Changes to .dockerignore in 0.7.1 breaking my builds

[danilofuchs]

Github action docker/setup-buildx-action recently updated buildx default version to 0.7.1

This introduced a bug in our build pipeline.

In our action, we first run docker compose up, which creates a volume at .data/db/mysql. Then, we build the image using buildx. The new parser is trying to read this folder when loading context, even though it is ignored.

Previous output (0.7.0):

#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 1.03kB done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 transferring context: 251B done
#2 DONE 0.0s

#3 [internal] load metadata for docker.io/library/node:16-alpine
#3 ...

#4 [auth] library/node:pull token for registry-1.docker.io
#4 DONE 0.0s

#3 [internal] load metadata for docker.io/library/node:16-alpine
#3 DONE 0.5s

#5 [builder 1/7] FROM docker.io/library/node:16-alpine@sha256:a9b9cb880fa429b0bea899cd3b1bc081ab7277cc97e6d2dcd84bd9753b2027e1
#5 resolve docker.io/library/node:16-alpine@sha256:a9b9cb880fa429b0bea899cd3b1bc081ab7277cc97e6d2dcd84bd9753b2027e1 done
#5 ...

#7 [internal] load build context
#7 transferring context: 3.85MB 0.2s done
#7 DONE 0.2s

Output for 0.7.1:

#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 42B done
#1 ERROR: error from sender: open .data/db/mysql: permission denied
------
 > [internal] load build definition from Dockerfile:
------
error: failed to solve: failed to read dockerfile: error from sender: open .data/db/mysql: permission denied
Error: buildx failed with: error: failed to solve: failed to read dockerfile: error from sender: open .data/db/mysql: permission denied

Our .dockerignore:

node_modules
dist
docs
coverage
.ci
.github
.data
README.md
.vscode
scripts
.git

.yarn/*
!.yarn/patches
!.yarn/releases
!.yarn/plugins
!.yarn/sdks
!.yarn/versions
.pnp.*

Dockerfile
docker-compose.yml
docker

The following dockerignore is also broken:

**


!src

!.env*

!yarn.lock
!package.json
!.yarnrc.yml

!test
!jest.config.*

!nest-cli.json
!tsconfig*

!.eslintrc
!prettier.config.js

!.sentryclirc

.yarn/*
!.yarn/patches
!.yarn/sdks
!.yarn/versions
.pnp.*

[crazy-max]

Sounds like the same as #850. cc @aaronlehmann

[danilofuchs]

I was not sure if it is the same issue, as I understood the change in 0.7.1 was introduced to address #850.

It is certainly related.

[tonistiigi]

@aaronlehmann PTAL. The EPERM is a signal that these files were not accessed before (as they seem to be in ignore list).

@danilofuchs Please also post a Dockerfile so we can see what paths you are requesting. Or make a separate reproducer that you can share.

[danilofuchs]

Sure!
I'm building a Nest.js application using Node 16, Yarn v3 (with node-modules linker, not PnP)
Although it configures multistage builds, I'm only building the builder target when the error occurs.

Here is the Dockerfile:

### This is the build stage, with dev dependencies
FROM node:16-alpine AS builder

# Omits Yarn interactive logs if set to 'true'
ARG CI
# Necessary to fetch private packages
ARG NPM_GITHUB_TOKEN

WORKDIR /build

COPY package.json yarn.lock .yarnrc.yml ./
COPY .yarn ./.yarn
RUN yarn install --immutable

COPY . .

RUN yarn build



### This is the production stage, without dev dependencies
FROM node:16-alpine as production

# Omits Yarn interactive logs if set to 'true'
ARG CI
# Necessary to fetch private packages
ARG NPM_GITHUB_TOKEN
# Used by Sentry to tag releases when logging errors
ARG COMMIT_HASH

WORKDIR /usr/src/app

ENV PORT 3001
ENV HOST 0.0.0.0
EXPOSE 3001

COPY package.json yarn.lock .yarnrc.yml  ./
COPY .yarn ./.yarn
# Install only production dependencies
RUN yarn workspaces focus --production

COPY --from=builder /build/dist .
COPY .env* .

ENV COMMIT_HASH $COMMIT_HASH

RUN addgroup -g 1001 -S nodejs
RUN adduser -S app -u 1001
USER app

CMD ["node", "main"]

[chjeningka]

Posting here on behalf of a colleague of ours that found this--we had the same problem, but ofc it also extends to the Dockerfiles as well.

I created an issue on docker/build-push-action#517 (includes entire Dockerfile and logs) but the gist is that we were copying source jar files using ** since it was more convenient.

We're fixing the version to 0.7.0 for now.

Also, going forward, since we use Maven we are going to specify the jar name so that it is e.g. always available at target/app.jar rather than the default (based on artifactId and version, so could change each build hence why we used wildcards in the first place). Should remove the need for using wildcards in the first place.

<build>
    <finalName>app</finalName>
    <!-- other build stuff, plugins, etc -->
</build>

[aaronlehmann]

The current walker implementation will recurse into ignored directories when there are exclusion patterns (!foo). This is done to handle scenarios where a parent directory is ignored but subdirectories underneath it are excluded from the ignore.

What's the expected behavior in this scenario? Should the walker ignore EPERM within a directory that matches an ignore pattern but doesn't also match an exclusion pattern? Are there any other errors which would also need to be ignored in this case?

[chjeningka]

@aaronlehmann I don't mean to hijack this but if it's worth mentioning, in our case we don't use dockerignore files in our project, and we see this problem.

It completely broke our builds stating that during a COPY statement in our dockerfile it couldn't find the file (jar) we were trying to copy into the image. It so-happened that COPY statement used wildcards, and once we removed them the problem was resolved. (we could work around this in our case by using Maven's build.FinalName property to set the jar name)

COPY --chown=appuser:appuser target/**.jar /home/appuser/app.jar

[aaronlehmann]

@chjeningka: I think you're running into a different issue; the one we're discussing in this ticket is about permission issues with directories excluded by .dockerignore. Could you pleaes open a separate issue?

