Good afternoon (US Pacific time.) I've got a java17 based custom Clojure Lambda image I've been running for a while in production, and have recently started moving its CI/CD concerns to self-hosted linux Github Actions. I think I'm running up against a "docker in docker" teething issue attempting bb hl:compile.
[holy-lambda] Docker is not running! Enable and run docker first before using holy-lambda!
Yet, docker is running - I can docker pull - and there's a /var/run/docker.sock I can try to volume mount with
:holy-lambda/options {:docker {;; Check
;; Network setting for future versions of HL will propagate to AWS SAM as well
;; Options: "host"|"bridge"|"overlay"|"none"|nil|"macvlan"
:network nil
:volumes [{:docker "/var/run/docker.sock"
:host "/var/run/docker.sock"}]
...in bb.edn with no apparent effect. Should I maybe change the value of :network? I hope it's as simple as that (I've been struggling with this all day.) TIA, if anyone's around.Hey! Let me check :)
The trick is that when in the CI environment is better to not use docker in docker. Use HL_NO_DOCKER=1. This environment variable should opt out from using docker in docker :)
I should have mentioned that I tried that, but end up with an artifact which throws “entrypoint missing” errors on testing. From my reading of the use of this flag, it’s assumed that you’re then using the GraalVM builder, not the Java builder, yes?
No.
I need more details. How the fragment of template.yml is looking like where you bind a Lambda to Clojure function?
https://fierycod.github.io/holy-lambda/#/clojure-backend-tutorial
Could you kindly check if function specified in Dockerfile is exported using h/entrypoint?
It is. It’s been in production for a couple years before this task to build in the GH Actions context.
I’ll get that stanza and post it (writing on mobile at the moment.)
REDACTEDFunctionName:
Type: AWS::Serverless::Function
Properties:
FunctionName: redacted-function-name
Tags:
RoleType:
Ref: RoleType
PackageType: Image
(h/entrypoint [#'RedactedEntrypoint]) declared in the core namespace
In Dockerfile:
ENTRYPOINT ["java", "-XX:+TieredCompilation", \
"-XX:TieredStopAtLevel=1", \
"-Djavax.net.ssl.trustStore=/opt/java/lib/security/REDACTED", \
"-Djavax.net.ssl.trustStorePassword=REDACTED", \
"-Djdk.tls.client.protocols=TLSv1.2", \
"-jar", "REDACTED-lambda.jar", \
"com.REDACTED.REDACTED.lambda-api.core.RedactedEntrypoint"]io.github.FieryCod/holy-lambda {:mvn/version "0.6.7"}@karol.wojcik let me do some digging, I may have a cross-compilation issue (x86_64 vs arm64 architectures) to rule out. Speaking of which, what architecture(s) are the holy-lambda builder images? I suppose I could pull one down and run uname -m against to find out myself...
We are having multiple architectures available. :)
Default is x86
https://fierycod.github.io/holy-lambda/#/stable-releases?id=cli-amp-cicd-docker-images
@karol.wojcik I spent a couple of hours looking through public Clojurians archives, as well as GH source, FYI.