How to build Docker Images with Dockerfile behind HTTP_PROXY by Jenkins?

git maven npm docker dockerfile
74,347

Solution 1

Note: Docker 1.9 might help solve this:

  • "Issue 14634": Builder - Build-time argument passing (e.g., HTTP_PROXY)
  • "PR 15182": Support for passing build-time variables in build context

Usage (proposed):

docker build --build-arg http_proxy=http://my.proxy.url  --build-arg foo=bar <<MARK
FROM busybox
RUN <command that need http_proxy>
ARG --description="foo's description" foo
USER $foo
MARK

Solution 2

Docker has multiple ways to set proxies that take effect at different times.

If your docker build has to retrieve a base image through a proxy, you'll want to specify build-args:

docker build --build-arg HTTP_PROXY=$http_proxy \
--build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY="$no_proxy" \
--build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy \
--build-arg no_proxy="$no_proxy" -t myContainer /path/to/Dockerfile/directory

where $http_proxy and $no_proxy were set in my bashrc. I used both HTTP_PROXY and http_proxy because different utilities will check different variables (curl checks both, wget only checks the lowercase ones, etc).

If your docker build has a RUN curl/wget/etc command that has to go through the proxy, you'll need to specify an environment variable inside your docker image:

ENV https_proxy=http://proxy-us02.company.com:8080
ENV http_proxy=http://proxy-us02.company.com:8080
ENV HTTP_PROXY=http://proxy-us02.company.com:8080
ENV HTTPS_PROXY=http://proxy-us02.company.com:8080
ENV no_proxy="localhost,localdomain,127.0.0.1,etc"
ENV NO_PROXY="localhost,localdomain,127.0.0.1,etc"

If you don't want this environment variable inside your image at runtime, you can remove all these at the end:

RUN unset http_proxy https_proxy no_proxy HTTP_PROXY HTTPS_PROXY NO_PROXY

Solution 3

Docker Daemon HTTP Proxy

A lot of documentation is available about setting up the HTTP_PROXY environment variable for Docker's daemon. The environment variable is only available when running containers, so it won't help us here.

Solution in Dockerfile

Although setting up the environment variable HTTP_ENV or http_env in the Dockerfile might help, it does not help our cause either.

ENV http_proxy http://proxy.mycompany.com:80

The reason why is that each specific service only honors HTTP Proxy setting in a different way. The way I could solve is below.

  • NPM: NPM requires setting up the HTTP_PROXY variable using a CLI command.
  • GIT: GIT requires setting up the HTTP_PROXY variable using a CLI command as well.
  • MAVEN: MVN command requires setting up the HTTP_PROXY as an XML file under the user's directory at ~/.m2/settings.xml. For Docker, you can add it to the root's "/root/.m2/settings.xml" directory (unsafe, development-only), or to the Dockerfile's user's home directory.

For instance, running an application using Dockerfile, I can build an image using the following Dockerfile:

FROM node:0.10.33

# Prepare
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

# Use the cache for dependencies
COPY package.json /usr/src/app/

# If building behind an http_proxy, set them for git and npm
RUN git config --global http.proxy http://qypprdproxy02.ie.company.net:80 && \
    npm config set proxy http://qypprdproxy02.ie.company.net:80 && \
    npm config set https-proxy http://qypprdproxy02.ie.company.net:80

# Install dependencies
RUN npm install

# Copy all the source
COPY . /usr/src/app

# Execute the dev steps
COPY ./numbat-config.example.js /usr/src/app/numbat-config.js
COPY ./.env.example /usr/src/app/.evn
RUN touch /usr/src/app/config.admin.js

Note that I have configured both GIT and NPM using their CLI command to explicitly take the proxy settings before running the NPM install command. That way, both NPM and GIT dependencies will be automatically retrieved and cloned, respectively.

