Installing chromium on alpine3.18 gocd docker agent causes crash loop

[timborrowdale]

Issue Type

• Bug Report

Summary

Tried to update our gocd agent to alpine3.18 from 3.16. Noticed that while the image built the agent would not start successfully. Using 3.17 worked ok. Removing pieces from Dockerfile implies chromium package being installed is what causes the issue. We need chromium on the build agent in order to run headless browser tests.

Environment

Basic environment details

• Go Version: 23.5.0
• JAVA Version: 17.0.9
• OS: Linux 3.13.0-139-generic

Additional Environment Details

Building agent on WSL2/Ubuntu

Steps to Reproduce

1. Create Dockerfile with following content:

FROM gocd/gocd-agent-alpine-3.18:v23.5.0

USER root

RUN apk add --no-cache \
        chromium

2. run docker build -t gocd-example .
3. run docker run -e GO_SERVER_URL=https://go-server-url gocd-example

Expected Results

Agent should start successfully

Actual Results

JRE encounters fatal exception, waits 10 seconds then retries with same result, on a loop

Possible Fix

Log snippets

docker-entrypoint.sh: Creating directories and symlinks to hold GoCD configuration, data, and logs
$ mkdir -v /godata/config
created directory: '/godata/config'
$ ln -sv /godata/config /go/config
'/go/config' -> '/godata/config'
$ mkdir -v /godata/logs
created directory: '/godata/logs'
$ ln -sv /godata/logs /go/logs
'/go/logs' -> '/godata/logs'
$ mkdir -v /godata/pipelines
created directory: '/godata/pipelines'
$ ln -sv /godata/pipelines /go/pipelines
'/go/pipelines' -> '/godata/pipelines'
/docker-entrypoint.sh: Creating directories and symlinks to hold GoCD wrapper binaries
$ ln -sv /go-agent/bin /go/bin
'/go/bin' -> '/go-agent/bin'
$ ln -sv /go-agent/lib /go/lib
'/go/lib' -> '/go-agent/lib'
$ ln -sv /go-agent/run /go/run
'/go/run' -> '/go-agent/run'
$ ln -sv /go-agent/wrapper /go/wrapper
'/go/wrapper' -> '/go-agent/wrapper'
$ ln -sv /go-agent/wrapper-config /go/wrapper-config
'/go/wrapper-config' -> '/go-agent/wrapper-config'
$ cp -rfv /go-agent/config/agent-bootstrapper-logback-include.xml /go/config/agent-bootstrapper-logback-include.xml
'/go-agent/config/agent-bootstrapper-logback-include.xml' -> '/go/config/agent-bootstrapper-logback-include.xml'
$ cp -rfv /go-agent/config/agent-launcher-logback-include.xml /go/config/agent-launcher-logback-include.xml
'/go-agent/config/agent-launcher-logback-include.xml' -> '/go/config/agent-launcher-logback-include.xml'
$ cp -rfv /go-agent/config/agent-logback-include.xml /go/config/agent-logback-include.xml
'/go-agent/config/agent-logback-include.xml' -> '/go/config/agent-logback-include.xml'
/docker-entrypoint.sh: Running custom scripts in /docker-entrypoint.d/ ...
$ sed -i -e [email protected]=.*@wrapper.logfile=/go/logs/go-agent-bootstrapper-wrapper.log@g -e [email protected]=.*@wrapper.java.command=/gocd-jre/bin/java@g -e [email protected]=.*@wrapper.working.dir=/go@g /go-agent/wrapper-config/wrapper.conf
$ sed -i -e [email protected]=.*@wrapper.app.parameter.100=-serverUrl@g -e [email protected]=.*@wrapper.app.parameter.101=https://<removed>/go@g /go-agent/wrapper-config/wrapper-properties.conf
$ exec /usr/local/sbin/tini -g -- /go/bin/go-agent console
Running go-agent...
wrapper  | --> Wrapper Started as Console
wrapper  | Java Service Wrapper Standard Edition 64-bit 3.5.54
wrapper  |   Copyright (C) 1999-2023 Tanuki Software, Ltd. All Rights Reserved.
wrapper  |     http://wrapper.tanukisoftware.com
wrapper  |   Licensed to ThoughtWorks for GoCD Agent
wrapper  | 
wrapper  | Launching a JVM...
jvm 1    | WrapperManager: Initializing...
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024] Starting process: 
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024]   Working directory    : /go