[crazy-max]

I can't repro anymore. @chjeningka @danilofuchs Can you try on your side please?:

$ git clone https://github.com/docker/buildx.git && cd buildx
$ make install
$ docker buildx build ...

Thanks!

[danilofuchs]

Error seems to still be happening. I configured the action to build from master (version: https://github.com/docker/buildx.git#master). This ref: 11b771c

Logs for buildx setup

2022-01-25T14:38:26.6253969Z ##[group]Run docker/setup-buildx-action@v1
2022-01-25T14:38:26.6254277Z with:
2022-01-25T14:38:26.6254544Z   version: https://github.com/docker/buildx.git#master
2022-01-25T14:38:26.6254841Z   driver: docker-container
2022-01-25T14:38:26.6256049Z   buildkitd-flags: --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
2022-01-25T14:38:26.6256833Z   install: false
2022-01-25T14:38:26.6257044Z   use: true
2022-01-25T14:38:26.6257214Z env:
2022-01-25T14:38:26.6257591Z   DOCKER_BUILDKIT: 1
2022-01-25T14:38:26.6257962Z   BUILDKIT_PROGRESS: plain
2022-01-25T14:38:26.6258216Z   COMPOSE_PROJECT_NAME: track-api
2022-01-25T14:38:26.6258626Z ##[endgroup]
2022-01-25T14:38:26.8028897Z ##[group]Docker info
2022-01-25T14:38:26.8267105Z [command]/usr/bin/docker version
2022-01-25T14:38:27.1485200Z Client:
2022-01-25T14:38:27.1486211Z  Version:           20.10.11+azure-3
2022-01-25T14:38:27.1486808Z  API version:       1.41
2022-01-25T14:38:27.1617520Z  Go version:        go1.16.12
2022-01-25T14:38:27.1617992Z  Git commit:        dea9396e184290f638ea873c76db7c80efd5a1d2
2022-01-25T14:38:27.1618311Z  Built:             Wed Nov 17 23:49:46 2021
2022-01-25T14:38:27.1618579Z  OS/Arch:           linux/amd64
2022-01-25T14:38:27.1618813Z  Context:           default
2022-01-25T14:38:27.1619075Z  Experimental:      true
2022-01-25T14:38:27.1619235Z 
2022-01-25T14:38:27.1619412Z Server:
2022-01-25T14:38:27.1619612Z  Engine:
2022-01-25T14:38:27.1620093Z   Version:          20.10.11+azure-3
2022-01-25T14:38:27.1620370Z   API version:      1.41 (minimum version 1.12)
2022-01-25T14:38:27.1620648Z   Go version:       go1.16.12
2022-01-25T14:38:27.1620955Z   Git commit:       847da184ad5048b27f5bdf9d53d070f731b43180
2022-01-25T14:38:27.1621243Z   Built:            Thu Nov 18 00:21:59 2021
2022-01-25T14:38:27.1621504Z   OS/Arch:          linux/amd64
2022-01-25T14:38:27.1621835Z   Experimental:     false
2022-01-25T14:38:27.1622062Z  containerd:
2022-01-25T14:38:27.1622359Z   Version:          1.4.12+azure-2
2022-01-25T14:38:27.1622657Z   GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
2022-01-25T14:38:27.1623041Z  runc:
2022-01-25T14:38:27.1623258Z   Version:          1.0.3
2022-01-25T14:38:27.1623547Z   GitCommit:        f46b6ba2c9314cfc8caae24a32ec5fe9ef1059fe
2022-01-25T14:38:27.1623891Z  docker-init:
2022-01-25T14:38:27.1624125Z   Version:          0.19.0
2022-01-25T14:38:27.1624347Z   GitCommit:        
2022-01-25T14:38:27.1708787Z [command]/usr/bin/docker info
2022-01-25T14:38:27.8096105Z Client:
2022-01-25T14:38:27.8096795Z  Context:    default
2022-01-25T14:38:27.8097483Z  Debug Mode: false
2022-01-25T14:38:27.8097897Z  Plugins:
2022-01-25T14:38:27.8098688Z   buildx: Docker Buildx (Docker Inc., 0.7.1+azure-2)
2022-01-25T14:38:27.8099513Z   compose: Docker Compose (Docker Inc., 2.2.3+azure-1)
2022-01-25T14:38:27.8100007Z 
2022-01-25T14:38:27.8100382Z Server:
2022-01-25T14:38:27.8100610Z  Containers: 6
2022-01-25T14:38:27.8100866Z   Running: 6
2022-01-25T14:38:27.8101078Z   Paused: 0
2022-01-25T14:38:27.8101319Z   Stopped: 0
2022-01-25T14:38:27.8101542Z  Images: 25
2022-01-25T14:38:27.8101918Z  Server Version: 20.10.11+azure-3
2022-01-25T14:38:27.8102344Z  Storage Driver: overlay2
2022-01-25T14:38:27.8102809Z   Backing Filesystem: extfs
2022-01-25T14:38:27.8103060Z   Supports d_type: true
2022-01-25T14:38:27.8103321Z   Native Overlay Diff: false
2022-01-25T14:38:27.8103558Z   userxattr: false
2022-01-25T14:38:27.8103876Z  Logging Driver: json-file
2022-01-25T14:38:27.8104141Z  Cgroup Driver: cgroupfs
2022-01-25T14:38:27.8104375Z  Cgroup Version: 1
2022-01-25T14:38:27.8104604Z  Plugins:
2022-01-25T14:38:27.8104824Z   Volume: local
2022-01-25T14:38:27.8105093Z   Network: bridge host ipvlan macvlan null overlay
2022-01-25T14:38:27.8105610Z   Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
2022-01-25T14:38:27.8105934Z  Swarm: inactive
2022-01-25T14:38:27.8106633Z  Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
2022-01-25T14:38:27.8107416Z  Default Runtime: runc
2022-01-25T14:38:27.8107945Z  Init Binary: docker-init
2022-01-25T14:38:27.8108274Z  containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
