#Equivalent of --cache-to and --cache-from in docker buildx

When I'm building a container with a dockerfile, is there a way to export the build cache to my registry? I'm looking for the equivalent of the --cache-to and --cache-from flags in docker builx build. I've also tried setting _EXPERIMENTAL_DAGGER_CACHE_CONFIG="type=registry,mode=max,ref=123456789.dkr.ecr.us-east-1.amazonaws.com/dagger-test:dagger-cache" to export the whole dagger cache but that didn't seem to do anything.

I had a very similiar question today when looking for options to configure caching in Github Actions in Dagger - I pretty much gave up.

However, Claude seems to think you can do this by supplying a modified "frontend gateway" in a buildkitd.toml file: that file is documented at https://docs.docker.com/build/buildkit/toml-configuration/

Claude suggests the attached config (which I have not tried but looks promising). Further context:

If you want to set a default --cache-from argument without modifying the docker build command itself, you can consider using BuildKit's frontend gateway configuration.
The frontend gateway allows you to define custom frontends and configure their behavior. You can create a custom frontend that wraps the default Dockerfile frontend and injects the desired --cache-from argument.

This seems like a super-involved solution and I hope there is something easier that we can do

When it becomes important enough for me to save the couple of minutes in Github Actions I will probably return to this problem: for now the runner time savings is not enough to warrant investing my time

If you figure this out I'd love to know

Probably you will also need this in buildkitd.toml

[frontend."default"]
source = "custom-dockerfile-frontend"

Hey, you might be able to configure these settings inside the engine.toml of the dagger engine image.

You can find more information about this on this page: https://docs.dagger.io/manuals/administrator/472258/custom-runner

Hope it helps you

This page also contains an example about running the dagger engine with a custom engine.toml: https://docs.dagger.io/manuals/administrator/272381/custom-registry

_EXPERIMENTAL_DAGGER_CACHE_CONFIG should work given that we have tests for that: https://github.com/dagger/dagger/blob/743725c8b96ff0f4888bd7b1512efbe8ffae2779/core/integration/remotecache_test.go#L40-L52C34. Just tested out using a local registry and seems to be working ok

@rain osprey even though we don't recommend using it and we don't actively maintain it, you should see a message in the engine logs while trying to export the cache if that env var is set

something like: time="2024-05-29T03:06:30Z" level=debug msg="done running cache export for client woi828fgfhbe2e787azz1vnna" client_hostname=xps client_id=woi828fgfhbe2e787azz1vnna server_id=sf69og5jrljcnvjh7m7bffo1j

Just getting back to this, not sure what I had misconfigured before but _EXPERIMENTAL_DAGGER_CACHE_CONFIG seems to work! I do have an issue with ECR where its failing with context cancelled so not sure about that

that's awesome!

@rain osprey where you able to speed the building process? can you share an example of the running command?

Hey @split marsh I haven't tested this in our actual build process yet, I'm still writing our initial workflows in dagger and I'm probably going to spend some time working on improving our CI infra so we have more reliable local caching before I try reaching for _EXPERIMENTAL_DAGGER_CACHE_CONFIG since that's not recommended.

The command I ran was export _EXPERIMENTAL_DAGGER_CACHE_CONFIG="type=registry,mode=max,ref=localhost:5000/ocli-test:dagger-cache" and then I ran my normal dagger call and I saw those log lines that @raven tide mentioned and I saw logs from my local registry showing layers being pushed/pulled to/from it. I didn't dig into the ECR context cancelled error since that seemed like a can of worms and I think its unlikely I actually leverage this anytime soon.

thanks

<@&946480760016207902> how do i know if dagger is picking the
export _EXPERIMENTAL_DAGGER_CACHE_CONFIG="type=registry,ref=us-west2-docker.pkg.dev/project-id/cache,mode=max" ?

You should see layers show up in your registry you are publishing to

yes, it should

i dont see any on the artifact registry. i was expecting a log or something that points that at least its reading it. advices please we need to speed up the building process which takes around 30m every push

@split marsh try grepping in your engine logs for the hostname that you used in your CACHE_CONFIG variable and check there's anything there

I just did a test locally and works with no issues

ok seen some logs

2024-08-07 06:36:53 time="2024-08-07T11:36:53Z" level=debug msg="checked for cached auth handler namespace" cached=true key="us-west2-docker.pkg.dev/project-id/cache::pull" name=us-west2-docker.pkg.dev/project-id/cache scope=pull
2024-08-07 06:36:54 time="2024-08-07T11:36:54Z" level=debug msg="error while importing cache manifest from cmId=us-west2-docker.pkg.dev/project-id/cache: failed to configure registry cache importer: unexpected status from HEAD request to https://us-west2-docker.pkg.dev/v2/project-id/cache/manifests/latest: 400 Bad Request"

not sure to be honest whats missing, any help welcome

What registry are you using? We need more info to help you troubleshoot

a gcloud artifact registry

advices

@split marsh can you check if the same issue happens with buildkit's buildctl build (https://github.com/moby/buildkit/tree/master?tab=readme-ov-file#export-cache)? Dagger uses buildkit internally and what's mostly happening in your case I'm quite confident is coming from buildkit.

