Updated docker.go

CI-13848 - Fix "`GLIBC_2.34' not found" in buildah-docker

.drone.yml

@@ -1,6 +1,12 @@
 kind: pipeline
-type: docker
 name: default
+type: vm
+
+platform:
+  os: linux
+  arch: amd64
+pool:
+  use: ubuntu
 
 steps:
 - name: build
@@ -96,12 +102,14 @@ steps:
 
 ---
 kind: pipeline
-type: docker
+type: vm
 name: notifications-docker
 
 platform:
   os: linux
   arch: amd64
+pool:
+  use: ubuntu
 
 steps:
 - name: manifest-docker

README.md

@@ -8,7 +8,7 @@
 [![Go Doc](https://godoc.org/github.com/drone-plugins/drone-buildah?status.svg)](http://godoc.org/github.com/drone-plugins/drone-buildah)
 [![Go Report](https://goreportcard.com/badge/github.com/drone-plugins/drone-buildah)](https://goreportcard.com/report/github.com/drone-plugins/drone-buildah)
 
-Drone plugin uses buildah to build and publish Docker images to a container registry. For the usage information and a listing of the available options please take a look at [the docs](http://plugins.drone.io/drone-plugins/drone-buildah/).
+Drone plugin uses buildah to build and publish Docker images to a container registry. For the usage information and a listing of the available options please take a look at [the docs](https://plugins.drone.io/plugins/buildah).
 
 ## Build
 
@@ -66,7 +66,6 @@ docker run --rm \
   -e PLUGIN_REPO=octocat/hello-world \
   -e DRONE_COMMIT_SHA=d8dbe4d94f15fe89232e0402c6e8a0ddf21af3ab \
   --cap-add=SYS_ADMIN \
-  -v /var/lib/containers/:/var/lib/containers/:Z \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   plugins/buildah-docker --dry-run

cmd/drone-docker/main.go

@@ -29,7 +29,7 @@ func main() {
 		cli.BoolFlag{
 			Name:   "dry-run",
 			Usage:  "dry run disables docker push",
-			EnvVar: "PLUGIN_DRY_RUN",
+			EnvVar: "PLUGIN_DRY_RUN,PLUGIN_NO_PUSH",
 		},
 		cli.StringFlag{
 			Name:   "remote.url",
@@ -182,6 +182,61 @@ func main() {
 			Usage:  "additional host:IP mapping",
 			EnvVar: "PLUGIN_ADD_HOST",
 		},
+		cli.StringFlag{
+			Name:   "s3-local-cache-dir",
+			Usage:  "local directory for S3 based cache",
+			EnvVar: "PLUGIN_S3_LOCAL_CACHE_DIR",
+		},
+		cli.StringFlag{
+			Name:   "s3-bucket",
+			Usage:  "S3 bucket name",
+			EnvVar: "PLUGIN_S3_BUCKET",
+		},
+		cli.StringFlag{
+			Name:   "s3-endpoint",
+			Usage:  "S3 endpoint address",
+			EnvVar: "PLUGIN_S3_ENDPOINT",
+		},
+		cli.StringFlag{
+			Name:   "s3-region",
+			Usage:  "S3 region",
+			EnvVar: "PLUGIN_S3_REGION",
+		},
+		cli.StringFlag{
+			Name:   "s3-key",
+			Usage:  "S3 access key",
+			EnvVar: "PLUGIN_S3_ACCESS_KEY",
+		},
+		cli.StringFlag{
+			Name:   "s3-secret",
+			Usage:  "S3 access secret",
+			EnvVar: "PLUGIN_S3_SECRET",
+		},
+		cli.BoolFlag{
+			Name:   "s3-use-ssl",
+			Usage:  "Enable SSL for S3 connections",
+			EnvVar: "PLUGIN_S3_USE_SSL",
+		},
+		cli.BoolFlag{
+			Name:   "layers",
+			Usage:  "User Layers",
+			EnvVar: "PLUGIN_LAYERS",
+		},
+		cli.BoolFlag{
+			Name:   "push-only",
+			Usage:  "Push existing Docker images without building",
+			EnvVar: "PLUGIN_PUSH_ONLY",
+		},
+		cli.StringFlag{
+			Name:   "source-tar-path",
+			Usage:  "Path to Docker image tar file to load and push",
+			EnvVar: "PLUGIN_SOURCE_TAR_PATH",
+		},
+		cli.StringFlag{
+			Name:   "tar-path",
+			Usage:  "Path to save Docker image as tar file",
+			EnvVar: "PLUGIN_TAR_PATH,PLUGIN_DESTINATION_TAR_PATH",
+		},
 	}
 