2022-01-25T14:38:27.8108649Z  runc version: f46b6ba2c9314cfc8caae24a32ec5fe9ef1059fe
2022-01-25T14:38:27.8108931Z  init version: 
2022-01-25T14:38:27.8109169Z  Security Options:
2022-01-25T14:38:27.8109398Z   apparmor
2022-01-25T14:38:27.8109593Z   seccomp
2022-01-25T14:38:27.8109815Z    Profile: default
2022-01-25T14:38:27.8110127Z  Kernel Version: 5.11.0-1027-azure
2022-01-25T14:38:27.8110409Z  Operating System: Ubuntu 20.04.3 LTS
2022-01-25T14:38:27.8110673Z  OSType: linux
2022-01-25T14:38:27.8110895Z  Architecture: x86_64
2022-01-25T14:38:27.8111127Z  CPUs: 2
2022-01-25T14:38:27.8111353Z  Total Memory: 6.789GiB
2022-01-25T14:38:27.8111637Z  Name: fv-az206-505
2022-01-25T14:38:27.8111953Z  ID: S23R:JP2F:CM6E:5B2G:P6EI:26SI:UTOJ:H7HR:DPQW:ORKY:EQOV:MMBI
2022-01-25T14:38:27.8113065Z  Docker Root Dir: /var/lib/docker
2022-01-25T14:38:27.8113346Z  Debug Mode: false
2022-01-25T14:38:27.8113603Z  Username: githubactions
2022-01-25T14:38:27.8113909Z  Registry: https://index.docker.io/v1/
2022-01-25T14:38:27.8114184Z  Labels:
2022-01-25T14:38:27.8114413Z  Experimental: false
2022-01-25T14:38:27.8114645Z  Insecure Registries:
2022-01-25T14:38:27.8114879Z   127.0.0.0/8
2022-01-25T14:38:27.8115097Z  Live Restore Enabled: false
2022-01-25T14:38:27.8115262Z 
2022-01-25T14:38:27.8176481Z ##[endgroup]
2022-01-25T14:38:27.8179718Z ##[group]Build and install buildx
2022-01-25T14:38:28.0931041Z [command]/usr/bin/docker buildx build --target binaries --build-arg BUILDKIT_CONTEXT_KEEP_GIT_DIR=1 --output type=local,dest=/tmp/docker-setup-buildx-RUgy5w/out https://github.com/docker/buildx.git#master
2022-01-25T14:38:29.0582292Z #1 [internal] load git source https://github.com/docker/buildx.git#master
2022-01-25T14:38:29.0583409Z #1 0.022 hint: Using 'master' as the name for the initial branch. This default branch name
2022-01-25T14:38:29.0584013Z #1 0.022 hint: is subject to change. To configure the initial branch name to use in all
2022-01-25T14:38:29.0584551Z #1 0.022 hint: of your new repositories, which will suppress this warning, call:
2022-01-25T14:38:29.0584940Z #1 0.022 hint: 
2022-01-25T14:38:29.0585456Z #1 0.022 hint: 	git config --global init.defaultBranch <name>
2022-01-25T14:38:29.0585849Z #1 0.022 hint: 
2022-01-25T14:38:29.0586381Z #1 0.022 hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
2022-01-25T14:38:29.0586998Z #1 0.022 hint: 'development'. The just-created branch can be renamed via this command:
2022-01-25T14:38:29.0587421Z #1 0.022 hint: 
2022-01-25T14:38:29.0587843Z #1 0.022 hint: 	git branch -m <name>
2022-01-25T14:38:29.0588385Z #1 0.029 Initialized empty Git repository in /var/lib/docker/overlay2/iz803cokdpfjzq8j2l1aced4c/diff/
2022-01-25T14:38:29.2101818Z #1 0.230 11b771c789daa8d6c9bc3cf7ba7c86240f382bef	refs/heads/master
2022-01-25T14:38:31.2925274Z #1 2.152 From https://github.com/docker/buildx
2022-01-25T14:38:31.2926180Z #1 2.152  * [new branch]      master     -> master
2022-01-25T14:38:31.4431355Z #1 2.152  * [new branch]      master     -> origin/master
2022-01-25T14:38:31.4437857Z #1 2.161 hint: Using 'master' as the name for the initial branch. This default branch name
2022-01-25T14:38:31.4444896Z #1 2.161 hint: is subject to change. To configure the initial branch name to use in all
2022-01-25T14:38:31.4450303Z #1 2.161 hint: of your new repositories, which will suppress this warning, call:
2022-01-25T14:38:31.4455703Z #1 2.161 hint: 
2022-01-25T14:38:31.4461224Z #1 2.161 hint: 	git config --global init.defaultBranch <name>
2022-01-25T14:38:31.4469437Z #1 2.161 hint: 
2022-01-25T14:38:31.4477005Z #1 2.161 hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
2022-01-25T14:38:31.4489414Z #1 2.161 hint: 'development'. The just-created branch can be renamed via this command:
2022-01-25T14:38:31.4498102Z #1 2.161 hint: 
2022-01-25T14:38:31.4506840Z #1 2.161 hint: 	git branch -m <name>
2022-01-25T14:38:31.4515649Z #1 2.162 Initialized empty Git repository in /var/lib/docker/overlay2/375wqpq1fcajf3ynb0vny90lf/diff/.git/
2022-01-25T14:38:31.9044840Z #1 2.670 From /var/lib/docker/overlay2/iz803cokdpfjzq8j2l1aced4c/diff
2022-01-25T14:38:31.9045800Z #1 2.670  * [new tag]         master     -> master
2022-01-25T14:38:31.9046192Z #1 2.670  * [new tag]         master     -> master
2022-01-25T14:38:32.3551433Z #1 3.123 Note: switching to 'FETCH_HEAD'.
2022-01-25T14:38:32.3554677Z #1 3.123 
2022-01-25T14:38:32.3558824Z #1 3.123 You are in 'detached HEAD' state. You can look around, make experimental
2022-01-25T14:38:32.3562664Z #1 3.123 changes and commit them, and you can discard any commits you make in this
2022-01-25T14:38:32.3566350Z #1 3.123 state without impacting any branches by switching back to a branch.