The result of building an image with this Dockerfile works as expected:

[root@pppdc9prd6dq newww]# fig build
...
...
Building npmregistryserver...
 ---> Using cache
 ---> 965cad0c68b0
Step 2 : WORKDIR /usr/src/app
 ---> Using cache
 ---> 4c498f0c07e9
Step 3 : COPY package.json /usr/src/app/
 ---> ae8ff7861246
Removing intermediate container ba1d7b8c9963
Step 4 : RUN npm config set proxy http://qypprdproxy02.ie.company.net:80 &&     npm config set https-proxy http://qypprdproxy02.ie.company.net:80 &&     npm install
 ---> Running in aa6e05d9c7a4
npm WARN package.json [email protected] No README data
npm WARN package.json Dependency 'async-cache' exists in both dependencies and devDependencies, using 'async-cache@^0.1.5' from dependencies
npm WARN deprecated [email protected]: Please update to the latest version.

> [email protected] install /usr/src/app/node_modules/gulp/node_modules/v8flags
> node fetch.js


> [email protected] install /usr/src/app/node_modules/hiredis
> node-gyp rebuild

make: Entering directory '/usr/src/app/node_modules/hiredis/build'
  CC(target) Release/obj.target/hiredis/deps/hiredis/hiredis.o
  CC(target) Release/obj.target/hiredis/deps/hiredis/net.o
  CC(target) Release/obj.target/hiredis/deps/hiredis/sds.o
  CC(target) Release/obj.target/hiredis/deps/hiredis/async.o
  AR(target) Release/obj.target/deps/hiredis.a
  COPY Release/hiredis.a
  CXX(target) Release/obj.target/hiredis/src/hiredis.o
  CXX(target) Release/obj.target/hiredis/src/reader.o
  SOLINK_MODULE(target) Release/obj.target/hiredis.node
  SOLINK_MODULE(target) Release/obj.target/hiredis.node: Finished
  COPY Release/hiredis.node
make: Leaving directory '/usr/src/app/node_modules/hiredis/build'
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})

> [email protected] postinstall /usr/src/app/node_modules/imagemin-pngcrush/node_modules/pngcrush-bin
> node lib/install.js

     fetch : https://raw.githubusercontent.com/imagemin/pngcrush-bin/v1.0.0/vendor/linux/pngcrush


✔ pre-build test passed successfully!

> [email protected] install /usr/src/app/node_modules/npm-typeahead/node_modules/restify/node_modules/dtrace-provider
> scripts/install.js

npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN cannot run in wd [email protected] gulp build (wd=/usr/src/app)
[email protected] node_modules/newww-metrics

[email protected] node_modules/murmurhash

[email protected] node_modules/npm-humans

[email protected] node_modules/leven

[email protected] node_modules/chunk

[email protected] node_modules/npm-expansions

[email protected] node_modules/similarity

[email protected] node_modules/truncate

This properly worked as expected and you can have a CI/CD environment behind an http proxy to rebuild images based on this Dockerfile.

Solution 4

Starting with Docker 17.07 you can alternatively use the Docker Client configuration file for providing the proxy configuration centrally:

https://docs.docker.com/network/proxy/#configure-the-docker-client

Solution 5

We are doing ...

ENV http_proxy http://9.9.9.9:9999
ENV https_proxy http://9.9.9.9:9999

and at end of dockerfile ...

ENV http_proxy ""
ENV https_proxy ""

This, for now (until docker introduces build env vars), allows the proxy vars to be used for build without publicly exposing them

Share:
74,347
Marcello de Sales
Author by

Marcello de Sales

Passionate Software Engineer working with different technologies. Professional info at https://linkedin.com/in/marcellodesales

Updated on November 27, 2020

Comments

  • Marcello de Sales
    Marcello de Sales over 3 years

    Building Docker images works in a desktop without a problem. Installing Node.js NPM dependencies work as usual. However, when using a continuous integration server such as Jenkins that is hosted behind a corporate proxy, the build Docker Images fail.

