error with docker build stage of CodeBuild build

Asked 19/5, 2020 at 14:47 Answered 20/8, 2022 at 17:30

Solved amazon-web-services aws-codebuild

I am getting the following error from the BUILD stage of my CodeBuild build process:

"Error while executing command: docker build -t ..." Reason: exit status 1

I have a code build service role set up with permissions for ecr, the aws ecr login stage has succeeded, and my buildspec.yml is really simple - pretty much just the standard template. Runtime is the Amazon-managed ubuntu image, standard.

Is there any reason why the Docker build could be failing and anything anyone would suggest to troubleshoot?

Thank you

Full buildspec.yml file:

version: 0.2

phases:
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - $(aws ecr get-login --no-include-email --region eu-west-1)
  build:
    commands:
      - echo Building the Docker image...          
      - docker build -t maxmind:latest .
      - docker tag maxmind:latest 381475286792.dkr.ecr.eu-west-1.amazonaws.com/maxmind:latest      
  post_build:
    commands:
      - echo Build completed on `date`
      - echo Pushing the Docker image...
      - docker push 381475286792.dkr.ecr.eu-west-1.amazonaws.com/maxmind:latest

Full error message (BUILD stage):

COMMAND_EXECUTION_ERROR: Error while executing command docker build -t maxmind:latest .. Reason: exit status 1

Full error message (POST_BUILD stage):

COMMAND EXECUTION_ERROR: Error while executing command: docker push 381475286792.dkr.ecr.eu-west-1.amazonaws.com/maxmind:latest. Reason: exit status 1

Full error message (logstream):

[Container] 2020/05/20 09:28:54 Running command docker build -t maxmind:latest .
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

[Container] 2020/05/20 09:28:54 Command did not exit successfully docker build -t maxmind:latest . exit status 1
[Container] 2020/05/20 09:28:54 Phase complete: BUILD State: FAILED

Things I have tried

Attached AmazonEC2ContainerRegistryPowerUser policy to the codebuild-service-role created by my build process

Rhotacism answered 19/5, 2020 at 14:47 Comment(17)

Clink into the codebuild project build that failed, and click the 'Phase Details` Tab. Any additional errors there? – Malamud 19/5, 2020 at 15:23

@Malamud yes. COMMAND_EXECUTION_ERROR: Error while executing command: docker build -t... Reason: exit status 1 – Rhotacism 19/5, 2020 at 16:2

Can you provide your codebuild.yml and the full version of the message? – Pseudaxis 19/5, 2020 at 21:8

@Pseudaxis buildspec.yml and full versions of error messages now added – Rhotacism 20/5, 2020 at 8:10

You are using incorrect ecr login command. Try that: $(aws ecr get-login --no-include-email --region eu-west-1). Check here how to login to ecr. – Pseudaxis 20/5, 2020 at 8:44

@Pseudaxis thanks for that, now corrected the ecr login command but still getting the same errors when I retry the build – Rhotacism 20/5, 2020 at 8:51

You should be getting more logs. Check logs of your failed build. It usually produces lots of logs. – Pseudaxis 20/5, 2020 at 9:4

@Pseudaxis would that be in cloudwatch? I have the log to cloudwatch box unchecked at the moment so I will tick that, run again and then try to find the logs – Rhotacism 20/5, 2020 at 9:18

Just in the code build console. Its colled log trail or something like that. – Pseudaxis 20/5, 2020 at 9:25

Here is an example image of the logs in code build. – Pseudaxis 20/5, 2020 at 9:31

@Pseudaxis the logs were greyed out so I enabled the cloudwatch checkbox and now have a log stream that looks like the link you just posted. The error message is: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? – Rhotacism 20/5, 2020 at 9:31

Interesting. Have you enabled PrivilegedMode? – Pseudaxis 20/5, 2020 at 9:41

@Pseudaxis I hadn't enabled it. I have just tried to enable it and update environment, but ran into a permissions issue (not authorized to perform iam:DeletePolicyVersion on resource CodeBuildBasePolicy-maxmind-build-eu-west-1) that I will need to resolve before continuing.. I'll update here when I've obtained permissions and retried this. Thanks for your help so far. – Rhotacism 20/5, 2020 at 9:56

Ok. Let me know how it will go. – Pseudaxis 20/5, 2020 at 10:1

@Pseudaxis got the needed permissions, updated the environment, retried the build, and everything worked fine - thanks again for the great help – Rhotacism 20/5, 2020 at 15:14

Nice to hear. If you don't mind I will provide an answer for future reference. – Pseudaxis 20/5, 2020 at 21:19

if getting 'unauthorized' for docker login, notice there are two forms of the command in the 'Files' section here - the correct one is defined by Marcin here – Lingenfelter 16/10, 2020 at 11:22

Based on the comments.

There were two issues. The first one was not using PrivilegedMode mode in the CodeBuild project. The mode is required when building a docker image inside a docker container.

The second issue was missing permission iam:DeletePolicyVersion.

Enabling the mode and adding the missing permissions, solved the issue.

Pseudaxis answered 20/5, 2020 at 21:22 Comment(0)

Just want to share this in case anyone still has this issue.

This issue can be caused of 3 reasons:

Not having PrivilegedMode enabled id the CodeBuild project
Not having enough permissions for the IAM role
An error with your dockerfile build

In my case it was the 3rd reason.

I activated s3 logs which helped me see better error messages as it turned out to be that I was missing a folder in my project which my build dockerfile tried to COPY.

But it can be any error, like running an npm command that doesn't exists.

Leija answered 20/8, 2022 at 17:30 Comment(0)

Recommended topics

Hot tags