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024]   Application arguments: [-serverUrl, https://<removed>/go]
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024]            GoCD Version: 23.5.0-18179
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024]            Java Version: 17.0.9
jvm 1    | [Wed Jan 10 15:16:05 GMT 2024]        Operating System: Linux(5.15.133.1-microsoft-standard-WSL2)
jvm 1    | Could not find file `config/agent-bootstrapper-logback.xml'. Attempting to load from classpath.
jvm 1    | Using classpath resource `jar:onejar:lib/agent-bootstrapper-23.5.0-18179-classes.jar!/config/agent-bootstrapper-logback.xml'.
jvm 1    | 2024-01-10 15:16:06,287 INFO  [WrapperJarAppMain] DefaultAgentLauncherCreatorImpl:67 - Attempting to load com.thoughtworks.go.agent.launcher.AgentLauncherImpl as specified by manifest key Go-Agent-Launcher-Class
jvm 1    | 2024-01-10 15:16:06,311 INFO  [WrapperJarAppMain] ParentClassAccessFilteringClassloader:43 - Loading com.thoughtworks.cruise.agent.common.launcher.AgentLauncher using java.net.URLClassLoader
jvm 1    | 2024-01-10 15:16:06,365 INFO  [WrapperJarAppMain] AgentBootstrapper:74 - Attempting create and start launcher...
jvm 1    | 2024-01-10 15:16:06,371 INFO  [WrapperJarAppMain] ParentClassAccessFilteringClassloader:43 - Loading com.thoughtworks.cruise.agent.common.launcher.AgentLaunchDescriptor using java.net.URLClassLoader
jvm 1    | Could not find file `config/agent-launcher-logback.xml'. Attempting to load from classpath.
jvm 1    | Using classpath resource `jar:file:/go/data/deps-1d0d76dd21a350f6-agent-launcher.jar/agent-launcher-23.5.0-18179-classes.jar!/config/agent-launcher-logback.xml'.
jvm 1    | 2024-01-10 15:16:06,509 INFO  [TouchLoopThread-1] Lockfile:107 - Using lock file: /go/.agent-bootstrapper.running
jvm 1    | 2024-01-10 15:16:07,014 INFO  [WrapperJarAppMain] ServerBinaryDownloader:119 - Downloading agent.jar
jvm 1    | 2024-01-10 15:16:07,096 INFO  [WrapperJarAppMain] ServerBinaryDownloader:126 - Got server response
jvm 1    | 2024-01-10 15:16:08,499 INFO  [WrapperJarAppMain] ServerBinaryDownloader:134 - Piped the stream to admin/agent
jvm 1    | 2024-01-10 15:16:08,500 INFO  [WrapperJarAppMain] PerfTimer:53 - Performance: Downloading new admin/agent with md5 signature: 3234b720a6a1044c69f26d64f34fadf7 took 1487ms
jvm 1    | 2024-01-10 15:16:08,765 INFO  [WrapperJarAppMain] AgentProcessParentImpl:49 - Agent launcher is version: 23.5.0-18179
jvm 1    | 2024-01-10 15:16:08,942 INFO  [WrapperJarAppMain] ServerBinaryDownloader:119 - Downloading agent-plugins.zip
jvm 1    | 2024-01-10 15:16:09,008 INFO  [WrapperJarAppMain] ServerBinaryDownloader:126 - Got server response
jvm 1    | 2024-01-10 15:16:09,689 INFO  [WrapperJarAppMain] ServerBinaryDownloader:134 - Piped the stream to admin/agent-plugins.zip
jvm 1    | 2024-01-10 15:16:09,689 INFO  [WrapperJarAppMain] PerfTimer:53 - Performance: Downloading new admin/agent-plugins.zip with md5 signature: 645d18c1723106c2f2bf359f81024852 took 747ms
jvm 1    | 2024-01-10 15:16:09,747 INFO  [WrapperJarAppMain] ServerBinaryDownloader:119 - Downloading tfs-impl.jar
jvm 1    | 2024-01-10 15:16:09,819 INFO  [WrapperJarAppMain] ServerBinaryDownloader:126 - Got server response
jvm 1    | 2024-01-10 15:16:10,526 INFO  [WrapperJarAppMain] ServerBinaryDownloader:134 - Piped the stream to admin/tfs-impl.jar
jvm 1    | 2024-01-10 15:16:10,527 INFO  [WrapperJarAppMain] PerfTimer:53 - Performance: Downloading new admin/tfs-impl.jar with md5 signature: 70a560e639d5be3e60ab684415285da8 took 780ms
jvm 1    | 2024-01-10 15:16:10,530 INFO  [WrapperJarAppMain] AgentProcessParentImpl:66 - Launching Agent with command: /gocd-jre/bin/java -Xms128m -Xmx256m -Dgo.console.stdout=true -Dgo.console.stdout=true -Dagent.plugins.md5=645d18c1723106c2f2bf359f81024852 -Dagent.binary.md5=3234b720a6a1044c69f26d64f34fadf7 -Dagent.launcher.md5=986c88e98219d4205831bf9cf8cad7b8 -Dagent.tfs.md5=70a560e639d5be3e60ab684415285da8 -Dagent.bootstrapper.version=23.5.0-18179 -jar agent.jar -serverUrl https://<removed>/go -sslVerificationMode FULL