2022-01-25T14:38:32.3569780Z #1 3.123 
2022-01-25T14:38:32.3573651Z #1 3.123 If you want to create a new branch to retain commits you create, you may
2022-01-25T14:38:32.3577763Z #1 3.123 do so (now or later) by using -c with the switch command. Example:
2022-01-25T14:38:32.3581158Z #1 3.123 
2022-01-25T14:38:32.3584949Z #1 3.123   git switch -c <new-branch-name>
2022-01-25T14:38:32.3588381Z #1 3.123 
2022-01-25T14:38:32.3592742Z #1 3.123 Or undo this operation with:
2022-01-25T14:38:32.3596314Z #1 3.123 
2022-01-25T14:38:32.3599972Z #1 3.123   git switch -
2022-01-25T14:38:32.3603461Z #1 3.123 
2022-01-25T14:38:32.3607354Z #1 3.123 Turn off this advice by setting config variable advice.detachedHead to false
2022-01-25T14:38:32.3611470Z #1 3.123 
2022-01-25T14:38:32.3617547Z #1 3.123 HEAD is now at 11b771c Merge pull request #904 from tonistiigi/named-contexts
2022-01-25T14:38:32.3618595Z #1 DONE 3.2s
2022-01-25T14:38:32.5119850Z 
2022-01-25T14:38:32.5124360Z #3 [auth] docker/dockerfile:pull token for registry-1.docker.io
2022-01-25T14:38:32.5129118Z #3 DONE 0.0s
2022-01-25T14:38:32.5133816Z 
2022-01-25T14:38:32.5138817Z #2 resolve image config for docker.io/docker/dockerfile:1.3
2022-01-25T14:38:32.9259100Z #2 DONE 0.6s
2022-01-25T14:38:33.0399919Z 
2022-01-25T14:38:33.0406183Z #4 docker-image://docker.io/docker/dockerfile:1.3@sha256:42399d4635eddd7a9b8a24be879d2f9a930d0ed040a61324cfdf59ef1357b3b2
2022-01-25T14:38:33.0413861Z #4 resolve docker.io/docker/dockerfile:1.3@sha256:42399d4635eddd7a9b8a24be879d2f9a930d0ed040a61324cfdf59ef1357b3b2 done
2022-01-25T14:38:33.0419007Z #4 sha256:42399d4635eddd7a9b8a24be879d2f9a930d0ed040a61324cfdf59ef1357b3b2 2.00kB / 2.00kB done
2022-01-25T14:38:33.0424882Z #4 sha256:93f32bd6dd9004897fed4703191f48924975081860667932a4df35ba567d7426 528B / 528B done
2022-01-25T14:38:33.0429885Z #4 sha256:e532695ddd93ca7c85a816c67afdb352e91052fab7ac19a675088f80915779a7 1.21kB / 1.21kB done
2022-01-25T14:38:33.0436832Z #4 sha256:24a639a53085eb680e1d11618ac62f3977a3926fedf5b8471ace519b8c778030 6.23MB / 9.67MB 0.1s
2022-01-25T14:38:33.1941032Z #4 sha256:24a639a53085eb680e1d11618ac62f3977a3926fedf5b8471ace519b8c778030 9.67MB / 9.67MB 0.2s done
2022-01-25T14:38:33.1942093Z #4 extracting sha256:24a639a53085eb680e1d11618ac62f3977a3926fedf5b8471ace519b8c778030 0.1s
2022-01-25T14:38:33.6119529Z #4 extracting sha256:24a639a53085eb680e1d11618ac62f3977a3926fedf5b8471ace519b8c778030 0.5s done
2022-01-25T14:38:33.6124568Z #4 DONE 0.7s
2022-01-25T14:38:33.7658766Z 
2022-01-25T14:38:33.7670966Z #5 [internal] load metadata for docker.io/tonistiigi/xx:1.0.0
2022-01-25T14:38:33.9151677Z #5 ...
2022-01-25T14:38:33.9153390Z 
2022-01-25T14:38:33.9156978Z #7 [auth] library/golang:pull token for registry-1.docker.io
2022-01-25T14:38:33.9157452Z #7 DONE 0.0s
2022-01-25T14:38:33.9157587Z 
2022-01-25T14:38:33.9157929Z #8 [auth] tonistiigi/xx:pull token for registry-1.docker.io
2022-01-25T14:38:33.9158206Z #8 DONE 0.0s
2022-01-25T14:38:34.0660639Z 
2022-01-25T14:38:34.0661405Z #6 [internal] load metadata for docker.io/library/golang:1.17-alpine
2022-01-25T14:38:34.2174396Z #6 DONE 0.4s
2022-01-25T14:38:34.2174627Z 
2022-01-25T14:38:34.2174898Z #5 [internal] load metadata for docker.io/tonistiigi/xx:1.0.0
2022-01-25T14:38:34.3678676Z #5 DONE 0.5s
2022-01-25T14:38:34.6217840Z 
2022-01-25T14:38:34.6220219Z #9 [golatest 1/1] FROM docker.io/library/golang:1.17-alpine@sha256:519c827ec22e5cf7417c9ff063ec840a446cdd30681700a16cf42eb43823e27c
2022-01-25T14:38:34.6221376Z #9 resolve docker.io/library/golang:1.17-alpine@sha256:519c827ec22e5cf7417c9ff063ec840a446cdd30681700a16cf42eb43823e27c 0.0s done
2022-01-25T14:38:34.7353146Z #9 sha256:519c827ec22e5cf7417c9ff063ec840a446cdd30681700a16cf42eb43823e27c 1.65kB / 1.65kB done
2022-01-25T14:38:34.7355395Z #9 sha256:f28579af8a31c28fc180fb2e26c415bf6211a21fb9f3ed5e81bcdbf062c52893 1.36kB / 1.36kB done
2022-01-25T14:38:34.7357000Z #9 sha256:e8fc0c5ad389ed61e267136a87f4f61694203c6cbcba947097106e1135a2cb38 5.20kB / 5.20kB done
2022-01-25T14:38:34.7358149Z #9 sha256:666ba61612fd7c93393f9a5bc1751d8a9929e32d51501dba691da9e8232bc87b 282.16kB / 282.16kB 0.1s done
2022-01-25T14:38:34.7359412Z #9 sha256:8ed8ca4862056a130f714accb3538decfa0663fec84e635d8b5a0a3305353dee 155B / 155B 0.2s done
2022-01-25T14:38:34.7361170Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 2.10MB / 110.14MB 0.2s
2022-01-25T14:38:34.7362333Z #9 extracting sha256:666ba61612fd7c93393f9a5bc1751d8a9929e32d51501dba691da9e8232bc87b
2022-01-25T14:38:34.7363545Z #9 sha256:22a0e8bec74ddb73c81aa4e49168ff2ca80c701bd2d6e66a7124a70344f35961 0B / 155B 0.2s
