You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are trying to use our own builder image, and it fails with following error:
[detector] ERROR: failed to write group file: open /layers/group.toml: permission denied
We noticed that this only happens because our builder image is not trusted, which is a hardcoded list.
Steps to reproduce
Create the function
knative-func $ func create -l go
It's successfully building with default builder image
knative-func $ func build --builder=pack --builder-image=ghcr.io/knative/builder-jammy-tiny:0.0.240
Building function image
Still building
Still building
Yes, still building
🙌 Function built: index.docker.io/tigerteam/knative-func:latest
Pull and create a tag for the default builder image
knative-func $ func build --builder=pack --builder-image=builder-jammy-tiny:0.0.240-local
Building function image
Error: executing lifecycle: failed with status code: 1
With verbose logging
knative-func $ func build --builder=pack --builder-image=builder-jammy-tiny:0.0.240-local -v
Building function image
Pulling image index.docker.io/library/builder-jammy-tiny:0.0.240-local
CheckReadAccess succeeded for the run image index.docker.io/paketobuildpacks/run-jammy-tiny:latest
Selected run image index.docker.io/paketobuildpacks/run-jammy-tiny:latest
Pulling image index.docker.io/paketobuildpacks/run-jammy-tiny:latest with platform linux/amd64
latest: Pulling from paketobuildpacks/run-jammy-tiny
Digest: sha256:fac4a3749284e198247f4ead26fd8ee2816c4db428ebb44fbfd19e6fef6309dc
Status: Image is up to date for paketobuildpacks/run-jammy-tiny:latest
Pulling image docker.io/buildpacksio/lifecycle:553c041 with platform linux/amd64
553c041: Pulling from buildpacksio/lifecycle
Digest: sha256:41ed46de4c426cd8462ae0e6fca8745f71432236f0c6aa6bfaa956b9d1704bcf
Status: Image is up to date for buildpacksio/lifecycle:553c041
Creating ephemeral lifecycle from docker.io/buildpacksio/lifecycle:553c041 with uid 1001 and gid 1000. With workspace dir
Selecting ephemeral lifecycle image pack.local/lifecycle/707870746e6b6c6d7271:latest for build
Creating builder with the following buildpacks:
-> paketo-community/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-community/[email protected]
-> paketo-community/[email protected]
-> paketo-community/[email protected]
-> [email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
-> paketo-buildpacks/[email protected]
Using build cache volume pack-cache-tigerteam_knative-func_latest-87f1fbc5c86d.build
===> ANALYZING
Running the analyzer on OS linux from image pack.local/lifecycle/707870746e6b6c6d7271:latest with:
Container Settings:
Args: /cnb/lifecycle/analyzer -gid 0 -uid 0 -log-level debug -daemon -run /layers/run.toml -run-image index.docker.io/paketobuildpacks/run-jammy-tiny:latest -launch-cache /launch-cache index.docker.io/tigerteam/knative-func:latest
System Envs: CNB_USER_ID=1001 CNB_GROUP_ID=1000 CNB_PLATFORM_API=0.13
Image: pack.local/lifecycle/707870746e6b6c6d7271:latest
User: root
Labels: map[author:pack]
Host Settings:
Binds: /var/run/docker.sock:/var/run/docker.sock pack-cache-tigerteam_knative-func_latest-87f1fbc5c86d.launch:/launch-cache pack-layers-acmbyzlhkj:/layers pack-app-mzcxvpshoy:/workspace
Network Mode:
[analyzer] Starting analyzer...
[analyzer] Parsing inputs...
[analyzer] Ensuring privileges...
[analyzer] Executing command...
[analyzer] Timer: Analyzer started at 2024-09-24T09:41:56Z
[analyzer] Found image with identifier "f829c1c66b55b4cc96c91183ea7902e17a55c1a9ba90fbe1051d521bd4e93514"
[analyzer] Restoring data for SBOM from previous image
[analyzer] Retrieving previous image SBOM layer for "sha256:fd1dcfdd1afb7dd174c6631f68c0efef895b19a51946b4fc349b1fcdfef8b878"
[analyzer] Found image with identifier "14e5b5794559c7e301229f2e51ac9ced13aff43206e019d0cd1548f5c7e84552"
[analyzer] Timer: Analyzer ran for 4.048334ms and ended at 2024-09-24T09:41:56Z
[analyzer] Run image info in analyzed metadata is:
[analyzer] {"Reference":"14e5b5794559c7e301229f2e51ac9ced13aff43206e019d0cd1548f5c7e84552","Image":"index.docker.io/paketobuildpacks/run-jammy-tiny:latest","Extend":false,"target":{"os":"linux","arch":"amd64"}}
===> DETECTING
Running the detector on OS linux from image pack.local/builder/676e6767636669706568:latest with:
Container Settings:
Args: /cnb/lifecycle/detector -app /workspace -log-level debug
System Envs: CNB_PLATFORM_API=0.13
Image: pack.local/builder/676e6767636669706568:latest
User:
Labels: map[author:pack]
Host Settings:
Binds: pack-layers-acmbyzlhkj:/layers pack-app-mzcxvpshoy:/workspace
Network Mode:
[detector] Starting detector...
[detector] Parsing inputs...
[detector] Ensuring privileges...
[detector] Executing command...
[detector] Timer: Detector started at 2024-09-24T09:41:56Z
[detector] Checking for match against descriptor: {linux amd64 []}
[detector] Checking for match against descriptor: {linux amd64 []}
[detector] Checking for match against descriptor: {linux amd64 []}
[detector] Checking for match against descriptor: {linux amd64 []}
[detector] Checking for match against descriptor: {linux amd64 []}
[detector] Checking for match against descriptor: {linux amd64 [{ubuntu 18.04}]}
[detector] ======== Output: paketo-buildpacks/[email protected] ========
[detector] SKIPPED: No procfile found from either source path or binding.
[detector] ======== Results ========
[detector] pass: paketo-community/[email protected]
[detector] pass: paketo-community/[email protected]
[detector] pass: paketo-buildpacks/[email protected]
[detector] fail: paketo-community/[email protected]
[detector] skip: paketo-buildpacks/[email protected]
[detector] ======== Results ========
[detector] pass: paketo-buildpacks/[email protected]
[detector] pass: [email protected]
[detector] Resolving plan... (try #1)
[detector] paketo-buildpacks/go-dist 2.5.0
[detector] dev.knative-extensions.go 0.0.6
[detector] Timer: Detector ran for 168.826167ms and ended at 2024-09-24T09:41:56Z
[detector] ERROR: failed to write group file: open /layers/group.toml: permission denied
Error: failed to build the function: executing lifecycle: failed with status code: 1
The text was updated successfully, but these errors were encountered:
@matejvasek any thoughts?
It looks like can't try following a tutorial on ARM, because func build -v --builder-image dashaun/builder:tiny fails.
(I used another builder as a workaround, not blocked, but anyway)
We are trying to use our own builder image, and it fails with following error:
We noticed that this only happens because our builder image is not trusted, which is a hardcoded list.
Steps to reproduce
Create the function
It's successfully building with default builder image
Pull and create a tag for the default builder image
Run build with the new tag
With verbose logging
The text was updated successfully, but these errors were encountered: