Unable to successfully build dockerfile using imagebuildah.BuildDockerfiles

[dleviminzi]

Hello 👋 I am trying to build a dockerfile inside of a runc container using the buildah go packages. I have had success using the binary on its own inside of my container, but using the packages I keep encountering this issue:

STEP 1/2: FROM quay.io/libpod/alpine
Trying to pull quay.io/libpod/alpine:latest...
Getting image source signatures
Copying blob sha256:161a397ac5ee9e631cd79cdfb5f0b36a861071d42e67afe98ed3cb69155ea5ff
time="2024-12-06T22:47:54Z" level=error msg="While applying layer: ApplyLayer stdout:  stderr: 2024/12/06 22:47:54 JuiceFS filesystem mounting to: '/data'\n2024/12/06 22:47:54 JuiceFS filesystem mounted to: '/data'\n2024/12/06 22:47:54 RunCServer started on port 34403\n2024/12/06 22:47:54 Failed to start metrics server: listen tcp :9090: bind: address already in use\n exit status 1"
JuiceFS filesystem mounting to: '/data'
failed to build test image: creating build container: copying system image from manifest list: writing blob: adding layer with blob "sha256:161a397ac5ee9e631cd79cdfb5f0b36a861071d42e67afe98ed3cb69155ea5ff"/""/"sha256:5e0d8111135538b8a86ce5fc969849efce16c455fd016bb3dc53131bcedc4da5": ApplyLayer stdout:  stderr: 2024/12/06 22:47:54 JuiceFS filesystem mounting to: '/data'

It seems like its not using the using the output directory I want (BuildOutput). The code that causes the above looks like this

	if buildah.InitReexec() {
		return nil, "buildah reexec"
	}
	unshare.MaybeReexecUsingUserNamespace(false)

	storeOpts := bstorage.StoreOptions{
		GraphDriverName: "vfs",
		GraphRoot:       "/var/lib/containers/storage",
		RunRoot:         "/run/containers/storage",
	}

	buildStore, err := bstorage.GetStore(storeOpts)
	if err != nil {
		return err, "get store"
	}
	defer buildStore.Shutdown(false)

	tdir, err := os.MkdirTemp("", "")
	if err != nil {
		return err, "mktemp"
	}
	defer os.RemoveAll(tdir)

	buildOpts := define.BuildOptions{
		NamespaceOptions: []define.NamespaceOption{
			{Name: string(specs.NetworkNamespace), Host: true},
		},
		ReportWriter:            os.Stdout,
		BuildOutput:             tdir,
		Isolation:               define.IsolationChroot,
	}

	d, err := os.MkdirTemp("", "")
	if err != nil {
		return err, "mktemp"
	}
	defer os.RemoveAll(d)
	dockerfilep := filepath.Join(d, "Dockerfile")
	f, err := os.Create(dockerfilep)
	if err != nil {
		return err, "create dockerfile"
	}
	fmt.Fprintf(f, "FROM quay.io/libpod/alpine\nRUN echo \"hi\"")
	f.Close()

	id, _, err := imagebuildah.BuildDockerfiles(ctx, buildStore, buildOpts, dockerfilep)
	if err != nil {
		return err, "build dockerfiles"
	}
	log.Println("Built image:", id)

	defer os.RemoveAll(ociBundlePath)

Inside the same container, I can use the cli like so:

root@worker-build-e843d75b-bkn8r:/workspace# buildah build --output=test -f Dockerfile .
STEP 1/2: FROM ubuntu:22.04
Resolved "ubuntu" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/ubuntu:22.04...
Getting image source signatures
Copying blob a186900671ab done   |
Copying config 981912c48e done   |
Writing manifest to image destination
STEP 2/2: RUN echo hi
hi
COMMIT
Getting image source signatures
Copying blob 54cb91f3fa5e skipped: already exists
Copying blob 7536784103cd done   |
Copying config 98bdb78281 done   |
Writing manifest to image destination
--> 98bdb7828126
98bdb7828126a007fe3a738d3890344acfed22f7febc8c863522a6af839c5050
root@worker-build-e843d75b-bkn8r:/workspace# cd test
root@worker-build-e843d75b-bkn8r:/workspace/test# l
bin@   dev/  home/  media/  opt/   root/  sbin@  sys/  usr/
boot/  etc/  lib@   mnt/    proc/  run/   srv/   tmp/  var/

I figure I must be doing something wrong with how I am setting up the imagebuildah.BuildDockerfiles command, but I can't figure out what. For a bit of added context, I am building my go project with the "cni" flag and I have set the buildah runtime to runc in my environment. If anybody has any ideas, I would be very grateful!