使用 GitLab CI 构建 Singularity 容器
Build Singularity container using GitLab CI
我想在 GitLab 中构建一个奇点图像 CI。不幸的是,official containers 失败了:
Running with gitlab-runner 13.5.0 (ece86343) on gitlab-ci d6913e69
Preparing the "docker" executor
Using Docker executor with image quay.io/singularity/singularity:v3.7.0 ...
Pulling docker image quay.io/singularity/singularity:v3.7.0 ...
Using docker image sha256:46d3827bfb2f5088e2960dd7103986adf90f2e5b4cbea9eeb0b0eacfe10e3420 for quay.io/singularity/singularity:v3.7.0 with digest quay.io/singularity/singularity@sha256:def886335e36f47854c121be0ce0c70b2ff06d9381fe8b3d1894fee689615624 ...
Preparing environment
Running on runner-d6913e69-project-2906-concurrent-0 via <gitlab.url>...
Getting source from Git repository
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in <repo-path>
Checking out 708cc829 as master...
Skipping Git submodules setup
Executing "step_script" stage of the job script
Error: unknown command "sh" for "singularity"
刚开始时,使用这样的作业时:
build-singularity:
image: quay.io/singularity/singularity:v3.7.0
stage: singularity
script:
- build reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
only:
changes:
- reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
- reproduction/pipeline/semrepro-singularity/assets/mirrorlist
- .gitlab/ci/build-semrepo-singularity.yml
artifacts:
paths:
- reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif
expire_in: 1 hour
interruptible: true
对我来说,GitLab 似乎在尝试使用不存在的 shell?他们应该如何工作?在 official example 中,他们使用的是 docker 图像的特殊版本,称为 -gitlab
,但不幸的是,该版本不再可用。有任何想法吗?我无法想象在 CI 内构建奇点容器是不可能的?提前致谢!
编辑: 根据@tsnowlan 的回答,覆盖入口点可以解决上述问题。但是,现在构建失败并显示:
singularity build semrepro-singularity.sif semrepro-singularity.def
INFO: Starting build...
INFO: Downloading library image
84.1MiB / 84.1MiB [========================================] 100 % 28.7 MiB/s 0s
ERROR: unpackSIF failed: root filesystem extraction failed: extract command failed: ERROR : Failed to create user namespace: not allowed to create user namespace: exit status 1
FATAL: While performing build: packer failed to pack: root filesystem extraction failed: extract command failed: ERROR : Failed to create user namespace: not allowed to create user namespace: exit status 1
Cleaning up file based variables
ERROR: Job failed: exit code 1
有什么想法吗?
你需要稍微修改一下,让它与 gitlab 兼容 CI。我发现最简单的方法是破坏 docker 入口点并让脚本步骤成为完整的奇点构建命令。我们正在使用它来构建 v3.6.4 的奇点图像,但它也应该适用于 v3.7.0。
例如,
build-singularity:
image:
name: quay.io/singularity/singularity:v3.7.0
entrypoint: [""]
stage: singularity
script:
- singularity build reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
...
编辑: 使用的 gitlab-runner 也必须启用 privileged
。这是 gitlab.com shared runners 上的默认设置,但如果使用您自己的跑步者,您需要确保在他们的配置中进行了设置。
我想在 GitLab 中构建一个奇点图像 CI。不幸的是,official containers 失败了:
Running with gitlab-runner 13.5.0 (ece86343) on gitlab-ci d6913e69
Preparing the "docker" executor
Using Docker executor with image quay.io/singularity/singularity:v3.7.0 ...
Pulling docker image quay.io/singularity/singularity:v3.7.0 ...
Using docker image sha256:46d3827bfb2f5088e2960dd7103986adf90f2e5b4cbea9eeb0b0eacfe10e3420 for quay.io/singularity/singularity:v3.7.0 with digest quay.io/singularity/singularity@sha256:def886335e36f47854c121be0ce0c70b2ff06d9381fe8b3d1894fee689615624 ...
Preparing environment
Running on runner-d6913e69-project-2906-concurrent-0 via <gitlab.url>...
Getting source from Git repository
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in <repo-path>
Checking out 708cc829 as master...
Skipping Git submodules setup
Executing "step_script" stage of the job script
Error: unknown command "sh" for "singularity"
刚开始时,使用这样的作业时:
build-singularity:
image: quay.io/singularity/singularity:v3.7.0
stage: singularity
script:
- build reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
only:
changes:
- reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
- reproduction/pipeline/semrepro-singularity/assets/mirrorlist
- .gitlab/ci/build-semrepo-singularity.yml
artifacts:
paths:
- reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif
expire_in: 1 hour
interruptible: true
对我来说,GitLab 似乎在尝试使用不存在的 shell?他们应该如何工作?在 official example 中,他们使用的是 docker 图像的特殊版本,称为 -gitlab
,但不幸的是,该版本不再可用。有任何想法吗?我无法想象在 CI 内构建奇点容器是不可能的?提前致谢!
编辑: 根据@tsnowlan 的回答,覆盖入口点可以解决上述问题。但是,现在构建失败并显示:
singularity build semrepro-singularity.sif semrepro-singularity.def
INFO: Starting build...
INFO: Downloading library image
84.1MiB / 84.1MiB [========================================] 100 % 28.7 MiB/s 0s
ERROR: unpackSIF failed: root filesystem extraction failed: extract command failed: ERROR : Failed to create user namespace: not allowed to create user namespace: exit status 1
FATAL: While performing build: packer failed to pack: root filesystem extraction failed: extract command failed: ERROR : Failed to create user namespace: not allowed to create user namespace: exit status 1
Cleaning up file based variables
ERROR: Job failed: exit code 1
有什么想法吗?
你需要稍微修改一下,让它与 gitlab 兼容 CI。我发现最简单的方法是破坏 docker 入口点并让脚本步骤成为完整的奇点构建命令。我们正在使用它来构建 v3.6.4 的奇点图像,但它也应该适用于 v3.7.0。
例如,
build-singularity:
image:
name: quay.io/singularity/singularity:v3.7.0
entrypoint: [""]
stage: singularity
script:
- singularity build reproduction/pipeline/semrepro-singularity/semrepro-singularity.sif reproduction/pipeline/semrepro-singularity/semrepro-singularity.def
...
编辑: 使用的 gitlab-runner 也必须启用 privileged
。这是 gitlab.com shared runners 上的默认设置,但如果使用您自己的跑步者,您需要确保在他们的配置中进行了设置。