Develop Reference

How does one initialize opam inside a Dockerfile?

I've created Docker images with opam before, but I don't know why this one is not working. I start from an image that already has opam, but that doesn't seem to work.
Dockerfile:
FROM continuumio/miniconda3
#FROM ocaml/opam:latest
FROM ruby:3.1.2
MAINTAINER Brando Miranda "brandojazz#gmail.com"
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
ssh \
git \
m4 \
libgmp-dev \
wget \
ca-certificates \
rsync \
strace \
gcc \
rlwrap \
sudo \
lsb-release \
opam
# RUN apt-get clean all
# - This most likely won't work. For now I don't have a solution for a Ruby on Docker container Ubuntu: https://stackoverflow.com/questions/74695464/why-cant-i-install-ruby-3-1-2-in-linux-docker-container?noredirect=1#comment131843536_74695464
#RUN apt-get install -y --no-install-recommends rbenv
#RUN apt-get install -y --no-install-recommends ruby-build
#RUN apt-get install -y --no-install-recommends ruby-full
#RUN rbenv install 3.1.2
#RUN rbenv global 3.1.2
# https://github.com/giampaolo/psutil/pull/2103
RUN useradd -m bot
# format for chpasswd user_name:password
RUN echo "bot:bot" | chpasswd
RUN adduser bot sudo
WORKDIR /home/bot
USER bot
ADD https://api.github.com/repos/IBM/pycoq/git/refs/heads/main version.json
# -- setup opam like VP's PyCoq
# https://stackoverflow.com/questions/74711264/how-does-one-initialize-opam-inside-a-dockerfile
RUN opam init --disable-sandboxing
Error:
(meta_learning) brandomiranda~/pycoq ❯ docker build -t brandojazz/pycoq:latest_arm .
[+] Building 8.6s (12/34)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.56kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ruby:3.1.2 0.0s
=> CACHED [stage-1 1/30] FROM docker.io/library/ruby:3.1.2 0.0s
=> CACHED https://api.github.com/repos/IBM/pycoq/git/refs/heads/main 0.0s
=> [stage-1 2/30] RUN apt-get update && apt-get install -y --no-install-recommends ssh git m4 libgmp-dev wget ca-cert 3.8s
=> [stage-1 3/30] RUN useradd -m bot 0.3s
=> [stage-1 4/30] RUN echo "bot:bot" | chpasswd 0.3s
=> [stage-1 5/30] RUN adduser bot sudo 0.3s
=> [stage-1 6/30] WORKDIR /home/bot 0.0s
=> [stage-1 7/30] ADD https://api.github.com/repos/IBM/pycoq/git/refs/heads/main version.json 0.0s
=> ERROR [stage-1 8/30] RUN opam init --disable-sandboxing 3.7s
------
> [stage-1 8/30] RUN opam init --disable-sandboxing:
#12 0.123 [NOTE] Will configure from built-in defaults.
#12 0.127 Checking for available remotes: rsync and local, git, mercurial.
#12 0.132 - you won't be able to use darcs repositories unless you install the darcs command on your system.
#12 0.132
#12 0.141
#12 0.141 <><> Fetching repository information ><><><><><><><><><><><><><><><><><><><><><>
#12 3.718 [ERROR] Could not update repository "default": Failed to extract archive /tmp/opam-7-6d07ae/index.tar.gz: "/bin/tar xfz /tmp/opam-7-6d07ae/index.tar.gz -C /home/bot/.opam/repo/default.new" exited with code 2
#12 3.718 [ERROR] Initial download of repository failed
------
executor failed running [/bin/sh -c opam init --disable-sandboxing]: exit code: 40
How do I fix this?

Error when installing NodeJS from a Debian repo in a Docker image?