If you still have this issue in buildkit, I'd advise to open an issue in their repo as there's nothing we can do from our end

I've tried using the CACHE_CONFIG option a local registry and it's working without issues

got it, let me try it

im not sure i can run buildctl on mac, i cant find any doc aroung it. i do have docker desktop to use buildkit but not sure how to use it directly

@split marsh do you have docker buildx on mac?

yes i do

that's buildkit

docker buildx build --cache-from --cache-to

that's what you need

and cache-from is on the format of "type=registry,ref=us-west2-docker.pkg.dev/project-id/cache,mode=max" ? sorry never use it before

https://docs.docker.com/reference/cli/docker/buildx/build/#cache-from

when i run

docker buildx build --platform linux/amd64 -t xyz --cache-to=type=registry,ref=us-west2-docker.pkg.dev/project-id/cache/cache:latest,mode=max -f Dockerfile .

it build and i can see the image and tag on the registry it self. But when i do

export _EXPERIMENTAL_DAGGER_CACHE_CONFIG="type=registry,ref=us-west2-docker.pkg.dev/project-id/cache/cache:latest,mode=max"

dagger call \
....

nothing updates on the registry, at least on cache

also, i cant see logs from dagger container 0.12.4

������MError grabbing logs: invalid character '\x00' looking for beginning of value

cc @versed marsh interesting...

We have integ tests for this that pass but I’ll see if I can repro anything there. I think the current tests don’t do “dagger call” since they were added pre-modules so will give that a try

Any update on this @versed marsh ?

Erik had to take few days away from the keyboard to deal with personal stuff, we'll see if we can look into it while he's gone, thanks for the wait 🙏

thanks @royal meadow im been presured on this one for long building times 😦

@split marsh are you using self-hosted runners?

no. That said im using GHA on some projects, gcp cloud build on others and aws code build 😉 so running dagger on multiple clouds

but the project where you're getting pressured on build speed (so I guess a professional project) is running on regular managed GHA runners correct? Can you share more details on which runners? You can DM me if you prefer

the one im getting more presure is actually been run on GCP cloud build, regular managed google runners

Oh I see, are the builds triggered from CI? or separately?

and if so what's the CI configuration?

the pipeline it self its pretty simple as you can figure it out i do everything in dagger

options:
  machineType: "E2_HIGHCPU_32"
  dynamicSubstitutions: true
  logging: CLOUD_LOGGING_ONLY

serviceAccount: <redacted>

steps:
  - name: "gcr.io/cloud-builders/docker"
    entrypoint: "bash"
    args:
      - "-c"
      - |
        apt update
        apt dist-upgrade -y
        apt install -y apt-transport-https ca-certificates gnupg curl
        curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg
        echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
        apt update
        apt install -y google-cloud-cli
        gcloud init
        
        curl -L https://dl.dagger.io/dagger/install.sh | sh -s -- -b /usr/local/bin
        mv ./bin/dagger /usr/local/bin
        dagger version
        
        cd devops/btd
        
        export DAGGER_CLOUD_TOKEN=$(gcloud secrets versions access latest --secret=DAGGER_CLOUD_TOKEN)
        
        bash run.sh "${BRANCH_NAME}" "${BUILD_ID}"

```

the run.sh script is

#!/usr/bin/env bash

BRANCH_NAME=$1
BUILD_ID=$2

dagger call \
  --working-dir=../../ \
  --git-branch="${BRANCH_NAME}" \
  --build-id="${BUILD_ID}" \
  --github-token=cmd:"gcloud secrets versions access latest --secret=DAGGER_GH_TOKEN" \
  --gcp-access-token=cmd:"gcloud auth print-access-token" \
  --libs-pull-gcp-sa-content=cmd:"gcloud secrets versions access latest --secret=LIBS-READ-WRITE-KEY" \
  --database-connection-name=cmd:"gcloud secrets versions access latest --secret=PLATFORM_BACKEND_CLOUD_SQL_CONNECTION_NAME" \
  --database-connection-string=cmd:"gcloud secrets versions access latest --secret=PLATFORM_BACKEND_DATABASE_URL" \
  run

@split marsh are you sure aboutt his?

I've just tried it with my personal GCR repository and it doesn't work

I even see this in my buildkit logs:

time="2024-08-14T21:20:24Z" level=warning msg="reference for unknown type: application/vnd.buildkit.cacheconfig.v0"
time="2024-08-14T21:20:27Z" level=error msg="/moby.buildkit.v1.Control/Solve returned error: rpc error: code = Unknown desc = error writing manifest blob: failed to open writer: unexpected status from HEAD request to https://us-east1-docker.pkg.dev/v2/$PROJECT/test/manifests/latest: 400 Bad Request"

and I get this in my docker buildx build command also:

@split marsh seems like a buildkit issue https://github.com/moby/buildkit/issues/1143

you can follow that thread for updates

this is not related to Dagger

oh got it. thanks. any other of the cache system i can use on this scenario?

@split marsh out of curiosity how is that cloud build triggered? Is it hooked up to git events, and if so how?

It looks like the event triggers are not configured in the build file itself

yes it mirror the repo which is on GH and every push to the repo triggers the new build. Yea project owner does not want to use GHA 😦

That's fine, the whole point of Dagger is to make cross-CI portability easier 🙂

and its great on it. few missing points dough

yes the dough is a missing point 😛

this is a bit old also we are using artifact registry which is the evolution of gcr. but got its on buildkit side

taht said the question remains. which is the best way to cache the pipeline outside dagger cloud of course?

@split marsh soon there will be 2 solid answers:

1. "configure a storage driver to use your favorite object storage service"
2. "choose a hosting partner with great persistent caching builtin"

It's a high priority to implement both of these

@split marsh one solution you could implement right away, is to use self-hosted runners (if google cloud build supports this) with persistent or semi-persistent local storage.

Not sure I follow "got its own buildkit side"

sorry typo. mean its on buildkit side

Oh! The issue also mentions users having problems with artifact registry as well

any specific thread, git branhc, pr, etc? i should follow to keep myself updated on this topic?

https://github.com/dagger/dagger/issues/8004