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024] Starting process: 
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024]   Working directory    : /go
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024]   Application arguments: [-serverUrl, https://<removed>/go, -sslVerificationMode, FULL]
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024]            GoCD Version: 23.5.0-18179
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024]            Java Version: 17.0.9
jvm 1    | [Wed Jan 10 15:16:10 GMT 2024]        Operating System: Linux(5.15.133.1-microsoft-standard-WSL2)
jvm 1    | Could not find file `config/agent-logback.xml'. Attempting to load from classpath.
jvm 1    | Using classpath resource `jar:onejar:lib/agent-23.5.0-18179-classes.jar!/config/agent-logback.xml'.
jvm 1    | 2024-01-10 15:16:11,315 INFO  [main] ClassPathXmlApplicationContext:583 - Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@24269709: startup date [Wed Jan 10 15:16:11 GMT 2024]; root of context hierarchy
jvm 1    | 2024-01-10 15:16:11,360 INFO  [main] XmlBeanDefinitionReader:317 - Loading XML bean definitions from class path resource [applicationContext.xml]
jvm 1    | 2024-01-10 15:16:11,512 INFO  [main] XmlBeanDefinitionReader:317 - Loading XML bean definitions from class path resource [applicationContext-plugin-infra.xml]
jvm 1    | 2024-01-10 15:16:11,706 INFO  [main] DefaultListableBeanFactory:821 - Overriding bean definition for bean 'pluginLoader' with a different definition: replacing [Generic bean: class [com.thoughtworks.go.plugin.infra.PluginLoader]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in URL [jar:onejar:lib/go-plugin-infra-23.5.0-18179.jar!/com/thoughtworks/go/plugin/infra/PluginLoader.class]] with [Generic bean: class [com.thoughtworks.go.plugin.infra.PluginLoader]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in class path resource [applicationContext-plugin-infra.xml]]
jvm 1    | 2024-01-10 15:16:11,996 INFO  [main] AgentStatusHttpd:66 - Agent status HTTP API server running on http://localhost:8152.
jvm 1    | #
jvm 1    | # A fatal error has been detected by the Java Runtime Environment:
jvm 1    | #
jvm 1    | #  SIGSEGV (0xb) at pc=0x0000000000004a10, pid=155, tid=156
jvm 1    | #
jvm 1    | # JRE version: OpenJDK Runtime Environment Temurin-17.0.9+9 (17.0.9+9) (build 17.0.9+9)
jvm 1    | # Java VM: OpenJDK 64-Bit Server VM Temurin-17.0.9+9 (17.0.9+9, mixed mode, sharing, tiered, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
jvm 1    | # Problematic frame:
jvm 1    | # C  [ld-linux-x86-64.so.2+0x1045e]
jvm 1    | #
jvm 1    | # No core dump will be written. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
jvm 1    | #
jvm 1    | # An error report file with more information is saved as:
jvm 1    | # /go/hs_err_pid155.log
jvm 1    | #
jvm 1    | # If you would like to submit a bug report, please visit:
jvm 1    | #   https://github.com/adoptium/adoptium-support/issues
jvm 1    | # The crash happened outside the Java Virtual Machine in native code.
jvm 1    | # See problematic frame for where to report the bug.
jvm 1    | #
jvm 1    | 2024-01-10 15:16:14,490 INFO  [WrapperJarAppMain] AgentBootstrapper:78 - Launcher returned with code 134(0x86)
^Cwrapper  | INT trapped.  Shutting down.
jvm 1    | 2024-01-10 15:16:15,508 INFO  [WrapperJarAppMain] DefaultAgentLauncherCreatorImpl:87 - Attempt No: 1 to cleanup launcher temp files
jvm 1    | 2024-01-10 15:16:15,532 INFO  [WrapperJarAppMain] AgentBootstrapper:108 - Waiting for 10000 ms before re-launch....