I have the following Dockerfile
FROM openjdk:8-jdk
ARG bitbucket_user
ARG bitbucket_password
# Install packages
RUN apt-get update -y \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
apt-transport-https \
lsb-release \
&& curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - \
&& echo "deb https://deb.nodesource.com/node_6.x `lsb_release -c -s` main" > /etc/apt/sources.list.d/nodesource.list \
&& apt-get update -y
When I run
docker build -t url/image_name --no-cache --build-arg bitbucket_user=user --build-arg bitbucket_password=pw .
I get
5 4.868 Hit:1 http://deb.debian.org/debian bullseye InRelease
#5 4.868 Hit:2 http://security.debian.org/debian-security bullseye-security InRelease
#5 4.875 Hit:3 http://deb.debian.org/debian bullseye-updates InRelease
#5 5.743 Ign:4 https://deb.nodesource.com/node_6.x bullseye InRelease
#5 6.385 Err:5 https://deb.nodesource.com/node_6.x bullseye Release
#5 6.385 404 Not Found [IP: 23.62.230.111 443]
#5 6.394 Reading package lists...
#5 6.909 E: The repository 'https://deb.nodesource.com/node_6.x bullseye Release' does not have a Release file.
Sure enough if I omit the last line, i.e., apt-get update -y, I can build the image, and then do this neat trick to get into the image
docker run -it url/image_name sh
...and can then do apt-get update -y once inside the image, and get the same result. What's the fix for this?

Docker Alpine: unable to select packages: python (no such package) while building image for ARM

I have Node.js app that uses SQLite database. To use it on ARM architecture, I need to build sqlite3 binaries so I need some packages while building Docker image.
Here is my Dockerfile:
FROM node:14-alpine as builder
WORKDIR /app
COPY package*.json ./
RUN apk update \
&& apk --no-cache --virtual build-dependencies add python make g++ \
&& npm install --production
COPY . .
RUN mkdir -p ./public ./data \
&& cd ./client \
&& npm install --production \
&& npm run build \
&& cd .. \
&& mv ./client/build/* ./public \
&& rm -rf ./client \
&& apk del build-dependencies
FROM node:14-alpine
COPY --from=builder /app /app
WORKDIR /app
EXPOSE 5005
ENV NODE_ENV=production
CMD ["node", "server.js"]
I've been using it for 6 months and it was working fine but now it throws this error:
> [linux/amd64 builder 4/6] RUN apk update && apk --no-cache --virtual build-dependencies add python make g++ && npm install --production:
#10 0.166 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
#10 0.503 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
#10 1.141 v3.14.2-123-g010734651f [https://dl-cdn.alpinelinux.org/alpine/v3.14/main]
#10 1.141 v3.14.2-120-g90167408c8 [https://dl-cdn.alpinelinux.org/alpine/v3.14/community]
#10 1.141 OK: 14943 distinct packages available
#10 1.216 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
#10 1.476 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
#10 1.936 ERROR: unable to select packages:
#10 1.989 python (no such package):
#10 1.989 required by: build-dependencies-20211108.132318[python]
------
Dockerfile.multiarch:7
--------------------
6 |
7 | >>> RUN apk update \
8 | >>> && apk --no-cache --virtual build-dependencies add python make g++ \
9 | >>> && npm install --production
10 |
--------------------
error: failed to solve: process "/bin/sh -c apk update && apk --no-cache --virtual build-dependencies
add python make g++ && npm install --production"
did not complete successfully: exit code: 2
I tried to specific python version like so: ... add python3 make .... It passes this step but I'm getting this error while building sqlite3 binaries:
#20 392.8 make: Entering directory '/app/node_modules/sqlite3/build'
#20 392.8 CC(target) Release/obj.target/nothing/../node-addon-api/nothing.o
#20 393.6 AR(target) Release/obj.target/../node-addon-api/nothing.a
#20 393.8 COPY Release/nothing.a
#20 394.0 ACTION deps_sqlite3_gyp_action_before_build_target_unpack_sqlite_dep Release/obj/gen/sqlite-autoconf-3340000/sqlite3.c
#20 394.1 /bin/sh: python: not found
#20 394.1 make: *** [deps/action_before_build.target.mk:13: Release/obj/gen/sqlite-autoconf-3340000/sqlite3.c] Error 127
#20 394.1 make: Leaving directory '/app/node_modules/sqlite3/build'

RUN apk add --no-cache --virtual .gyp python3 make g++

We hit the same error and in our case explicitly targeting python3 seems to fix it. I asked on IRC, did not find out yet why python is not working anymore, but was told that python2 still provides /usr/bin/python.
So maybe you actually need python2?

Why does my Dockerfile block from executing?

