Buildah doesn't create WORKDIR directory when building container from Dockerfile

[sshnaidm]

Description
buildah didn't create automatically WORKDIR directory in container while building from Dockerfile
It seems as a regression, because it was creating it before.

Steps to reproduce the issue:

1. Dockerfile:

FROM alpine

LABEL "key"="amazing value"
LABEL nobody=cares

ARG build_arg

ENV password root
ENV username root

RUN adduser -D user && \
        adduser -D user2

COPY start.sh /start

RUN chmod a+rwx /start

EXPOSE 80
EXPOSE 8080/tcp

VOLUME ["/data", "/data2"]
USER user
WORKDIR /work
STOPSIGNAL 9

CMD ["1d"]
ENTRYPOINT ["/start"]

2. sudo podman build -t test .
3. sudo podman run --rm -it --entrypoint sh test

Describe the results you received:
The error appears:
Error: chdir: No such file or directory: OCI runtime command not found error

Describe the results you expected:
If I add mkdir /work to Dockerfile, then all works fine:

$ sudo podman run --rm -it --entrypoint sh test2
/work $

Output of rpm -q buildah or apt list buildah:

buildah-1.15.0-0.67.dev.git2c46b4b.fc33.x86_64

Output of buildah version:

Version:         1.15.0-dev
Go Version:      go1.14.3
Image Spec:      1.0.1-dev
Runtime Spec:    1.0.2-dev
CNI Spec:        0.4.0
libcni Version:  
image Version:   5.4.4
Git Commit:      
Built:           Thu Jan  1 00:00:00 1970
OS/Arch:         linux/amd64

Output of podman version if reporting a podman build issue:

Version:      2.1.0-dev
API Version:  1
Go Version:   go1.14.3
Built:        Thu Jan  1 00:00:00 1970
OS/Arch:      linux/amd64

Podman info:

host:
  arch: amd64
  buildahVersion: 1.16.0-dev
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.19-0.5.dev.giteff699e.fc33.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.19-dev, commit: 3c47d3797172bffa8ab02661ac4805b593cfb4ba'
  cpus: 4
  distribution:
    distribution: fedora
    version: "33"
  eventLogger: file
  hostname: localhost
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.8.0-0.rc5.1.fc33.x86_64
  linkmode: dynamic
  memFree: 1312243712
  memTotal: 2075611136
  ociRuntime:
    name: crun
    package: crun-0.14-1.fc33.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.14
      commit: ebc56fc9bcce4b3208bb0079636c80545122bf58
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.4-2.dev.git4c6befe.fc33.x86_64
    version: |-
      slirp4netns version 1.1.4+dev
      commit: 4c6befe05c3137232cf06a5c2879daf4c20be6b1
      libslirp: 4.3.1
      SLIRP_CONFIG_VERSION_MAX: 3
  swapFree: 0
  swapTotal: 0
  uptime: 2h 21m 54.23s (Approximately 0.08 days)
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /home/fedora/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.1.0-6.dev.git50ab2c2.fc33.x86_64
      Version: |-
        fusermount3 version: 3.9.2
        fuse-overlayfs: version 1.1.0
        FUSE library version 3.9.2
        using FUSE kernel interface version 7.31
  graphRoot: /home/fedora/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 23
  runRoot: /run/user/1000/containers
  volumePath: /home/fedora/.local/share/containers/storage/volumes
version:
  APIVersion: 1
  Built: 0
  BuiltTime: Thu Jan  1 00:00:00 1970
  GitCommit: ""
  GoVersion: go1.14.3
  OsArch: linux/amd64
  Version: 2.1.0-dev

Output of cat /etc/*release:

Fedora release 33 (Rawhide)
NAME=Fedora
VERSION="33 (Cloud Edition Prerelease)"
ID=fedora
VERSION_ID=33
VERSION_CODENAME=""
PLATFORM_ID="platform:f33"
PRETTY_NAME="Fedora 33 (Cloud Edition Prerelease)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:33"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=rawhide
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=rawhide
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Cloud Edition"
VARIANT_ID=cloud
Fedora release 33 (Rawhide)
Fedora release 33 (Rawhide)

Output of uname -a:

Linux localhost 5.8.0-0.rc5.1.fc33.x86_64 #1 SMP Mon Jul 13 15:27:01 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Output of cat /etc/containers/storage.conf:

[storage]
driver = "overlay"
runroot = "/var/run/containers/storage"
graphroot = "/var/lib/containers/storage"
[storage.options]
additionalimagestores = [
]
[storage.options.overlay]
mountopt = "nodev,metacopy=on"
[storage.options.thinpool]

[rhatdan]

Does this work fine in Docker?
What version of Buildah worked and what version stopped working?

[rhatdan]

This is working for me?

 cat /tmp/test/Containerfile 
from alpine
workdir /test
RUN ls -ld /test
$ buildah bud /tmp/test
STEP 1: FROM alpine
STEP 2: workdir /test
STEP 3: RUN ls -ld /test
drwxr-xr-x    2 root     root          4096 Jul 16 15:52 /test
STEP 4: COMMIT
Getting image source signatures
Copying blob 50644c29ef5a skipped: already exists  
Copying blob a2b9bb976ffa done  
Copying config 611f87eed5 done  
Writing manifest to image destination
Storing signatures
--> 611f87eed5d
611f87eed5dab7ec2063d0d7b56bdbdcb10aa433d561c926405d848c51d340ff
$ buildah --version
buildah version 1.15.0 (image-spec 1.0.1-dev, runtime-spec 1.0.2-dev)

[sshnaidm]