    Node.js NPM Dependencies

    While building Node.js pacakges, the command npm install fails when it cannot connect to GIT while cloning GIT dependencies.

    e1ce5e8407d1: Already exists
Status: Image is up to date for node:0.10.33
 ---> e1ce5e8407d1
Step 1 : RUN mkdir -p /usr/src/app
 ---> Using cache
 ---> 965cad0c68b0
Step 2 : WORKDIR /usr/src/app
 ---> Using cache
 ---> 4c498f0c07e9
Step 3 : COPY package.json /usr/src/app/
 ---> b0662a8275fb
Removing intermediate container 5aca20551452
Step 4 : RUN npm install
 ---> Running in 7ccf9e5362af
npm WARN package.json [email protected] No README data
npm WARN package.json Dependency 'async-cache' exists in both dependencies and devDependencies, using 'async-cache@^0.1.5' from dependencies
npm ERR! git clone https://github.com/npm/npm2es.git Cloning into bare repository '/root/.npm/_git-remotes/https-github-com-npm-npm2es-git-60a75edb'...
npm ERR! git clone https://github.com/npm/npm2es.git fatal: unable to access 'https://github.com/npm/npm2es.git/': Failed to connect to github.com port 443: Connection timed out

    Java Maven, Ruby, Go Docker Images with Dependencies

    The same occurs when building Java, Ruby or Go containers, where dependencies are located in repository servers across your corporate Proxy server.

    Knowing that you can configure Docker with HTTP_PROXY environment variable, how to properly configure Docker to properly build images in CI environments?

  • K..
    K.. about 9 years
    This worked, but it prevents the Dockerfile from building on other devices, I fear.
  • Marcello de Sales
    Marcello de Sales about 9 years
    That's exactly what the question/answer is about: if you have an CI/CD environment where Docker images are built by separate boxes!!! Your app can still run normally by replacing or completely unsetting the proxy settings at runtime by mounting a new .npmrc that removes the setting while you do "docker run". ;)
  • Marcello de Sales
    Marcello de Sales over 8 years
    Thanks for providing it... I've been following the development of that and I can't wait...
  • taco
    taco over 8 years
    It's out. We're at Docker 1.9.1 now.
  • Marcello de Sales
    Marcello de Sales over 8 years
    I've tested and it is awesome!
  • VonC
    VonC over 8 years
    @MarcellodeSales Indeed. I have been using it for a few weeks now, and it does simplifies the proxy management.
  • Marcello de Sales
    Marcello de Sales over 8 years
    Yeah, there's an open issue to support it on docker-compose! That makes it a full support! :)
  • VonC
    VonC over 8 years
    @MarcellodeSales Right: github.com/docker/compose/issues/2111 I suppose. I will be monitoring it.
  • Nimblejoe
    Nimblejoe over 5 years
    When docker build is running from inside Visual Studio, this seems to be the only way I can get it to recognize the proxy settings. I tried with a NuGet.Config file and setting http_proxy and https_proxy environment variables, but none of these worked. I had to add if after the build statement. In my case it followed "FROM microsoft/dotnet:2.1-sdk AS build". Thanks!
  • Dan
    Dan almost 3 years
    I tried with --build-arg and ENV variable but doesn't seems to work. Only this way seems to be working with Ubuntu 18.04 image for me. Thanks for sharing. I created a file ~/.docker/config.json with proxy urls as suggested in the post.
  • Sibi John
    Sibi John over 2 years
    why do we need the args both in caps and small?
  • jeremysprofile
    jeremysprofile over 2 years
    See this question Basically, some applications use uppercase, some use lowercase.
  • Donatello
    Donatello over 2 years
    All other answers using environment variables or build args are deprecated. This method (configuring docker client) is the right way to solve proxy issues today !

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can we include git commands in docker image?
Mounting Maven Repository to Docker
Installing maven in a docker build overrides JAVA 8 with JAVA 7(!)
npm not found but installed from the shell script file in Dockerfile
Building Docker image for Node application using Yarn dependency
Docker Load key "/root/.ssh/id_rsa": invalid format
Correct way to deploy WAR files in docker image
Dockerfile strategies for Git
How to build a docker container for a Java application
Maven docker cache dependencies