I am using dockerTool.pullImage and dockerTool.buildLayeredImage for building Docker image in Nix, but I find that binaries in the built image will gives No such file or directory, even if the file exists.
Let say I am using the image of playwright and run these:
docker pull mcr.microsoft.com/playwright:v1.17.1
docker run --rm -it mcr.microsoft.com/playwright:v1.17.1 /bin/bash
/ms-playwright/chromium-939194/chrome-linux/chrome
I will get this:
[13:13:1230/224452.949641:ERROR:zygote_host_impl_linux.cc(90)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
But if I use that as an base image like this:
{ pkgs, package, fix-playwright-browsers, ... }:
let
playwright = pkgs.dockerTools.pullImage {
imageName = "mcr.microsoft.com/playwright";
imageDigest = "sha256:f08e263c95e83334104e6e2fee047ad92062a03af6ae94c0f8686ba2b3014823";
sha256 = "sha256-Xw6kslYNmBjNFcmz63eSHTMn7b/zlLqWjvCqrwOQJYI=";
};
in pkgs.dockerTools.buildLayeredImage {
name = "portfolio-pdf";
tag = "latest";
fromImage = playwright;
contents = with pkgs; [ nodejs-16_x bash coreutils ];
config = {
Cmd = [ "/bin/echo" "hello" ];
};
}
And run this(omitting the flake part that hold this derivation):
nix build .#image
docker load < result
/ms-playwright/chromium-939194/chrome-linux/chrome
It will give this:
bash: /ms-playwright/chromium-939194/chrome-linux/chrome: No such file or directory
But the executable is right over there:
\[\]root@7316b43f27b7:/# /bin/ls -al /ms-playwright/chromium-939194/chrome-linux/chrome
-rwxrwxrwx 1 root root 304888584 Dec 2 05:19 /ms-playwright/chromium-939194/chrome-linux/chrome
Why would something like this happen? This somehow applies to all binaries of that image, and I have to use full path for /bin/ls, even though $PATH included /bin.
That image is built with Ubuntu and in x86 as well. I am not sure what went wrong and how to debug this.