Description
Image Builder currently sets the --platform option when running docker build. This is a Docker BuildKit feature that will only have an effect if BuildKit is enabled. In order for Image Builder to better support running on a variety of build agent configurations, I'm proposing that Image Builder explicitly enable BuildKit where appropriate rather than relying on the build machine to have it enabled by default.
This was specifically discovered with our internal Arm64 machines. These are not configured to have BuildKit enabled by default. The consequence of that can be demonstrated in the scenario when we'd need to build a FROM scratch image that copies files from an Arm32 stage.
Simplified example:
FROM arm32v7/ubuntu:jammy AS builder
FROM scratch
COPY --from=builder / /Building this Dockerfile with the command docker build --platform linux/arm/v7 . on an Arm64 machine that does not have BuildKit enabled produces an error similar to the following:
failed to get destination image "sha256:12c880a2221b6f54876fb3b6bd7a9ffbc1cd7f5521aa414406dabd8e96482d94": image with reference sha256:12c880a2221b6f54876fb3b6bd7a9ffbc1cd7f5521aa414406dabd8e96482d94 was found but does not match the specified platform: wanted linux/arm/v7, actual: linux/arm64
This happens because the scratch stage gets defaulted to linux/arm64 since that's what the daemon is. This issue is specific to scratch stages; if the stage had been based on an Arm32 image instead, the copy would have worked.
Rather than forcing the build machine to be configured with BuildKit enabled, I propose that Image Builder construct a command that enables BuildKit at the time it runs the build command: DOCKER_BUILDKIT=1 docker build --platform linux/arm/v7 .. This allows the --platform option to be honored and the builder would then interpret the scratch stage as linux/arm/v7 instead of linux/arm64.
Metadata
Metadata
Assignees
Type
Projects
Status