Alpine Docker Image does not work in Gitlab CI

[pSub]

I am unable to integrate kubeconform into our Gitlab CI pipeline using the Alpine docker image. The relevant part of my Gitlab CI configuration is

lint-kubeconform:
  stage: validate
  image: ghcr.io/yannh/kubeconform:latest-alpine
  script:
    - kubeconform

The gitlab-runner fails to find a sh:

Runtime platform                                    arch=amd64 os=linux pid=40134 revision=f188edd7 version=14.9.1
Running with gitlab-runner 14.9.1 (f188edd7)
Preparing the "docker" executor
Using Docker executor with image ghcr.io/yannh/kubeconform:latest-alpine ...
Pulling docker image ghcr.io/yannh/kubeconform:latest-alpine ...
Using docker image sha256:48581c23a24fb25e270c6a6900b5fe9c4bd0095b7fe8779cdb45b94217686e6d for ghcr.io/yannh/kubeconform:latest-alpine with digest ghcr.io/yannh/kubeconform@sha256:a46a016956f6f91de40e1a635c1c7f75748720db592540b28a1c80f08c8d5991 ...
Preparing environment
Running on runner--project-0-concurrent-0 via LX-02014465...
Getting source from Git repository
Fetching changes...
Initialized empty Git repository in /builds/project-0/.git/
Created fresh repository.
Checking out f1afcbf4 as feature/kubeconform...

Skipping Git submodules setup
Executing "step_script" stage of the job script
Using docker image sha256:48581c23a24fb25e270c6a6900b5fe9c4bd0095b7fe8779cdb45b94217686e6d for ghcr.io/yannh/kubeconform:latest-alpine with digest ghcr.io/yannh/kubeconform@sha256:a46a016956f6f91de40e1a635c1c7f75748720db592540b28a1c80f08c8d5991 ...
sh - failed validation: lstat sh: no such file or directory
-c - failed validation: lstat -c: no such file or directory
ERROR: Job failed: exit code 1

FATAL: exit code 1  

It looks like the error described in #47. Is there something wrong with my configuration or is this a regression?

[balonik]

The issue is in ENTRYPOINT ["/kubeconform"] line in Dockerfile which GitLab Runners with Docker executor (the shared ones on GitLab.com) respect and then what's actually being executed is:

kubeconform sh -c anything_you_have_in_script

as you can see this error is actually returned by kubeconform binary

sh - failed validation: lstat sh: no such file or directory
-c - failed validation: lstat -c: no such file or directory

solution is to override entrypoint, you can do it in your .gitlab-ci.yaml file:

image:
  name: ghcr.io/yannh/kubeconform:latest-alpine
  entrypoint: [""]

Note: You won't encounter this issue on GitLab runners with Kubernetes executor, because they ignore ENTRYPOINT entry in container image :P

[pSub]

Thank you for this workaround @balonik!

[yannh]

What do you think would be the best way for this do you think, just add some documentation? Changing the entrypoint can be weird sometimes with how signals are processed, if Gitlab lets you override the entrypoing Iä d rather do this.

[balonik]

I think a documentation for this specific use-case is OK.

[pSub]

I agree with @balonik, adding documentation for this case is enough.

[yannh]

Documentation added in #139 I hope it is sufficient! Feel free to send a PR for more details if not 🙇‍♂️