@rhatdan I build with podman, maybe it matters?
I can't try all podman versions, but this one pasted above doesn't work and this one below works fine for me:

debug:
  compiler: gc
  gitCommit: ""
  goVersion: go1.13.10
  podmanVersion: 1.9.2
host:
  arch: amd64
  buildahVersion: 1.14.8
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.16-2.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.16, commit: aec991fec16dc45935de184f2ea06a6ffca200a0'
  cpus: 4
  distribution:
    distribution: fedora
    version: "31"
  eventLogger: file
  hostname: sshnaidm.remote
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.6.11-200.fc31.x86_64
  memFree: 6928224256
  memTotal: 25083031552
  ociRuntime:
    name: runc
    package: runc-1.0.0-102.dev.gitdc9208a.fc31.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.0-rc10
      commit: 96f6022b37cbe12b26c9ad33a24677bec72a9cc3
      spec: 1.0.1-dev
  os: linux
  rootless: true
  slirp4netns:
   executable: /usr/bin/slirp4netns
    package: slirp4netns-1.0.1-1.fc31.x86_64
    version: |-
      slirp4netns version 1.0.1
      commit: 6a7b16babc95b6a3056b33fb45b74a6f62262dd4
      libslirp: 4.1.0
  swapFree: 10937167872
  swapTotal: 12645822464
  uptime: 176h 33m 19.55s (Approximately 7.33 days)
registries:
  search:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  configFile: /home/sshnaidm/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.0.0-1.fc31.x86_64
      Version: |-
        fusermount3 version: 3.6.2
        fuse-overlayfs: version 1.0.0
        FUSE library version 3.6.2
        using FUSE kernel interface version 7.29
  graphRoot: /home/sshnaidm/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 179
  runRoot: /tmp/1000
  volumePath: /home/sshnaidm/.local/share/containers/storage/volumes

[rhatdan]

Podman build 2.1.0-dev is working for me?

$ ./bin/podman build --no-cache /tmp/test
STEP 1: FROM alpine
STEP 2: workdir /test
--> 4db070a52de
STEP 3: RUN ls -ld /test
drwxr-xr-x    2 root     root          4096 Jul 16 16:46 /test
STEP 4: COMMIT
--> ae76f68d863
ae76f68d8632270fa1df833d540b93bd79395934279ed9d5657f68fd90af49ec
[dwalsh@localhost podman]$ ./bin/podman --version
podman version 2.1.0-dev

Does my Containerfile work for you?

cat /tmp/test/Containerfile
from alpine
workdir /test
RUN ls -ld /test

[rhatdan]

I test with your Dockerfile on fedora 32 and it works fine.

[rhatdan]

Maybe this is a Rawhide thing?

[rhatdan]

I am using a newer fuse-overlayfs then you are.
fuse-overlayfs-1.1.1-1.fc32.x86_64

[sshnaidm]

Your file actually works for me too. But if I remove RUN ls -ld /test it stops to work.

$ cat Containerfile 
from alpine
workdir /test

$ podman build --no-cache -f Containerfile  -t btest3

STEP 1: FROM alpine
STEP 2: workdir /test
STEP 3: COMMIT btest3
--> 69850f570d8
69850f570d8ec9f933aa351a7a6251644f955a19d3a753c08a4be483fa46e4c3

$ podman run -it --rm --entrypoint sh btest3
Error: chdir: No such file or directory: OCI runtime command not found error

And if I move WORKDIR /work in original Dockerfile before last RUN command, it works!

FROM alpine

LABEL "key"="amazing value"
LABEL nobody=cares

ARG build_arg

ENV password root
ENV username root

RUN adduser -D user && \
        adduser -D user2

COPY start.sh /start
WORKDIR /work
RUN chmod a+rwx /start

EXPOSE 80
EXPOSE 8080/tcp

VOLUME ["/data", "/data2"]
USER user
# WORKDIR /work
STOPSIGNAL 9

CMD ["1d"]
ENTRYPOINT ["/start"]

[rhatdan]

Ok so the workdir is only created if Buildah runs a container on it.

[rhatdan]

@ashley-cui Could you take a look at this. The Workdir function in Buildah should be making sure that the directory exists in the image.

[ashley-cui]

@rhatdan It looks like buildah bud works, but podman build doesn't. Would it still be a buildah workdir function issue?

[acui@localhost podman]$ cat ~/tst/Dockerfile 
from alpine
workdir /test

[acui@localhost podman]$ buildah bud --no-cache -f ~/tst/Dockerfile -t test
STEP 1: FROM alpine
STEP 2: workdir /test
STEP 3: COMMIT test
--> 01af940ef84
01af940ef84e6e6cb8862f6428b4e473b9116760965a21da07b378f20c66bbbc

[acui@localhost podman]$ ./bin/podman run -it --rm --entrypoint sh test
/test # exit

[acui@localhost podman]$ ./bin/podman build --no-cache -f ~/tst/Dockerfile -t test2
STEP 1: FROM alpine
STEP 2: workdir /test
STEP 3: COMMIT test2
--> ee97f1c4cf3
ee97f1c4cf362e2ad097221ddc33e9584331a1fc4c810e11b0a13755399ea275

[acui@localhost podman]$ ./bin/podman run -it --rm --entrypoint sh test2
Error: chdir: No such file or directory: OCI runtime command not found error

[TomSweeneyRedHat]

@mheon, were you recently tweaking WORKDIR on the Podman side of things?

[mheon]

Yes. This was a change in crun which used to create the entrypoint unconditionally but now no longer does. We now create ENTRYPOINT from images if it does not exist.

[ashley-cui]

Just pulled down the latest podman and it seems like this issue still exists? Should I close this an open an issue in podman instead?

[rhatdan]

I think this is fixed. Reopen if I am mistaken.