Dockerfile:
FROM continuumio/miniconda:latest
ENV LANG=C.UTF-8 LC_ALL=C.UTF-8
RUN apt-get --allow-releaseinfo-change update && apt-get upgrade -y && apt-get install -qqy \
wget \
bzip2 \
graphviz \
curl
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && apt-get install -y nodejs && apt-get install -y npm
RUN mkdir -p /backend
COPY ./backend/requirements.yml /backend/requirements.yml
RUN /opt/conda/bin/conda env create -f /backend/requirements.yml
ENV PATH /opt/conda/envs/dacheting_backend/bin:$PATH
RUN echo "source activate dacheting_backend" >~/.bashrc
RUN mkdir -p /scripts
COPY ./scripts /scripts
RUN chmod +x ./scripts*
COPY ./backend /backend
RUN mkdir -p /frontend
RUN mkdir -p /frontend_tmp
COPY ./frontend /frontend_tmp
WORKDIR frontend_tmp
RUN npm i
RUN npm run build
WORKDIR /backend
and when I try to run docker build -t xxxx:latest . I get the following error:
ERROR [ 3/18] RUN curl -sL https://deb.nodesource.com/setup_14.x |
bash - && apt-get install -y 52.2s
------ Depends: node-write-file-atomic (>= 2.3~) but it is not going to be installed E: Unable to correct problems, you have held broken packages.
(I get alot of other "Depends: .... but it is nog going to be
installed" as well)
--
I've tried looking for solutions and used different aspects but nothing worked.

I tried with this version with a few minor changes:
FROM continuumio/miniconda:latest
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
RUN apt-get update --allow-releaseinfo-change \
&& apt-get install --assume-yes --no-install-recommends --quiet \
curl \
lsb-release \
gnupg \
&& apt-get clean all
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
&& apt-get install --assume-yes --no-install-recommends --quiet \
nodejs
and found no problem.
Output:
$ docker build -t stackoverflow -f Dockerfile.curl
STEP 1/5: FROM continuumio/miniconda:latest
STEP 2/5: ENV LANG=C.UTF-8
--> Using cache f8fc7d943e2c988c66c1048d2524de30c010244b02390f561aae07e234a924bf
--> f8fc7d943e2
STEP 3/5: ENV LC_ALL=C.UTF-8
--> Using cache b6df639a53a673fda399433b9771b04463c232b7f6b59510ac7dc9e0db8c9cb9
--> b6df639a53a
STEP 4/5: RUN apt-get update --allow-releaseinfo-change && apt-get install --assume-yes --no-install-recommends --quiet curl lsb-release gnupg && apt-get clean all
Get:1 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
[...]
STEP 5/5: RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && apt-get install --assume-yes --no-install-recommends --quiet nodejs
## Installing the NodeSource Node.js 14.x repo...
## Populating apt-get cache...
+ apt-get update
Hit:1 http://security.debian.org/debian-security buster/updates InRelease
Hit:2 http://deb.debian.org/debian buster InRelease
Hit:3 http://deb.debian.org/debian buster-updates InRelease
Reading package lists...
## Confirming "buster" is supported...
+ curl -sLf -o /dev/null 'https://deb.nodesource.com/node_14.x/dists/buster/Release'
## Adding the NodeSource signing key to your keyring...
+ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | tee /usr/share/keyrings/nodesource.gpg >/dev/null
## Creating apt sources list file for the NodeSource Node.js 14.x repo...
+ echo 'deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_14.x buster main' > /etc/apt/sources.list.d/nodesource.list
+ echo 'deb-src [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_14.x buster main' >> /etc/apt/sources.list.d/nodesource.list
## Running `apt-get update` for you...
+ apt-get update
Hit:1 http://deb.debian.org/debian buster InRelease
Hit:2 http://security.debian.org/debian-security buster/updates InRelease
Hit:3 http://deb.debian.org/debian buster-updates InRelease
Get:4 https://deb.nodesource.com/node_14.x buster InRelease [4584 B]
Get:5 https://deb.nodesource.com/node_14.x buster/main amd64 Packages [768 B]
Fetched 5352 B in 1s (3748 B/s)
Reading package lists...
## Run `sudo apt-get install -y nodejs` to install Node.js 14.x and npm
## You may also need development tools to build native addons:
sudo apt-get install gcc g++ make
## To install the Yarn package manager, run:
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn
Reading package lists...
Building dependency tree...
Reading state information...
The following NEW packages will be installed:
nodejs
0 upgraded, 1 newly installed, 0 to remove and 62 not upgraded.
Need to get 25.0 MB of archives.
After this operation, 122 MB of additional disk space will be used.
Get:1 https://deb.nodesource.com/node_14.x buster/main amd64 nodejs amd64 14.18.1-deb-1nodesource1 [25.0 MB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 25.0 MB in 6s (4055 kB/s)
Selecting previously unselected package nodejs.
(Reading database ... 13510 files and directories currently installed.)
Preparing to unpack .../nodejs_14.18.1-deb-1nodesource1_amd64.deb ...
Unpacking nodejs (14.18.1-deb-1nodesource1) ...
Setting up nodejs (14.18.1-deb-1nodesource1) ...
COMMIT stackoverflow
--> c9d22106329
Successfully tagged localhost/stackoverflow:latest
c9d2210632965f49408570dd2808cf8dfbe50d19ffce58972865a9a9e0a6d93b

