Allow Docker Image "--privileged" Flag to Register qemu-*-static

Issue #15317 open
f4b1en
created an issue

Please allow --privileged flag to build multiarch docker images. According to this article, it is possible with Github + Travis : http://blog.hypriot.com/post/setup-simple-ci-pipeline-for-arm-images/

Register qemu-*-static for all supported processors except the current one docker run --rm --privileged multiarch/qemu-user-static:register

Currently, the following error is return when running the pipeline: + docker run --rm --privileged multiarch/qemu-user-static:register --reset docker: Error response from daemon: authorization denied by plugin pipelines: Command not supported. See 'docker run --help'.

Thanks

Comments (5)

  1. Aneita Yang staff
    • changed status to open

    Thanks for raising this.

    The privileged flag means that Docker will allow access to all other builds on the machine. For security reasons, we currently don't support this. We will need to do additional investigation to determine whether this is something that Pipelines will support in future. However, the team are currently working on other higher priority features, so this isn't something that we'll be working on anytime soon.

    In the meantime, I'll open this issue to gauge the interest of other users on this functionality.

    Thanks,
    Aneita

  2. Ryan Ramchandar

    This is a highly desired feature for us. We can avoid the --privileged command by running the QEMU files directly.

    I've attempted to do that below but am given an error when one of the scripts calls mount:

    bitbucket-pipelines.yml:

    # enable Docker for all steps
    options:
      docker: true
    
    pipelines:
      custom: # Pipelines that are triggered manually
        deploy-openhab:
          - step:
              script:
                - docker version
                # QEMU setup (for cross platform compilation)
                # unsupported --> docker run --rm --privileged multiarch/qemu-user-static:register
                - wget https://raw.githubusercontent.com/multiarch/qemu-user-static/master/register/register.sh
                - wget https://raw.githubusercontent.com/multiarch/qemu-user-static/master/register/qemu-binfmt-conf.sh
                - chmod +x register.sh qemu-binfmt-conf.sh
                - ./register.sh
                # Build for each architecture
                - docker build arm64/ -t image-arm64
                - docker build amd64/ -t image-amd64
                # Push to registry
                - docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD
                - docker push image-arm64
                - docker push image-amd64
    

    Build fails with:

    + ./register.sh
    mount: permission denied
    ./register.sh: 31: exec: /qemu-binfmt-conf.sh: not found
    
  3. Log in to comment