2022-01-25T14:38:34.8449385Z #9 sha256:22a0e8bec74ddb73c81aa4e49168ff2ca80c701bd2d6e66a7124a70344f35961 155B / 155B 0.3s
2022-01-25T14:38:34.9517606Z #9 ...
2022-01-25T14:38:34.9556358Z 
2022-01-25T14:38:34.9557618Z #10 [xx 1/1] FROM docker.io/tonistiigi/xx:1.0.0@sha256:494fa8488689d499edfaa16dba5922bc2b8cdfcb220bf884354aecbc1f2d8996
2022-01-25T14:38:34.9558684Z #10 resolve docker.io/tonistiigi/xx:1.0.0@sha256:494fa8488689d499edfaa16dba5922bc2b8cdfcb220bf884354aecbc1f2d8996 done
2022-01-25T14:38:34.9559172Z #10 sha256:c175b0065054f5c2285c727510f433231f8ebe41d437816d22044696e9adde44 525B / 525B done
2022-01-25T14:38:34.9559593Z #10 sha256:0f3509935530631c6c402f33310ff23d7bd35caf9ba63059d4157c39329a10d4 940B / 940B done
2022-01-25T14:38:34.9561259Z #10 sha256:25eaaac5d58a9b6ff4e90ee3cbd4149fd0861e2605d3d11c64e265ba5ba45176 13.99kB / 13.99kB 0.1s done
2022-01-25T14:38:34.9562030Z #10 sha256:494fa8488689d499edfaa16dba5922bc2b8cdfcb220bf884354aecbc1f2d8996 2.65kB / 2.65kB done
2022-01-25T14:38:34.9563177Z #10 extracting sha256:25eaaac5d58a9b6ff4e90ee3cbd4149fd0861e2605d3d11c64e265ba5ba45176 done
2022-01-25T14:38:34.9563674Z #10 DONE 0.4s
2022-01-25T14:38:34.9563824Z 
2022-01-25T14:38:34.9564897Z #9 [golatest 1/1] FROM docker.io/library/golang:1.17-alpine@sha256:519c827ec22e5cf7417c9ff063ec840a446cdd30681700a16cf42eb43823e27c
2022-01-25T14:38:34.9566423Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 12.58MB / 110.14MB 0.4s
2022-01-25T14:38:35.1023376Z #9 extracting sha256:666ba61612fd7c93393f9a5bc1751d8a9929e32d51501dba691da9e8232bc87b 0.3s done
2022-01-25T14:38:35.2424291Z #9 extracting sha256:8ed8ca4862056a130f714accb3538decfa0663fec84e635d8b5a0a3305353dee done
2022-01-25T14:38:35.3928087Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 32.51MB / 110.14MB 0.8s
2022-01-25T14:38:35.5262397Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 45.09MB / 110.14MB 1.0s
2022-01-25T14:38:35.6272026Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 54.53MB / 110.14MB 1.1s
2022-01-25T14:38:35.7344697Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 66.06MB / 110.14MB 1.2s
2022-01-25T14:38:35.8854437Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 76.55MB / 110.14MB 1.3s
2022-01-25T14:38:36.0301901Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 103.81MB / 110.14MB 1.5s
2022-01-25T14:38:36.1821049Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 110.14MB / 110.14MB 1.6s
2022-01-25T14:38:36.3129762Z #9 sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 110.14MB / 110.14MB 1.7s done
2022-01-25T14:38:36.3130835Z #9 extracting sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80
2022-01-25T14:38:41.5516293Z #9 extracting sha256:4fe6c5a15a65f4960a2b1852b3f3221cfb89fccf18b6125213d9c40143a20b80 5.1s done
2022-01-25T14:38:43.0483075Z #9 extracting sha256:22a0e8bec74ddb73c81aa4e49168ff2ca80c701bd2d6e66a7124a70344f35961 done
2022-01-25T14:38:43.0483512Z #9 DONE 8.5s
2022-01-25T14:38:43.1988314Z 
2022-01-25T14:38:43.1992293Z #11 [gobase 1/3] COPY --from=xx / /
2022-01-25T14:38:43.1992575Z #11 DONE 0.0s
2022-01-25T14:38:43.1992712Z 
2022-01-25T14:38:43.1993026Z #12 [gobase 2/3] RUN apk add --no-cache file git
2022-01-25T14:38:43.4998846Z #12 0.289 fetch https://dl-cdn.alpinelinux.org/alpine/v3.15/main/x86_64/APKINDEX.tar.gz
2022-01-25T14:38:43.6506343Z #12 0.426 fetch https://dl-cdn.alpinelinux.org/alpine/v3.15/community/x86_64/APKINDEX.tar.gz
2022-01-25T14:38:43.7579544Z #12 0.679 (1/8) Installing libmagic (5.41-r0)
2022-01-25T14:38:43.8698667Z #12 0.727 (2/8) Installing file (5.41-r0)
2022-01-25T14:38:43.8699570Z #12 0.739 (3/8) Installing brotli-libs (1.0.9-r5)
2022-01-25T14:38:43.8701518Z #12 0.759 (4/8) Installing nghttp2-libs (1.46.0-r0)
2022-01-25T14:38:43.8701922Z #12 0.772 (5/8) Installing libcurl (7.80.0-r0)
2022-01-25T14:38:43.8702270Z #12 0.791 (6/8) Installing expat (2.4.3-r0)
2022-01-25T14:38:44.0208868Z #12 0.805 (7/8) Installing pcre2 (10.39-r0)
2022-01-25T14:38:44.0209401Z #12 0.823 (8/8) Installing git (2.34.1-r0)
2022-01-25T14:38:44.1679746Z #12 0.964 Executing busybox-1.34.1-r3.trigger
2022-01-25T14:38:44.1680407Z #12 0.973 OK: 26 MiB in 23 packages
2022-01-25T14:38:44.1681344Z #12 DONE 1.1s
2022-01-25T14:38:44.3178499Z 
2022-01-25T14:38:44.3179552Z #13 [gobase 3/3] WORKDIR /src
2022-01-25T14:38:44.3180016Z #13 DONE 0.0s
2022-01-25T14:38:44.3180258Z 
2022-01-25T14:38:44.3181789Z #14 [buildx-version 1/1] RUN --mount=target=.   PKG=github.com/docker/buildx VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always --tags) REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi);   echo "-X ${PKG}/version.Version=${VERSION} -X ${PKG}/version.Revision=${REVISION} -X ${PKG}/version.Package=${PKG}" | tee /tmp/.ldflags;   echo -n "${VERSION}" | tee /tmp/.version;