output of installing chromium:

Step 3/3 : RUN apk add --no-cache         chromium
 ---> Running in 99fb5fb8ec71
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/149) Installing libbz2 (1.0.8-r5)
(2/149) Installing libpng (1.6.39-r3)
(3/149) Installing freetype (2.13.0-r5)
(4/149) Installing fontconfig (2.14.2-r3)
(5/149) Installing libfontenc (1.1.7-r2)
(6/149) Installing mkfontscale (1.2.2-r3)
(7/149) Installing font-opensans (0_git20210927-r1)
(8/149) Installing pkgconf (1.9.5-r0)
(9/149) Installing libffi (3.4.4-r2)
(10/149) Installing libblkid (2.38.1-r8)
(11/149) Installing libmount (2.38.1-r8)
(12/149) Installing glib (2.76.4-r0)
(13/149) Installing xz-libs (5.4.3-r0)
(14/149) Installing libxml2 (2.11.6-r0)
(15/149) Installing shared-mime-info (2.2-r5)
(16/149) Installing hicolor-icon-theme (0.17-r2)
(17/149) Installing libjpeg-turbo (2.1.5.1-r3)
(18/149) Installing libwebp (1.3.2-r0)
(19/149) Installing zstd-libs (1.5.5-r4)
(20/149) Installing tiff (4.5.1-r0)
(21/149) Installing gdk-pixbuf (2.42.10-r5)
(22/149) Installing gtk-update-icon-cache (3.24.38-r1)
(23/149) Installing libxau (1.0.11-r2)
(24/149) Installing libmd (1.0.4-r2)
(25/149) Installing libbsd (0.11.7-r1)
(26/149) Installing libxdmcp (1.1.4-r2)
(27/149) Installing libxcb (1.15-r1)
(28/149) Installing libx11 (1.8.7-r0)
(29/149) Installing libxcomposite (0.4.6-r3)
(30/149) Installing libxfixes (6.0.1-r2)
(31/149) Installing libxrender (0.9.11-r3)
(32/149) Installing libxcursor (1.2.1-r2)
(33/149) Installing libxdamage (1.1.6-r2)
(34/149) Installing libxext (1.3.5-r2)
(35/149) Installing libxi (1.8.1-r0)
(36/149) Installing libxinerama (1.1.5-r2)
(37/149) Installing libxrandr (1.5.3-r2)
(38/149) Installing libatk-1.0 (2.48.3-r0)
(39/149) Installing libxtst (1.2.4-r2)
(40/149) Installing dbus-libs (1.14.8-r0)
(41/149) Installing at-spi2-core (2.48.3-r0)
(42/149) Installing libatk-bridge-2.0 (2.48.3-r0)
(43/149) Installing pixman (0.42.2-r1)
(44/149) Installing cairo (1.17.8-r1)
(45/149) Installing cairo-gobject (1.17.8-r1)
(46/149) Installing avahi-libs (0.8-r13)
(47/149) Installing gmp (6.2.1-r3)
(48/149) Installing nettle (3.8.1-r2)
(49/149) Installing p11-kit (0.24.1-r2)
(50/149) Installing libtasn1 (4.19.0-r1)
(51/149) Installing gnutls (3.8.0-r2)
(52/149) Installing cups-libs (2.4.7-r0)
(53/149) Installing libepoxy (1.5.10-r1)
(54/149) Installing fribidi (1.0.13-r0)
(55/149) Installing graphite2 (1.3.14-r5)
(56/149) Installing harfbuzz (7.3.0-r0)
(57/149) Installing libxft (2.3.8-r1)
(58/149) Installing pango (1.50.14-r1)
(59/149) Installing wayland-libs-client (1.22.0-r2)
(60/149) Installing wayland-libs-cursor (1.22.0-r2)
(61/149) Installing wayland-libs-egl (1.22.0-r2)
(62/149) Installing xkeyboard-config (2.38-r0)
(63/149) Installing libxkbcommon (1.5.0-r2)
(64/149) Installing gtk+3.0 (3.24.38-r1)
Executing gtk+3.0-3.24.38-r1.post-install
(65/149) Installing icu-data-full (73.2-r2)
(66/149) Installing mesa (23.0.4-r0)
(67/149) Installing libstdc++ (12.2.1_git20220924-r10)
(68/149) Installing llvm15-libs (15.0.7-r6)
(69/149) Installing hwdata-pci (0.370-r0)
(70/149) Installing libpciaccess (0.17-r2)
(71/149) Installing libdrm (2.4.115-r4)
(72/149) Installing musl-fts (1.2.7-r5)
(73/149) Installing libelf (0.189-r2)
(74/149) Installing mesa-glapi (23.0.4-r0)
(75/149) Installing mesa-dri-gallium (23.0.4-r0)
(76/149) Installing eudev-libs (3.2.11-r8)
