Docker fix - BuildKit is enabled but the buildx component is missing or broken (#478)

* Docker fix - BuildKit is enabled but the buildx component is missing or broken * nit * fix test

Docker fix - BuildKit is enabled but the buildx component is missing or broken (#478)
* Docker fix - BuildKit is enabled but the buildx component is missing or broken * nit * fix test
de1e634a · Samruddhi Khandale · GitHub · fe449253 · de1e634a · de1e634a
Unverified Commit de1e634a authored Mar 08, 2023 by Samruddhi Khandale Committed by GitHub Mar 08, 2023
14 changed files
--- a/src/docker-in-docker/devcontainer-feature.json
+++ b/src/docker-in-docker/devcontainer-feature.json
 {
    "id": "docker-in-docker",
-    "version": "2.0.1",
+    "version": "2.1.0",
    "name": "Docker (Docker-in-Docker)",
    "documentationURL": "https://github.com/devcontainers/features/tree/main/src/docker-in-docker",
    "description": "Create child containers *inside* a container, independent from the host's docker instance. Installs Docker extension in the container along with needed CLIs.",
@@ -39,6 +39,11 @@
            "default": "",
            "proposals": [],
            "description": "Define default address pools for Docker networks. e.g. base=192.168.0.0/16,size=24"
+        },
+        "installDockerBuildx": {
+            "type": "boolean",
+            "default": true,
+            "description": "Install Docker Buildx"
        }
    },
    "entrypoint": "/usr/local/share/docker-init.sh",

--- a/src/docker-in-docker/install.sh
+++ b/src/docker-in-docker/install.sh
@@ -13,10 +13,8 @@ USE_MOBY="${MOBY:-"true"}"
 DOCKER_DASH_COMPOSE_VERSION="${DOCKERDASHCOMPOSEVERSION:-"v1"}" # v1 or v2
 AZURE_DNS_AUTO_DETECTION="${AZUREDNSAUTODETECTION:-"true"}"
 DOCKER_DEFAULT_ADDRESS_POOL="${DOCKERDEFAULTADDRESSPOOL}"
-ENABLE_NONROOT_DOCKER="${ENABLE_NONROOT_DOCKER:-"true"}"
 USERNAME="${USERNAME:-"${_REMOTE_USER:-"automatic"}"}"
+INSTALL_DOCKER_BUILDX="${INSTALLDOCKERBUILDX:-"true"}"
 MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
 DOCKER_MOBY_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal jammy"
 DOCKER_LICENSED_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal hirsute impish jammy"
@@ -158,7 +156,7 @@ else
 fi
 # Install dependencies
-check_packages apt-transport-https curl ca-certificates pigz iptables gnupg2 dirmngr
+check_packages apt-transport-https curl ca-certificates pigz iptables gnupg2 dirmngr wget
 if ! type git > /dev/null 2>&1; then
    check_packages git
 fi
@@ -307,13 +305,27 @@ if [ -f "/usr/local/share/docker-init.sh" ]; then
 fi
 echo "docker-init doesn't exist, adding..."
-# Add user to the docker group
+if ! cat /etc/group | grep -e "^docker:" > /dev/null 2>&1; then
-if [ "${ENABLE_NONROOT_DOCKER}" = "true" ]; then
+        groupadd -r docker
-    if ! getent group docker > /dev/null 2>&1; then
+fi
-        groupadd docker
-    fi
+usermod -aG docker ${USERNAME}
+if [ "${INSTALL_DOCKER_BUILDX}" = "true" ]; then
+    buildx_version="latest"
+    find_version_from_git_tags buildx_version "https://github.com/docker/buildx" "refs/tags/v"
+    echo "(*) Installing buildx ${buildx_version}..."
+    buildx_file_name="buildx-v${buildx_version}.linux-${architecture}"
+    cd /tmp && wget "https://github.com/docker/buildx/releases/download/v${buildx_version}/${buildx_file_name}"
+    mkdir -p ${_REMOTE_USER_HOME}/.docker/cli-plugins
+    mv ${buildx_file_name} ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+    chmod +x ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
-    usermod -aG docker ${USERNAME}
+    chown -R "${USERNAME}:docker" "${_REMOTE_USER_HOME}/.docker"
+    chmod -R g+r+w "${_REMOTE_USER_HOME}/.docker"
+    find "${_REMOTE_USER_HOME}/.docker" -type d -print0 | xargs -n 1 -0 chmod g+s
 fi
 tee /usr/local/share/docker-init.sh > /dev/null \

--- a/src/docker-outside-of-docker/devcontainer-feature.json
+++ b/src/docker-outside-of-docker/devcontainer-feature.json
 {
    "id": "docker-outside-of-docker",
-    "version": "1.0.10",
+    "version": "1.1.0",
    "name": "Docker (docker-outside-of-docker)",
    "documentationURL": "https://github.com/devcontainers/features/tree/main/src/docker-outside-of-docker",
    "description": "Re-use the host docker socket, adding the Docker CLI to a container. Feature invokes a script to enable using a forwarded Docker socket within a container to run Docker commands.",
@@ -28,6 +28,11 @@
            ],
            "default": "v1",
            "description": "Compose version to use for docker-compose (v1 or v2)"
+        },
+        "installDockerBuildx": {
+            "type": "boolean",
+            "default": true,
+            "description": "Install Docker Buildx"
        }
    },
    "entrypoint": "/usr/local/share/docker-init.sh",

