Image inspection fails on built container image
This document (000021489) is provided subject to the disclaimer at the end of this document.
Environment
Situation
The Inspect image event summary:
System History Event Summary: Image Inspect ******/systemen/kubernetes/sumabuilder/*****scheduled by ****** Details: This action will be executed after 6/3/24 5:01:05 PM CEST This action's status is: Completed. The client completed this action on 6/3/24 5:01:58 PM CEST Client execution returned Module function docker.sls_build threw an exception. Exception: /var/tmp/venv-salt-minion/lib64/python3.10/site-packages/salt/states/x509.py:212: DeprecationWarning: The x509 modules are deprecated. Please migrate to the replacement modules (x509_v2). They are the default from Salt 3008 (Argon) onwards. salt.utils.versions.warn_until( (code 2)
Resolution
Following workaround fixes errors with image inspection and adding packages into the image
1) Below lines needs to be placed before "USER app" within the Docker file that is used to build the image.
RUN mkdir -p /var/cache/venv-salt-minion RUN chmod 777 /var/cache/venv-salt-minion
2) There is also another requirement missing for the salt-bundle within the container and that is package libexpat1. Package needs to be installed manually later when the container is triggered from the image.
Cause
The root cause of the issue is impossibility to create /var/cache/venv-salt-minion directory by the salt-bundle as the default user inside the container is set to app so app user is used by salt to inspect the image.
Status
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021489
- Creation Date: 11-Jul-2024
- Modified Date:31-Jul-2024
-
- SUSE Manager Server
- SUSE Manager
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com