Docker fix - BuildKit is enabled but the buildx component is missing or broken (#478)

* Docker fix - BuildKit is enabled but the buildx component is missing or broken

* nit

* fix test

Author: samruddhikhandale

src/docker-in-docker/devcontainer-feature.json

@@ -1,6 +1,6 @@
 {
     "id": "docker-in-docker",
-    "version": "2.0.1",
+    "version": "2.1.0",
     "name": "Docker (Docker-in-Docker)",
     "documentationURL": "https://github.com/devcontainers/features/tree/main/src/docker-in-docker",
     "description": "Create child containers *inside* a container, independent from the host's docker instance. Installs Docker extension in the container along with needed CLIs.",
@@ -39,6 +39,11 @@
             "default": "",
             "proposals": [],
             "description": "Define default address pools for Docker networks. e.g. base=192.168.0.0/16,size=24"
+        },
+        "installDockerBuildx": {
+            "type": "boolean",
+            "default": true,
+            "description": "Install Docker Buildx"
         }
     },
     "entrypoint": "/usr/local/share/docker-init.sh",

src/docker-in-docker/install.sh

@@ -13,10 +13,8 @@ USE_MOBY="${MOBY:-"true"}"
 DOCKER_DASH_COMPOSE_VERSION="${DOCKERDASHCOMPOSEVERSION:-"v1"}" # v1 or v2
 AZURE_DNS_AUTO_DETECTION="${AZUREDNSAUTODETECTION:-"true"}"
 DOCKER_DEFAULT_ADDRESS_POOL="${DOCKERDEFAULTADDRESSPOOL}"
-
-ENABLE_NONROOT_DOCKER="${ENABLE_NONROOT_DOCKER:-"true"}"
 USERNAME="${USERNAME:-"${_REMOTE_USER:-"automatic"}"}"
-
+INSTALL_DOCKER_BUILDX="${INSTALLDOCKERBUILDX:-"true"}"
 MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
 DOCKER_MOBY_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal jammy"
 DOCKER_LICENSED_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal hirsute impish jammy"
@@ -158,7 +156,7 @@ else
 fi
 
 # Install dependencies
-check_packages apt-transport-https curl ca-certificates pigz iptables gnupg2 dirmngr
+check_packages apt-transport-https curl ca-certificates pigz iptables gnupg2 dirmngr wget
 if ! type git > /dev/null 2>&1; then
     check_packages git
 fi
@@ -307,13 +305,27 @@ if [ -f "/usr/local/share/docker-init.sh" ]; then
 fi
 echo "docker-init doesn't exist, adding..."
 
-# Add user to the docker group
-if [ "${ENABLE_NONROOT_DOCKER}" = "true" ]; then
-    if ! getent group docker > /dev/null 2>&1; then
-        groupadd docker
-    fi
+if ! cat /etc/group | grep -e "^docker:" > /dev/null 2>&1; then
+        groupadd -r docker
+fi
+
+usermod -aG docker ${USERNAME}
+
+if [ "${INSTALL_DOCKER_BUILDX}" = "true" ]; then
+    buildx_version="latest"
+    find_version_from_git_tags buildx_version "https://github.com/docker/buildx" "refs/tags/v"
+
+    echo "(*) Installing buildx ${buildx_version}..."
+    buildx_file_name="buildx-v${buildx_version}.linux-${architecture}"
+    cd /tmp && wget "https://github.com/docker/buildx/releases/download/v${buildx_version}/${buildx_file_name}"
+
+    mkdir -p ${_REMOTE_USER_HOME}/.docker/cli-plugins
+    mv ${buildx_file_name} ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+    chmod +x ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
 
-    usermod -aG docker ${USERNAME}
+    chown -R "${USERNAME}:docker" "${_REMOTE_USER_HOME}/.docker"
+    chmod -R g+r+w "${_REMOTE_USER_HOME}/.docker"
+    find "${_REMOTE_USER_HOME}/.docker" -type d -print0 | xargs -n 1 -0 chmod g+s
 fi
 
 tee /usr/local/share/docker-init.sh > /dev/null \

src/docker-outside-of-docker/devcontainer-feature.json

@@ -1,6 +1,6 @@
 {
     "id": "docker-outside-of-docker",
-    "version": "1.0.10",
+    "version": "1.1.0",
     "name": "Docker (docker-outside-of-docker)",
     "documentationURL": "https://github.com/devcontainers/features/tree/main/src/docker-outside-of-docker",
     "description": "Re-use the host docker socket, adding the Docker CLI to a container. Feature invokes a script to enable using a forwarded Docker socket within a container to run Docker commands.",
@@ -28,6 +28,11 @@
             ],
             "default": "v1",
             "description": "Compose version to use for docker-compose (v1 or v2)"
+        },
+        "installDockerBuildx": {
+            "type": "boolean",
+            "default": true,
+            "description": "Install Docker Buildx"
         }
     },
     "entrypoint": "/usr/local/share/docker-init.sh",

src/docker-outside-of-docker/install.sh

@@ -15,6 +15,7 @@ ENABLE_NONROOT_DOCKER="${ENABLE_NONROOT_DOCKER:-"true"}"
 SOURCE_SOCKET="${SOURCE_SOCKET:-"/var/run/docker-host.sock"}"
 TARGET_SOCKET="${TARGET_SOCKET:-"/var/run/docker.sock"}"
 USERNAME="${USERNAME:-"${_REMOTE_USER:-"automatic"}"}"
+INSTALL_DOCKER_BUILDX="${INSTALLDOCKERBUILDX:-"true"}"
 
 MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
 DOCKER_MOBY_ARCHIVE_VERSION_CODENAMES="buster bullseye bionic focal jammy"
@@ -116,7 +117,7 @@ find_version_from_git_tags() {
 export DEBIAN_FRONTEND=noninteractive
 
 # Install dependencies
-check_packages apt-transport-https curl ca-certificates gnupg2 dirmngr
+check_packages apt-transport-https curl ca-certificates gnupg2 dirmngr wget
 if ! type git > /dev/null 2>&1; then
     check_packages git
 fi
@@ -254,6 +255,29 @@ else
     update-alternatives --set docker-compose /usr/local/bin/compose-switch
 fi
 
+# Setup a docker group in the event the docker socket's group is not root
+if ! grep -qE '^docker:' /etc/group; then
+    groupadd --system docker
+fi
+usermod -aG docker "${USERNAME}"
+
+if [ "${INSTALL_DOCKER_BUILDX}" = "true" ]; then
+    buildx_version="latest"
+    find_version_from_git_tags buildx_version "https://github.com/docker/buildx" "refs/tags/v"
+
+    echo "(*) Installing buildx ${buildx_version}..."
+    buildx_file_name="buildx-v${buildx_version}.linux-${architecture}"
+    cd /tmp && wget "https://github.com/docker/buildx/releases/download/v${buildx_version}/${buildx_file_name}"
+
+    mkdir -p ${_REMOTE_USER_HOME}/.docker/cli-plugins
+    mv ${buildx_file_name} ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+    chmod +x ${_REMOTE_USER_HOME}/.docker/cli-plugins/docker-buildx
+
+    chown -R "${USERNAME}:docker" "${_REMOTE_USER_HOME}/.docker"
+    chmod -R g+r+w "${_REMOTE_USER_HOME}/.docker"
+    find "${_REMOTE_USER_HOME}/.docker" -type d -print0 | xargs -n 1 -0 chmod g+s
+fi
+
 # If init file already exists, exit
 if [ -f "/usr/local/share/docker-init.sh" ]; then
     # Clean up
@@ -277,11 +301,6 @@ if [ "${ENABLE_NONROOT_DOCKER}" = "false" ] || [ "${USERNAME}" = "root" ]; then
     exit 0
 fi
 
-# Setup a docker group in the event the docker socket's group is not root
-if ! grep -qE '^docker:' /etc/group; then
-    groupadd --system docker
-fi
-usermod -aG docker "${USERNAME}"
 DOCKER_GID="$(grep -oP '^docker:x:\K[^:]+' /etc/group)"
 
 # If enabling non-root access and specified user is found, setup socat and add script

test/docker-in-docker/Dockerfile

@@ -0,0 +1 @@
+FROM ubuntu:focal

test/docker-in-docker/docker_build.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -e
+
+# Optional: Import test library
+source dev-container-features-test-lib
+
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+
+# Report result
+reportResults

test/docker-in-docker/docker_build_2.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -e
+
+# Optional: Import test library
+source dev-container-features-test-lib
+
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+
+# Report result
+reportResults

test/docker-in-docker/docker_build_older.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -e
+
+# Optional: Import test library
+source dev-container-features-test-lib
+
+# Definition specific tests
+check "docker-buildx" docker buildx version
+check "docker-build" docker build ./
+
+# Report result
+reportResults

test/docker-in-docker/scenarios.json

@@ -25,5 +25,38 @@
                 "azureDnsAutoDetection": false
             }
         }
+    },
+    "docker_build": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-in-docker": {
+                "version": "latest",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
+    },
+    "docker_build_2": {
+        "image": "ubuntu:focal",
+        "features": {
+            "docker-in-docker": {
+                "version": "latest",
+                "installDockerBuildx": true,
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        }
+    },
+    "docker_build_older": {
+        "image": "mcr.microsoft.com/devcontainers/javascript-node:0-18",
+        "features": {
+            "docker-in-docker": {
+                "version": "20",
+                "moby": "false",
+                "dockerDashComposeVersion": "v2"
+            }
+        },
+        "remoteUser": "node"
     }
-}
+}

test/docker-outside-of-docker/Dockerfile

@@ -0,0 +1 @@
+FROM ubuntu:jammy