--- a/src/docker-outside-of-docker/install.sh
+++ b/src/docker-outside-of-docker/install.sh
@@ -15,6 +15,7 @@ ENABLE_NONROOT_DOCKER="${ENABLE_NONROOT_DOCKER:-"true"}"
 SOURCE_SOCKET="${SOURCE_SOCKET:-"/var/run/docker-host.sock"}"
 TARGET_SOCKET="${TARGET_SOCKET:-"/var/run/docker.sock"}"
 USERNAME="${USERNAME:-"${_REMOTE_USER:-"automatic"}"}"
+INSTALL_DOCKER_BUILDX="${INSTALLDOCKERBUILDX:-"true"}"
 MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
 DOCKER_MOBY_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal jammy"
@@ -116,7 +117,7 @@ find_version_from_git_tags() {
 export DEBIAN_FRONTEND=noninteractive
 # Install dependencies
-check_packages apt-transport-https curl ca-certificates gnupg2 dirmngr
+check_packages apt-transport-https curl ca-certificates gnupg2 dirmngr wget
 if ! type git > /dev/null 2>&1; then
    check_packages git
 fi
@@ -254,6 +255,29 @@ else
    update-alternatives --set docker-compose /usr/local/bin/compose-switch
 fi
+# Setup a docker group in the event the docker socket's group is not root
+if ! grep -qE '^docker:' /etc/group; then
+    groupadd --system docker
+fi
+usermod -aG docker "${USERNAME}"
+if [ "${INSTALL_DOCKER_BUILDX}" = "true" ]; then
+    buildx_version="latest"
+    find_version_from_git_tags buildx_version "https://github.com/docker/buildx" "refs/tags/v"
+    echo "(*) Installing buildx ${buildx_version}..."
+    buildx_file_name="buildx-v${buildx_version}.linux-${architecture}"
+    cd /tmp && wget "https://github.com/docker/buildx/releases/download/v${buildx_version}/${buildx_file_name}"
+    mkdir -p ${_REMOTE_USER_HOME}/.docker/cli-plugins
+    mv ${buildx_file_name} ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+    chmod +x ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+    chown -R "${USERNAME}:docker" "${_REMOTE_USER_HOME}/.docker"
+    chmod -R g+r+w "${_REMOTE_USER_HOME}/.docker"
+    find "${_REMOTE_USER_HOME}/.docker" -type d -print0 | xargs -n 1 -0 chmod g+s
+fi
 # If init file already exists, exit
 if [ -f "/usr/local/share/docker-init.sh" ]; then
    # Clean up
@@ -277,11 +301,6 @@ if [ "${ENABLE_NONROOT_DOCKER}" = "false" ] || [ "${USERNAME}" = "root" ]; then
    exit 0
 fi
-# Setup a docker group in the event the docker socket's group is not root
-if ! grep -qE '^docker:' /etc/group; then
-    groupadd --system docker
-fi
-usermod -aG docker "${USERNAME}"
 DOCKER_GID="$(grep -oP '^docker:x:\K[^:]+' /etc/group)"
 # If enabling non-root access and specified user is found, setup socat and add script

--- a/test/docker-in-docker/Dockerfile
+++ b/test/docker-in-docker/Dockerfile
+FROM ubuntu:focal
--- a/test/docker-in-docker/docker_build.sh
+++ b/test/docker-in-docker/docker_build.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-in-docker/docker_build_2.sh
+++ b/test/docker-in-docker/docker_build_2.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-in-docker/docker_build_older.sh
+++ b/test/docker-in-docker/docker_build_older.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-in-docker/scenarios.json
+++ b/test/docker-in-docker/scenarios.json
@@ -25,5 +25,38 @@
                "azureDnsAutoDetection": false
            }
        }
+    },
+    "docker_build": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-in-docker": {
+                "version": "latest",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
+    },
+    "docker_build_2": {
+        "image": "ubuntu:focal",
+        "features": {
+            "docker-in-docker": {
+                "version": "latest",
+                "installDockerBuildx": true,
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        }
+    },
+    "docker_build_older": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-in-docker": {
+                "version": "20",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
    }
 }
\ No newline at end of file
--- a/test/docker-outside-of-docker/Dockerfile
+++ b/test/docker-outside-of-docker/Dockerfile
+FROM ubuntu:jammy
--- a/test/docker-outside-of-docker/docker_build.sh
+++ b/test/docker-outside-of-docker/docker_build.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-outside-of-docker/docker_build_2.sh
+++ b/test/docker-outside-of-docker/docker_build_2.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-outside-of-docker/docker_build_older.sh
+++ b/test/docker-outside-of-docker/docker_build_older.sh
+#!/bin/bash
+set -e
+# Optional: Import test library
+source dev-container-features-test-lib
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+# Report result
+reportResults
--- a/test/docker-outside-of-docker/scenarios.json
+++ b/test/docker-outside-of-docker/scenarios.json
@@ -7,5 +7,38 @@
                "version": "latest"
            }
        }
+    },
+    "docker_build": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-outside-of-docker": {
+                "version": "latest",
+                "installDockerBuildx": true,
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
+    },
+    "docker_build_2": {
+        "image": "ubuntu:focal",
+        "features": {
+            "docker-outside-of-docker": {
+                "version": "latest",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        }
+    },
+    "docker_build_older": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-outside-of-docker": {
+                "version": "20",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
    }
 }