2022-01-25T14:38:45.0707111Z #14 0.776 -X github.com/docker/buildx/version.Version=11b771c -X github.com/docker/buildx/version.Revision=11b771c789daa8d6c9bc3cf7ba7c86240f382bef -X github.com/docker/buildx/version.Package=github.com/docker/buildx
2022-01-25T14:38:45.0709573Z #14 0.777 11b771c#14 DONE 0.8s
2022-01-25T14:38:45.0710375Z 
2022-01-25T14:38:45.0711570Z #15 [buildx-build 1/1] RUN --mount=type=bind,target=.   --mount=type=cache,target=/root/.cache   --mount=type=cache,target=/go/pkg/mod   --mount=type=bind,source=/tmp/.ldflags,target=/tmp/.ldflags,from=buildx-version   set -x; xx-go build -ldflags "$(cat /tmp/.ldflags) -w -s" -o /usr/bin/buildx ./cmd/buildx &&   xx-verify --static /usr/bin/buildx
2022-01-25T14:38:45.3405275Z #15 0.330 + cat /tmp/.ldflags
2022-01-25T14:38:45.4911259Z #15 0.331 + xx-go build -ldflags '-X github.com/docker/buildx/version.Version=11b771c -X github.com/docker/buildx/version.Revision=11b771c789daa8d6c9bc3cf7ba7c86240f382bef -X github.com/docker/buildx/version.Package=github.com/docker/buildx -w -s' -o /usr/bin/buildx ./cmd/buildx
2022-01-25T14:40:10.7421311Z #15 85.60 + xx-verify --static /usr/bin/buildx
2022-01-25T14:40:11.4514403Z #15 DONE 86.4s
2022-01-25T14:40:11.7510766Z 
2022-01-25T14:40:11.7514272Z #16 [binaries-unix 1/1] COPY --from=buildx-build /usr/bin/buildx /
2022-01-25T14:40:11.9022116Z #16 DONE 0.2s
2022-01-25T14:40:11.9022704Z 
2022-01-25T14:40:11.9023409Z #17 exporting to client
2022-01-25T14:40:11.9024427Z #17 copying files 28B
2022-01-25T14:40:12.1542392Z #17 copying files 47.42MB 0.3s done
2022-01-25T14:40:12.1544460Z #17 DONE 0.3s
2022-01-25T14:40:12.2556193Z Fixing perms
2022-01-25T14:40:12.2558944Z ##[endgroup]
2022-01-25T14:40:12.3530746Z ##[group]Creating a new builder instance
2022-01-25T14:40:12.3579637Z [command]/usr/bin/docker buildx create --name builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b --driver docker-container --buildkitd-flags --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host --use
2022-01-25T14:40:12.4718206Z builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b
2022-01-25T14:40:12.4751120Z ##[endgroup]
2022-01-25T14:40:12.4751976Z ##[group]Booting builder
2022-01-25T14:40:12.4796642Z [command]/usr/bin/docker buildx inspect --bootstrap --builder builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b
2022-01-25T14:40:12.5767675Z #1 [internal] booting buildkit
2022-01-25T14:40:12.7278923Z #1 pulling image moby/buildkit:buildx-stable-1
2022-01-25T14:40:13.0289890Z #1 pulling image moby/buildkit:buildx-stable-1 0.3s done
2022-01-25T14:40:13.0290578Z #1 creating container buildx_buildkit_builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b0
2022-01-25T14:40:14.1445601Z #1 creating container buildx_buildkit_builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b0 1.2s done
2022-01-25T14:40:14.1446247Z #1 DONE 1.6s
2022-01-25T14:40:14.3263740Z Name:   builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b
2022-01-25T14:40:14.3297542Z Driver: docker-container
2022-01-25T14:40:14.3298002Z 
2022-01-25T14:40:14.3298369Z Nodes:
2022-01-25T14:40:14.3299112Z Name:      builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b0
2022-01-25T14:40:14.3299699Z Endpoint:  unix:///var/run/docker.sock
2022-01-25T14:40:14.3299977Z Status:    running
2022-01-25T14:40:14.3478747Z Flags:     --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
2022-01-25T14:40:14.3497205Z Platforms: linux/amd64, linux/386
2022-01-25T14:40:14.3502704Z ##[endgroup]
2022-01-25T14:40:14.3536998Z ##[group]Inspect builder
2022-01-25T14:40:14.5751367Z {
2022-01-25T14:40:14.5755779Z   "name": "builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b",
2022-01-25T14:40:14.5756728Z   "driver": "docker-container",
2022-01-25T14:40:14.5757434Z   "node_name": "builder-2b133952-60bd-4f71-90ab-27cf8bbefc0b0",
2022-01-25T14:40:14.5758253Z   "node_endpoint": "unix:///var/run/docker.sock",
2022-01-25T14:40:14.5758686Z   "node_status": "running",
2022-01-25T14:40:14.5760020Z   "node_flags": "--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host",
2022-01-25T14:40:14.5760864Z   "node_platforms": "linux/amd64,linux/386"
2022-01-25T14:40:14.5761200Z }
2022-01-25T14:40:14.5764327Z ##[endgroup]
2022-01-25T14:40:14.5765222Z ##[group]BuildKit version
2022-01-25T14:40:15.2088651Z moby/buildkit:buildx-stable-1 => buildkitd github.com/moby/buildkit v0.9.3 8d2625494a6a3d413e3d875a2ff7dd9b1ed1b1a9
2022-01-25T14:40:15.2095670Z ##[endgroup]

