 builds will be green. 😄
Edit: I guess assuming I'm wrong about BuildKit 0.12 above 🙈
from official-images.
Still seems to be failing on armv6 and v7
from official-images.
Doing some hacks in my personal build system to get more architectures on tianon/buildkit
again (notably riscv64
): tianon/bashbrew-tianon-meta@371fd85#diff-dec510d864246250be6cc8d33d2f9040f88ee65dfa31ee3b0e98b4e4ea1fe291
The other half I'll have to solve is using the host architecture for determining which BuildKit image to use instead of using the target architecture (which is a disparity we've had for a while that mostly doesn't matter but in this case becomes important since I'm not hacking it with fake entries anymore).
Edit: for the curious, that's accomplished via the following sadness (which I eventually hope to move to something that's committed but for now this is it):
# TODO implement proper cross-architecture support instead of this stupid hack 😭
jq '
.[].arches[] |=
if any(.tags[]; startswith("tianon/buildkit:")) then
.froms |= map(select(startswith("golang:") | not))
| .parents |= with_entries(select(.key | startswith("golang:") | not))
else . end
' sources.json > sources-hacked.json
( set -x && diff -u sources.json sources-hacked.json ) || :
mv sources-hacked.json sources.json
from official-images.
The other half I'll have to solve is using the host architecture for determining which BuildKit image to use instead of using the target architecture (which is a disparity we've had for a while that mostly doesn't matter but in this case becomes important since I'm not hacking it with fake entries anymore).
Apparently, I've (fortuitously!) forgotten that I didn't actually implement this to that level, and our arm32v6
and arm32v5
builders are already running the arm32v7
image, so we're actually good to go with just that hack! 🎉
from official-images.
In theory, #16856 will finish fixing this (holding off closing this until actual verification though). 🤞
from official-images.
This looks like it's settled enough to be closeable. 👍
from official-images.
Related Issues (20)
- Add LoongArch architecture support HOT 4
- Error relocating /usr/lib/libcurl.so.4: SSL_get0_group_name: symbol not found
- Rust 1.77.2-slim arm64 Images Missing HOT 2
- Odoo release number in tag HOT 2
- An issue with nginx 1.25.5 manifest. HOT 4
- Using gpu on Orangepi Rk3588 Board HOT 1
- no you HOT 5
- Broken release: SonarQube 9.9.5 tags do not support the arm64 architecture. HOT 3
- Broken Release: MySQL 8.4.0 HOT 1
- Fix CVE-2023-24538 and CVE-2023-24540 HOT 2
- can not find mariadb:10.11.8 images in https://hub.docker.com/_/mariadb HOT 1
- "operation not permitted", a `libseccomp` story HOT 1
- Review request for MariaDB UBI based image HOT 1
- influxb image: platform in image-index and image-config do not match HOT 5
- missing arm64v8 layers in MariaDB image HOT 3
- Official Chiselled Ubuntu images support? HOT 4
- Resolve critical and high vulnerabilities in node:lts-bookworm base image HOT 5
- Deprecation of image formats in older published images HOT 2
- Introduce `riscv64` tag for Ubuntu:24.04
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from official-images.