Skip to content

Make image generation fail upon failure to download dumb-init ubi-fips

Romuald Atchadé - OOO from 2024-12-23 to 2025-01-03 requested to merge release-dumb-init-failure-on-helper-image into main

What does this MR do?

Fail ubi-fips image building upon failure to download dumb-init

Why was this MR needed?

To prevent silent failure to download dumb-init

What's the best way to test this MR?

Pipeline passes without failures

Starting gitlab-runner-helper with this branch generated image

❯ docker run --pull always --rm registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper-dev:ubi-fips-x86_64-aa1314f6 gitlab-runner-helper --version
ubi-fips-x86_64-aa1314f6: Pulling from gitlab-org/gitlab-runner/gitlab-runner-helper-dev
26a41233a28d: Pull complete 
Digest: sha256:632f9012dbca4973665f461aafa45d438f17a6373aab32c78ecfe07378b448cb
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper-dev:ubi-fips-x86_64-aa1314f6
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
Version:      17.4.0~pre.45.gaa1314f6
Git revision: aa1314f6
Git branch:   refs/pipelines/1418825616
GO version:   go1.22.5 X:boringcrypto
Built:        2024-08-19T17:50:15+0000
OS/Arch:      linux/amd64

Getting dumb-init help with this branch generated image

❯ docker run --pull always --rm registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper-dev:ubi-fips-x86_64-aa1314f6 dumb-init --help
ubi-fips-x86_64-aa1314f6: Pulling from gitlab-org/gitlab-runner/gitlab-runner-helper-dev
Digest: sha256:632f9012dbca4973665f461aafa45d438f17a6373aab32c78ecfe07378b448cb
Status: Image is up to date for registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper-dev:ubi-fips-x86_64-aa1314f6
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
dumb-init v1.2.5
Usage: dumb-init [option] command [[arg] ...]

dumb-init is a simple process supervisor that forwards signals to children.
It is designed to run as PID1 in minimal container environments.

Optional arguments:
   -c, --single-child   Run in single-child mode.
                        In this mode, signals are only proxied to the
                        direct child and not any of its descendants.
   -r, --rewrite s:r    Rewrite received signal s to new signal r before proxying.
                        To ignore (not proxy) a signal, rewrite it to 0.
                        This option can be specified multiple times.
   -v, --verbose        Print debugging information to stderr.
   -h, --help           Print this help message and exit.
   -V, --version        Print the current version and exit.

What are the relevant issue numbers?

close #37836 (closed)

Edited by Romuald Atchadé - OOO from 2024-12-23 to 2025-01-03

Merge request reports