Proxy issues in build containers with outdated CLI plugins in Docker snap package

[advanceboy]

Problem Description:

In a proxy environment, running docker compose up --build using the Docker snap package fails because the build containers cannot properly utilize the proxy settings. This is caused by outdated CLI plugins included in the snap package:

• docker-compose: v2.20.3
• docker-buildx: v0.16.1

Updating to more recent versions (docker-compose v2.21.0 and docker-buildx v0.17.1) resolves the issue.

Steps to Reproduce:

1. Set up proxy and groups:

   sudo addgroup --system docker
   sudo adduser $USER docker
   newgrp docker
   sudo snap set system proxy.https=http://proxy.example.com:8080

2. Install the Docker snap package and configure proxy environment variables for dockerd.

   sudo snap install docker
   sudo mkdir /etc/systemd/system/snap.docker.dockerd.service.d/
   sudo tee /etc/systemd/system/snap.docker.dockerd.service.d/override.conf << EOF > /dev/null
   [Service]
   Environment="HTTP_PROXY=http://proxy.example.com:8080" "HTTPS_PROXY=http://proxy.example.com:8080" "NO_PROXY=localhost,127.0.0.1,host.docker.internal,*.internal"
   EOF
   sudo systemctl daemon-reload
   sudo snap restart --reload docker
   docker info
   mkdir ~/snap/docker/current/.docker/
   cat <<'EOF' > ~/snap/docker/current/.docker/config.json
   {
     "proxies": {
       "default": {
         "httpProxy": "http://proxy.example.com:8080",
         "httpsProxy": "http://proxy.example.com:8080",
         "noProxy": "localhost,127.0.0.1,host.docker.internal,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,*.internal"
       }
     }
   }
   EOF
   export http_proxy=http://proxy.example.com:8080; export https_proxy=$http_proxy

3. Create a minimal Dockerfile and docker-compose.yaml:

   cat << 'EOF' > Dockerfile
   FROM alpine:3.20
   RUN apk add curl
   EOF
   
   cat << 'EOF' > compose.yaml
   services:
     test:
       build:
         context: ./
       restart: "no"
   EOF

4. Run the following command:

   docker compose up --build

Observed Behavior:

The build fails with errors indicating that the proxy settings are not respected during the build process.

[+] Building 211.7s (6/6) FINISHED                                         docker:default
 => [test internal] load build definition from Dockerfile                            0.0s
 => => transferring dockerfile: 105B                                                 0.0s
 => [test internal] load metadata for docker.io/library/alpine:3.20                  2.1s
 => [test internal] load .dockerignore                                               0.0s
 => => transferring context: 2B                                                      0.0s
 => [test 1/3] FROM docker.io/library/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8  0.5s
 => => resolve docker.io/library/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8a7542  0.0s
 => => sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb75 9.22kB / 9.22kB  0.0s
 => => sha256:029a752048e32e843bd6defe3841186fb8d19a28dae8ec287f433 1.02kB / 1.02kB  0.0s
 => => sha256:63b790fccc9078ab8bb913d94a5d869e19fca9b77712b315da3fa45bb 600B / 600B  0.0s
 => => sha256:da9db072f522755cbeb85be2b3f84059b70571b229512f1571d92 3.62MB / 3.62MB  0.3s
 => => extracting sha256:da9db072f522755cbeb85be2b3f84059b70571b229512f1571d9217b77  0.1s
 => [test 2/3] RUN printenv | grep "proxy" | cat                                     0.2s
 => ERROR [test 3/3] RUN apk add curl                                               43.2s
------
 > [test 3/3] RUN apk add curl:
0.131 fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/main/x86_64/APKINDEX.tar.gz
14.53 fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/community/x86_64/APKINDEX.tar.gz
14.53 WARNING: updating and opening https://dl-cdn.alpinelinux.org/alpine/v3.20/main: Permission denied
43.20 WARNING: updating and opening https://dl-cdn.alpinelinux.org/alpine/v3.20/community: Permission denied
43.20 ERROR: unable to select packages:
43.20   curl (no such package):
43.20     required by: world[curl]
------
failed to solve: process "/bin/sh -c apk add curl" did not complete successfully: exit code: 1