Logs for failing build

2022-01-25T14:40:15.5210098Z ##[group]Run docker/build-push-action@v2
2022-01-25T14:40:15.5210356Z with:
2022-01-25T14:40:15.5210536Z   context: .
2022-01-25T14:40:15.5210726Z   push: false
2022-01-25T14:40:15.5210900Z   load: true
2022-01-25T14:40:15.5211092Z   tags: builder:latest
2022-01-25T14:40:15.5211293Z   target: builder
2022-01-25T14:40:15.5211519Z   cache-from: type=local,src=/tmp/.buildx-cache
2022-01-25T14:40:15.5211803Z   cache-to: type=local,dest=/tmp/.buildx-cache-new
2022-01-25T14:40:15.5212200Z   build-args: NPM_GITHUB_TOKEN=***
CI=true

2022-01-25T14:40:15.5212423Z   no-cache: false
2022-01-25T14:40:15.5212616Z   pull: false
2022-01-25T14:40:15.5215493Z   github-token: ***
2022-01-25T14:40:15.5217864Z env:
2022-01-25T14:40:15.5218095Z   DOCKER_BUILDKIT: 1
2022-01-25T14:40:15.5218352Z   BUILDKIT_PROGRESS: plain
2022-01-25T14:40:15.5219754Z   COMPOSE_PROJECT_NAME: track-api
2022-01-25T14:40:15.5220146Z ##[endgroup]
2022-01-25T14:40:15.6332115Z ##[group]Docker info
2022-01-25T14:40:15.6388526Z [command]/usr/bin/docker version
2022-01-25T14:40:15.7097220Z Client:
2022-01-25T14:40:15.7098102Z  Version:           20.10.11+azure-3
2022-01-25T14:40:15.7098901Z  API version:       1.41
2022-01-25T14:40:15.7099309Z  Go version:        go1.16.12
2022-01-25T14:40:15.7099794Z  Git commit:        dea9396e184290f638ea873c76db7c80efd5a1d2
2022-01-25T14:40:15.7100115Z  Built:             Wed Nov 17 23:49:46 2021
2022-01-25T14:40:15.7100362Z  OS/Arch:           linux/amd64
2022-01-25T14:40:15.7100617Z  Context:           default
2022-01-25T14:40:15.7100853Z  Experimental:      true
2022-01-25T14:40:15.7101024Z 
2022-01-25T14:40:15.7101219Z Server:
2022-01-25T14:40:15.7101421Z  Engine:
2022-01-25T14:40:15.7101710Z   Version:          20.10.11+azure-3
2022-01-25T14:40:15.7102013Z   API version:      1.41 (minimum version 1.12)
2022-01-25T14:40:15.7102284Z   Go version:       go1.16.12
2022-01-25T14:40:15.7102598Z   Git commit:       847da184ad5048b27f5bdf9d53d070f731b43180
2022-01-25T14:40:15.7102921Z   Built:            Thu Nov 18 00:21:59 2021
2022-01-25T14:40:15.7103334Z   OS/Arch:          linux/amd64
2022-01-25T14:40:15.7103897Z   Experimental:     false
2022-01-25T14:40:15.7104636Z  containerd:
2022-01-25T14:40:15.7104904Z   Version:          1.4.12+azure-2
2022-01-25T14:40:15.7105220Z   GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
2022-01-25T14:40:15.7105486Z  runc:
2022-01-25T14:40:15.7105707Z   Version:          1.0.3
2022-01-25T14:40:15.7106025Z   GitCommit:        f46b6ba2c9314cfc8caae24a32ec5fe9ef1059fe
2022-01-25T14:40:15.7106370Z  docker-init:
2022-01-25T14:40:15.7106612Z   Version:          0.19.0
2022-01-25T14:40:15.7106856Z   GitCommit:        
2022-01-25T14:40:15.7152024Z [command]/usr/bin/docker info
2022-01-25T14:40:15.8440109Z Client:
2022-01-25T14:40:15.8441739Z  Context:    default
2022-01-25T14:40:15.8442498Z  Debug Mode: false
2022-01-25T14:40:15.8444733Z  Plugins:
2022-01-25T14:40:15.8445320Z   buildx: Docker Buildx (Docker Inc., 11b771c)
2022-01-25T14:40:15.8446763Z   compose: Docker Compose (Docker Inc., 2.2.3+azure-1)
2022-01-25T14:40:15.8447225Z 
2022-01-25T14:40:15.8502144Z Server:
2022-01-25T14:40:15.8502411Z  Containers: 7
2022-01-25T14:40:15.8502649Z   Running: 7
2022-01-25T14:40:15.8502860Z   Paused: 0
2022-01-25T14:40:15.8503086Z   Stopped: 0
2022-01-25T14:40:15.8503306Z  Images: 25
2022-01-25T14:40:15.8503646Z  Server Version: 20.10.11+azure-3
2022-01-25T14:40:15.8503921Z  Storage Driver: overlay2
2022-01-25T14:40:15.8504174Z   Backing Filesystem: extfs
2022-01-25T14:40:15.8504444Z   Supports d_type: true
2022-01-25T14:40:15.8504706Z   Native Overlay Diff: false
2022-01-25T14:40:15.8504942Z   userxattr: false
2022-01-25T14:40:15.8505274Z  Logging Driver: json-file