(77/149) Installing libmagic (5.45-r0)
(78/149) Installing file (5.45-r0)
(79/149) Installing libice (1.1.1-r2)
(80/149) Installing libuuid (2.38.1-r8)
(81/149) Installing libsm (1.2.4-r1)
(82/149) Installing libxt (1.3.0-r2)
(83/149) Installing libxmu (1.1.4-r2)
(84/149) Installing xset (1.2.5-r1)
(85/149) Installing xprop (1.2.6-r0)
(86/149) Installing xdg-utils (1.1.3-r4)
(87/149) Installing libogg (1.3.5-r4)
(88/149) Installing flac-libs (1.4.3-r0)
(89/149) Installing alsa-lib (1.2.9-r1)
(90/149) Installing libatomic (12.2.1_git20220924-r10)
(91/149) Installing svt-av1-libs (1.6.0-r0)
(92/149) Installing aom-libs (3.6.1-r0)
(93/149) Installing libva (2.18.0-r1)
(94/149) Installing libvdpau (1.5-r1)
(95/149) Installing onevpl-libs (2023.2.1-r0)
(96/149) Installing ffmpeg-libavutil (6.0.1-r0)
(97/149) Installing libdav1d (1.2.1-r0)
(98/149) Installing libhwy (1.0.4-r1)
(99/149) Installing lcms2 (2.15-r2)
(100/149) Installing libjxl (0.8.2-r0)
(101/149) Installing lame-libs (3.100-r5)
(102/149) Installing opus (1.4-r0)
(103/149) Installing libgomp (12.2.1_git20220924-r10)
(104/149) Installing soxr (0.1.3-r5)
(105/149) Installing ffmpeg-libswresample (6.0.1-r0)
(106/149) Installing libtheora (1.1.1-r17)
(107/149) Installing libvorbis (1.3.7-r1)
(108/149) Installing libvpx (1.13.0-r2)
(109/149) Installing x264-libs (0.164_git20220602-r1)
(110/149) Installing numactl (2.0.16-r4)
(111/149) Installing x265-libs (3.5-r4)
(112/149) Installing xvidcore (1.3.7-r1)
(113/149) Installing ffmpeg-libavcodec (6.0.1-r0)
(114/149) Installing libbluray (1.3.4-r0)
(115/149) Installing mpg123-libs (1.31.3-r1)
(116/149) Installing libopenmpt (0.7.2-r0)
(117/149) Installing cjson (1.7.15-r4)
(118/149) Installing mbedtls (2.28.5-r0)
(119/149) Installing librist (0.2.7-r0)
(120/149) Installing libsrt (1.5.2-r0)
(121/149) Installing libssh (0.10.5-r0)
(122/149) Installing libsodium (1.0.18-r3)
(123/149) Installing libzmq (4.3.4-r4)
(124/149) Installing ffmpeg-libavformat (6.0.1-r0)
(125/149) Installing libevent (2.1.12-r6)
(126/149) Installing wayland-libs-server (1.22.0-r2)
(127/149) Installing mesa-gbm (23.0.4-r0)
(128/149) Installing harfbuzz-subset (7.3.0-r0)
(129/149) Installing icu-libs (73.2-r2)
(130/149) Installing jsoncpp (1.9.5-r0)
(131/149) Installing minizip (1.2.13-r1)
(132/149) Installing nspr (4.35-r2)
(133/149) Installing sqlite-libs (3.41.2-r2)
(134/149) Installing nss (3.94-r0)
(135/149) Installing pipewire-libs (0.3.70-r1)
(136/149) Installing libasyncns (0.8-r1)
(137/149) Installing libltdl (2.4.7-r2)
(138/149) Installing orc (0.4.34-r0)
(139/149) Installing libsndfile (1.2.0-r2)
(140/149) Installing speexdsp (1.2.1-r1)
(141/149) Installing tdb-libs (1.4.8-r1)
(142/149) Installing libpulse (16.1-r10)
(143/149) Installing snappy (1.1.10-r1)
(144/149) Installing libwoff2common (1.0.2-r2)
(145/149) Installing libwoff2enc (1.0.2-r2)
(146/149) Installing libgpg-error (1.47-r1)
(147/149) Installing libgcrypt (1.10.2-r1)
(148/149) Installing libxslt (1.1.38-r0)
(149/149) Installing chromium (119.0.6045.159-r0)
Executing busybox-1.36.1-r5.trigger
Executing fontconfig-2.14.2-r3.trigger
Executing mkfontscale-1.2.2-r3.trigger
Executing glib-2.76.4-r0.trigger
Executing shared-mime-info-2.2-r5.trigger
Executing gdk-pixbuf-2.42.10-r5.trigger
Executing gtk-update-icon-cache-3.24.38-r1.trigger
Executing glibc-bin-2.34-r0.trigger
OK: 602 MiB in 188 packages

