containers/buildah

HEREDOC: Not available in 1.33.5 1.33.7 1.34 on Ubuntu, Debian, etc?

gnat opened this issue · 3 comments

gnat commented

Is there a flag that needs to be turned on to get Heredocs working??

Seems broken. Tried the following packages:

  • buildah 1.33.5 (current build in Ubuntu 24.04 LTS.. what you get with apt install podman)
  • buildah 1.33.7 (debian sid)
  • buildah 1.34 (debian experimental)

Big deal because the big 24.04 LTS release doesn't have HEREDOC support as far as I can tell. Effects all of Ubuntu and Debian (.. and all distros using Debian).

image

STEP 1/7: FROM ubuntu:24.04
STEP 2/7: RUN <<EOF
STEP 3/7: echo "Hello" >> /hello
ERRO[0001] +(UNHANDLED LOGLEVEL) &imagebuilder.Step{Env:[]string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}, Command:"echo", Args:[]string{""}, Flags:[]string{}, Attrs:map[string]bool(nil), Message:"ECHO ", Original:"echo \"Hello\" >> /hello"} 
Error: building at STEP "ECHO ": Build error: Unknown instruction: "ECHO" &imagebuilder.Step{Env:[]string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}, Command:"echo", Args:[]string{""}, Flags:[]string{}, Attrs:map[string]bool(nil), Message:"ECHO ", Original:"echo \"Hello\" >> /hello"}

Also wanted to say, thanks for the amazing work, really excited to use HEREDOC on my Dockerfile / Containerfile.. it's a major simplification of podman.

flouthoc commented

Heredoc support was added in 1.35 https://github.com/containers/buildah/releases/tag/v1.35.0 , I am not sure if there are any plans to backport heredoc to older versions but @TomSweeneyRedHat @rhatdan can answer this better.

gnat commented

Think I've found the reason.. it's being patched out because of a buildkit dependency.

Not sure why this would be a problem? Security issue maybe?

Description Revert "buildah: add heredoc support for RUN, COPY and ADD"
This is to avoid a dependency on buildkit, can probably be dropped after #1051202

https://udd.debian.org/patches.cgi?src=golang-github-containers-buildah&version=1.33.5%2Bds1-4

image

Luap99 commented

Sounds like a packing issue and not upstream, but the answer why they patch it out is most likely that buildkit is not packaged or incompatible in some way and debian doesn't allow vendored dependencies so they would need to resolve this in some way which can mean a lot of work.