2022-01-25T14:40:15.8505548Z  Cgroup Driver: cgroupfs
2022-01-25T14:40:15.8505780Z  Cgroup Version: 1
2022-01-25T14:40:15.8506011Z  Plugins:
2022-01-25T14:40:15.8506215Z   Volume: local
2022-01-25T14:40:15.8506494Z   Network: bridge host ipvlan macvlan null overlay
2022-01-25T14:40:15.8507017Z   Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
2022-01-25T14:40:15.8507751Z  Swarm: inactive
2022-01-25T14:40:15.8508106Z  Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
2022-01-25T14:40:15.8508466Z  Default Runtime: runc
2022-01-25T14:40:15.8508776Z  Init Binary: docker-init
2022-01-25T14:40:15.8509108Z  containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
2022-01-25T14:40:15.8509490Z  runc version: f46b6ba2c9314cfc8caae24a32ec5fe9ef1059fe
2022-01-25T14:40:15.8509777Z  init version: 
2022-01-25T14:40:15.8510015Z  Security Options:
2022-01-25T14:40:15.8510228Z   apparmor
2022-01-25T14:40:15.8510440Z   seccomp
2022-01-25T14:40:15.8510806Z    Profile: default
2022-01-25T14:40:15.8511127Z  Kernel Version: 5.11.0-1027-azure
2022-01-25T14:40:15.8511416Z  Operating System: Ubuntu 20.04.3 LTS
2022-01-25T14:40:15.8511685Z  OSType: linux
2022-01-25T14:40:15.8511909Z  Architecture: x86_64
2022-01-25T14:40:15.8512140Z  CPUs: 2
2022-01-25T14:40:15.8512347Z  Total Memory: 6.789GiB
2022-01-25T14:40:15.8512653Z  Name: fv-az206-505
2022-01-25T14:40:15.8512965Z  ID: S23R:JP2F:CM6E:5B2G:P6EI:26SI:UTOJ:H7HR:DPQW:ORKY:EQOV:MMBI
2022-01-25T14:40:15.8513268Z  Docker Root Dir: /var/lib/docker
2022-01-25T14:40:15.8513527Z  Debug Mode: false
2022-01-25T14:40:15.8513779Z  Username: githubactions
2022-01-25T14:40:15.8514080Z  Registry: https://index.docker.io/v1/
2022-01-25T14:40:15.8514353Z  Labels:
2022-01-25T14:40:15.8514563Z  Experimental: false
2022-01-25T14:40:15.8514815Z  Insecure Registries:
2022-01-25T14:40:15.8515047Z   127.0.0.0/8
2022-01-25T14:40:15.8515271Z  Live Restore Enabled: false
2022-01-25T14:40:15.8515439Z 
2022-01-25T14:40:15.8515986Z ##[endgroup]
2022-01-25T14:40:16.0617340Z [command]/usr/bin/docker buildx build --build-arg NPM_GITHUB_TOKEN=*** --build-arg CI=true --cache-from type=local,src=/tmp/.buildx-cache --cache-to type=local,dest=/tmp/.buildx-cache-new --iidfile /tmp/docker-build-push-yD9mvG/iidfile --tag builder:latest --target builder --load --metadata-file /tmp/docker-build-push-yD9mvG/metadata-file .
2022-01-25T14:40:16.5241883Z #1 [internal] load build definition from Dockerfile
2022-01-25T14:40:16.5242293Z #1 transferring dockerfile: 42B done
2022-01-25T14:40:16.5242773Z #1 ERROR: error from sender: open .data/db/mysql: permission denied
2022-01-25T14:40:16.5243288Z ------
2022-01-25T14:40:16.5243529Z  > [internal] load build definition from Dockerfile:
2022-01-25T14:40:16.5243983Z ------
2022-01-25T14:40:16.5244773Z time="2022-01-25T14:40:16Z" level=warning msg="local cache import at /tmp/.buildx-cache not found due to err: could not read /tmp/.buildx-cache/index.json: open /tmp/.buildx-cache/index.json: no such file or directory" spanID=d6bfba8ab9e6a7d1 traceID=63c6f46357b80a07d4f72449f0e57695
2022-01-25T14:40:16.5257434Z error: failed to solve: failed to read dockerfile: error from sender: open .data/db/mysql: permission denied
2022-01-25T14:40:16.5422749Z ##[error]buildx failed with: error: failed to solve: failed to read dockerfile: error from sender: open .data/db/mysql: permission denied

[crazy-max]

@danilofuchs Can you share the link to your repo or is it private? If so, can you create a public repo with a simple repro? I must have miss something on my side.

[danilofuchs]

It is private. I will try to create a repro later

[danilofuchs]

@crazy-max Here is a failing GH action run using the latest commit:

https://github.com/danilofuchs/docker-buildx-issue-883-repro/runs/4982221022?check_suite_focus=true