Any other info

error looks similar to #11561

[chadlwilson]

If you are trying to install more complex native dependencies (such as browsers) onto your agent images, I'd strongly recommend you choose anything but Alpine. In short, this is because the GoCD agent images currently mix musl libc and glib in ways that are typically a Bad Idea and create problems like this. The saga is more completely summarised at #11355 because it also prevents us producing arm images for Alpine right now.

As a result I am contemplating abandoning Alpine images altogether and choosing another "compact" base image which is glibc-based.

Anyway, back to your actual problem.

It's quite possible that the problem is caused as a result of the chromium install adding eudev-libs (3.2.11-r8). What is likely happening is that the agent is loading a native library (OSHI) which looks for udev as part of collecting limited information on the OS/hardware of the agent. If OSHI finds udev, it tries to load it. Due to the constraints in the linked issue, the JRE is running via a glibc build in a way that is not normal for Alpine. udev is loaded from a musl libc linked library. Bang.

Anyway, for the earlier DIND image, the workaround was essentially to forcibly remove udev to workaround this. While that was fine for the usage of Docker within GoCD, I've no idea how Chromium relies on it or what might happen.

gocd/buildSrc/src/main/groovy/com/thoughtworks/go/build/docker/Distro.groovy

Line 224 in 67fbd63

'rm -rf /lib/libudev.so*', // btrfs is installed by Docker, but requires eudev-libs, which causes issues with OSHI JNA libary on Alpine with glibc and JVM crashes. Dont think we need udev as it's only needed by btrfs for multipath support.

I'd suggest you can try and remove it, then see if the GoCD Agent starts. if it does, see if Chromium still works. If this all sounds a bit horrifying, use a non Alpine agent image (Debian, Ubuntu, CentOS), or create your own

[timborrowdale]

Thanks @chadlwilson - I did run into further problems with software building on the alpine agent even after it started using alpine3.17 so reverted back to using ubuntu already

Happy to close this issue unless you think there's further work off the back of it..?

[chadlwilson]

The maintainer of the library that is loading udev here seems open to adding a software level opt-out which I’ve raised at oshi/oshi#2562 so I’ll keep this open unless that one is rejected. Would be better than my hack of rming libudev for the existing DIND images anyway.

Still can’t guarantee that it’d leave the Alpine image in a fundamentally stable state for running arbitrary apk-installed software as part of builds, but at least would leave the GoCD-agent better protected in the short term.