Rootless docker causes "failed to resolve address for github.com"

In my dockerfile i'm installing cryptography python dependency however when building wheel from rootless docker i'm getting following error:
...
generating cffi module 'build/temp.linux-x86_64-3.7/_openssl.c'
running build_rust
Updating crates.io index
warning: spurious network error (2 tries remaining): failed to resolve address for github.com: Name does not resolve; class=Net (12)
warning: spurious network error (1 tries remaining): failed to resolve address for github.com: Name does not resolve; class=Net (12)
error: failed to get `pyo3` as a dependency of package `cryptography-rust v0.1.0 (/tmp/pip-install-h22hlaqn/cryptography_a2037904c10949639ccf8a3b2519f187/src/rust)`
Caused by:
failed to fetch `https://github.com/rust-lang/crates.io-index`
Caused by:
network failure seems to have happened
if a proxy or similar is necessary `net.git-fetch-with-cli` may help here
https://doc.rust-lang.org/cargo/reference/config.html#netgit-fetch-with-cli
Caused by:
failed to resolve address for github.com: Name does not resolve; class=Net (12)
=============================DEBUG ASSISTANCE=============================
If you are seeing a compilation error please try the following steps to
successfully install cryptography:
1) Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
2) Read https://cryptography.io/en/latest/installation.html for specific
instructions for your platform.
3) Check our frequently asked questions for more information:
https://cryptography.io/en/latest/faq.html
4) Ensure you have a recent Rust toolchain installed:
https://cryptography.io/en/latest/installation.html#rust
5) If you are experiencing issues with Rust for *this release only* you may
set the environment variable `CRYPTOGRAPHY_DONT_BUILD_RUST=1`.
=============================DEBUG ASSISTANCE=============================
...
The strangest thing that the same dockerfile compiles absolutely successfully when built from root user.
I'm using the most recent docker version on arch linux and have tried following instructions here: https://docs.docker.com/engine/security/rootless/ and installing AUR and in both cases had no luck.
That's my docker file:
FROM python:3.7-alpine
ENV LANG C.UTF-8
RUN apk update \
&& apk add --virtual build-deps gcc g++ musl-dev python3 python3-dev autoconf automake linux-headers make libffi-dev openssl-dev \
&& apk add --no-cache bash postgresql-dev libxml2-dev libxslt-dev jpeg-dev zlib-dev freetype-dev lcms2-dev openjpeg-dev tiff-dev tk-dev tcl-dev git openssh-client rust cargo
RUN mkdir -p /opt/carryall/app
RUN mkdir -p /opt/carryall/static
RUN mkdir -p /opt/carryall/media
WORKDIR /opt/carryall/app
RUN mkdir /root/.ssh/
ADD id_rsa /root/.ssh/id_rsa_temp
RUN cat /root/.ssh/id_rsa_temp | tr -d '\r' > /root/.ssh/id_rsa
RUN chmod 400 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts
ADD requirements.txt /opt/carryall/app/
RUN pip install --no-cache-dir -r /opt/carryall/app/requirements.txt
RUN apk del --purge build-deps \
&& rm -rf /root/.cache /tmp/*
ADD . /opt/carryall/app