Workaround:

Manually update the CLI plugins to the latest versions:

mkdir ~/snap/docker/current/.docker/cli-plugins
curl -SL https://github.com/docker/compose/releases/download/v2.21.0/docker-compose-linux-x86_64 -o ~/snap/docker/current/.docker/cli-plugins/docker-compose
curl -SL https://github.com/docker/buildx/releases/download/v0.17.1/buildx-v0.17.1.linux-amd64 -o ~/snap/docker/current/.docker/cli-plugins/docker-buildx
chmod u=rwx,g=rx,o=rx ~/snap/docker/current/.docker/cli-plugins/docker-*

After updating, the build succeeds as expected.

[+] Building 4.6s (7/7) FINISHED                                           docker:default
 => [test internal] load build definition from Dockerfile                            0.0s
 => => transferring dockerfile: 105B                                                 0.0s
 => [test internal] load metadata for docker.io/library/alpine:3.20                  2.2s
 => [test internal] load .dockerignore                                               0.0s
 => => transferring context: 2B                                                      0.0s
 => [test 1/3] FROM docker.io/library/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8  0.5s
 => => resolve docker.io/library/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8a7542  0.0s
 => => sha256:63b790fccc9078ab8bb913d94a5d869e19fca9b77712b315da3fa45bb 600B / 600B  0.0s
 => => sha256:da9db072f522755cbeb85be2b3f84059b70571b229512f1571d92 3.62MB / 3.62MB  0.3s
 => => sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb75 9.22kB / 9.22kB  0.0s
 => => sha256:029a752048e32e843bd6defe3841186fb8d19a28dae8ec287f433 1.02kB / 1.02kB  0.0s
 => => extracting sha256:da9db072f522755cbeb85be2b3f84059b70571b229512f1571d9217b77  0.1s
 => [test 2/3] RUN printenv | grep "proxy" | cat                                     0.2s
 => [test 3/3] RUN apk add curl                                                      1.5s
 => [test] exporting to image                                                        0.1s
 => => exporting layers                                                              0.1s
 => => writing image sha256:b00027dd0cf946a25c600472f3c384af8033bb70281eba5f8222b4d  0.0s
 => => naming to docker.io/library/myubuntu-test                                     0.0s
[+] Running 2/2
 ✔ Network myubuntu_default   Created                                                0.1s
 ✔ Container myubuntu-test-1  Created                                                0.0s
Attaching to myubuntu-test-1
myubuntu-test-1 exited with code 0

Proposed Solution:

Update the docker-compose and docker-buildx plugins in the snap package to the following versions or higher:

• docker-compose: v2.21.0 (v2.29.7 recommended)
• docker-buildx: v0.17.1

References:

• Current snapcraft.yaml file
• Docker Compose v2.21.0 release
• Docker Buildx v0.17.1 release

[locnnil]

On the following PR:

• Upgrade to 27.4.0  #198

The docker-compose has been updated to version v2.30.2:

docker-snap/snap/snapcraft.yaml

Line 352 in a53ec76

source-tag: v2.30.3

Also, docker-buildx has been updated to version v0.18.0:

docker-snap/snap/snapcraft.yaml

Line 337 in a53ec76

source-tag: v0.18.0

This updated version is currently available on the latest/beta channel. You can install and test it by running the following command:

sudo snap refresh docker --beta

Could you please try this new version and let us know if it resolves the issue? Your feedback will help us ensure everything behaves as expected.

We are also conducting further testing to verify there are no regressions and to guarantee the best quality. Once the testing is complete, this version will be promoted to the latest/stable channel.

Thank you so much for your time and assistance! We truly appreciate your support.