dockergitlabgitlab-ci

GitLab CI/CD Pipeline Fails with "sh: 7: Syntax error: 'do' unexpected" When Using Custom Docker Image

I'm running a GitLab CI/CD pipeline using a custom Docker image that contains Terraform, Terragrunt, and AWS CLI. However, the pipeline fails at the first stage with the following error:

Executing "step_script" stage of the job script
00:01
Using docker image sha256:e1589e57615ab7e4c9ffe424070fef53c53c17a040de2c5ee858fff319753f2a for registry.gitlab.com/image-path:terragrunt-latest with digest registry.gitlab.com/image-path@sha256:0d5c661e1dce3f543af65966daa947a9e3878316b95464cbb3c3187d19e01d40 ...
sh: 7: Syntax error: "do" unexpected
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 2

What I've Done So Far: Built and Pushed the Docker Image: The image is built on Ubuntu 22.04 with the necessary packages installed. It is pushed to GitLab Container Registry:

docker build -t registry.gitlab.com/my-project/my-repo:latest .
docker push registry.gitlab.com/my-project/my-repo:latest

Dockerfile :

# Use an official Ubuntu base image
FROM ubuntu:22.04

# Set environment variables to avoid interactive prompts during installation
ENV DEBIAN_FRONTEND=noninteractive
ENV PATH="/usr/local/bin:${PATH}"

# Install required packages and tools
RUN apt-get update && apt-get install -y \
    bash \
    curl \
    git \
    awscli \
    unzip \
    tar \
    lsof \
    jq \
    gnupg \
    dpkg \
    wget \
    tzdata \
    netcat \
    software-properties-common \
    ca-certificates && \
    # Add the deadsnakes PPA for Python 3.12
    add-apt-repository ppa:deadsnakes/ppa && \
    apt-get update && \
    apt-get install -y \
    python3.12 \
    python3.12-venv && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Install Terraform
RUN wget https://releases.hashicorp.com/terraform/1.5.6/terraform_1.5.6_linux_amd64.zip && \
    unzip terraform_1.5.6_linux_amd64.zip && \
    mv terraform /usr/local/bin/ && \
    rm terraform_1.5.6_linux_amd64.zip

# Install Terragrunt
RUN curl -L -o terragrunt https://github.com/gruntwork-io/terragrunt/releases/download/v0.53.3/terragrunt_linux_amd64 && \
    chmod +x terragrunt && \
    mv terragrunt /usr/local/bin/

# Install kubectl
RUN curl -LO "https://dl.k8s.io/release/v1.27.3/bin/linux/amd64/kubectl" && \
    chmod +x kubectl && \
    mv kubectl /usr/local/bin/

# Install aws-iam-authenticator
RUN curl -Lo aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/latest/download/aws-iam-authenticator-linux-amd64 && \
    chmod +x aws-iam-authenticator && \
    mv aws-iam-authenticator /usr/local/bin/

# Install AWS Session Manager plugin (Detect architecture)
RUN ARCH=$(dpkg --print-architecture) && \
    if [ "$ARCH" = "amd64" ]; then ARCH="64bit"; fi && \
    if [ "$ARCH" = "arm64" ]; then ARCH="arm64"; fi && \
    curl -L -o session-manager-plugin.deb "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_${ARCH}/session-manager-plugin.deb" && \
    dpkg -i session-manager-plugin.deb && \
    rm session-manager-plugin.deb



# Install Python and dependencies
RUN python3.12 -m ensurepip --upgrade && \
    python3.12 -m pip install setuptools && \
    ln -sf /usr/bin/python3.12 /usr/bin/python3

# Verify installations
RUN aws --version && \
    terraform --version && \
    terragrunt --version && \
    kubectl version --client && \
    session-manager-plugin --version && \
    python3 --version

# Set the entry point for the image
CMD ["/bin/bash"]

Declared the Image in .gitlab-ci.yml:

image: "registry.gitlab.com/my-project/my-repo:latest"
.setup_aws:
  environment:
    name: $ENVIRONMENT
  before_script:

    # Verify Image
    - bash -c 
    - echo "Using pre-built Docker image with Terraform & Terragrunt"
    - aws --version
    - terraform --version
    - terragrunt --version
    - kubectl version --client

Additional Information: GitLab Runner Version: 17.7.0~pre.103.g896916a8 Executor:

docker+machine Base Image: Ubuntu 22.04 Pipeline Logs:
Using docker image registry.gitlab.com/my-project/my-repo:latest ...
sh: 7: Syntax error: "do" unexpected
ERROR: Job failed: exit code 2

What could be causing this syntax error in the GitLab CI/CD pipeline? Is there any issue with how GitLab CI runs entrypoint scripts? How can I debug this further? Any help would be greatly appreciated!

Solution

  • Looking at the error GitLab has not executed any of the before_script, not even the very problematic "bash -c" line.

    This indicates a probable incompatibility with how the entry point is set up: GitLab wants to run its own startup script to setup the container to listen for build commands but it needs the entrypoint itself to consequently be ready to accept a bash command.

    GitLab has an extended image syntax which can help if this is the issue, and the simplest solution is to simply set the entrypoint to "" as follows:

    image:
  name: "registry.gitlab.com/my-project/my-repo:latest"
  entrypoint: [""]