 	if err := app.Run(os.Args); err != nil {
@@ -191,8 +246,11 @@ func main() {
 
 func run(c *cli.Context) error {
 	plugin := docker.Plugin{
-		Dryrun:  c.Bool("dry-run"),
-		Cleanup: c.BoolT("docker.purge"),
+		Dryrun:        c.Bool("dry-run"),
+		Cleanup:       c.BoolT("docker.purge"),
+		PushOnly:      c.Bool("push-only"),
+		SourceTarPath: c.String("source-tar-path"),
+		TarPath:       c.String("tar-path"),
 		Login: docker.Login{
 			Registry: c.String("docker.registry"),
 			Username: c.String("docker.username"),
@@ -221,6 +279,14 @@ func run(c *cli.Context) error {
 			NoCache:     c.Bool("no-cache"),
 			AddHost:     c.StringSlice("add-host"),
 			Quiet:       c.Bool("quiet"),
+			S3CacheDir:  c.String("s3-local-cache-dir"),
+			S3Bucket:    c.String("s3-bucket"),
+			S3Endpoint:  c.String("s3-endpoint"),
+			S3Region:    c.String("s3-region"),
+			S3Key:       c.String("s3-key"),
+			S3Secret:    c.String("s3-secret"),
+			S3UseSSL:    c.Bool("s3-use-ssl"),
+			Layers:      c.Bool("layers"),
 		},
 	}
 

docker.go

@@ -5,6 +5,7 @@ import (
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"os/user"
 	"path/filepath"
 	"strings"
 	"time"
@@ -44,14 +45,25 @@ type (
 		NoCache     bool     // Docker build no-cache
 		AddHost     []string // Docker build add-host
 		Quiet       bool     // Docker build quiet
+		S3CacheDir  string
+		S3Bucket    string
+		S3Endpoint  string
+		S3Region    string
+		S3Key       string
+		S3Secret    string
+		S3UseSSL    bool
+		Layers      bool
 	}
 
 	// Plugin defines the Docker plugin parameters.
 	Plugin struct {
-		Login   Login // Docker login configuration
-		Build   Build // Docker build configuration
-		Dryrun  bool  // Docker push is skipped
-		Cleanup bool  // Docker purge is enabled
+		Login         Login  // Docker login configuration
+		Build         Build  // Docker build configuration
+		Dryrun        bool   // Docker push is skipped
+		Cleanup       bool   // Docker purge is enabled
+		PushOnly      bool   // Push only mode, skips build process
+		SourceTarPath string // Path to Docker image tar file to load and push
+		TarPath       string // Path to save Docker image as tar file
 	}
 )
 
@@ -59,23 +71,28 @@ type (
 func (p Plugin) Exec() error {
 	// Create Auth Config File
 	if p.Login.Config != "" {
-		homeDir, err := os.UserHomeDir()
+		user, err := user.Current()
 		if err != nil {
-			return fmt.Errorf("failed to find home directory: %s", err)
+			return fmt.Errorf("Error getting the current user: %s", err)
+		}
+		root := fmt.Sprintf("/var/tmp/%s/containers/containers/", user.Uid)
+		if err := os.MkdirAll(root, 0777); err != nil {
+			return fmt.Errorf("Error writing runtime dir: %s", err)
 		}
-		dockerHome := fmt.Sprintf("%s/.docker/config.json", homeDir)
-		os.MkdirAll(dockerHome, 0600)
 
-		path := filepath.Join(dockerHome, "config.json")
-		err = ioutil.WriteFile(path, []byte(p.Login.Config), 0600)
-		if err != nil {
-			return fmt.Errorf("Error writing config.json: %s", err)
+		path := filepath.Join(root, "auth.json")
+		if err := ioutil.WriteFile(path, []byte(p.Login.Config), 0600); err != nil {
+			return fmt.Errorf("Error writing auth.json: %s", err)
 		}
+
+		fmt.Printf("Config written to %s\n", path)
 	}
 
 	// login to the Docker registry
 	if p.Login.Password != "" {
 		cmd := commandLogin(p.Login)
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
 		err := cmd.Run()
 		if err != nil {
 			return fmt.Errorf("Error authenticating: %s", err)
@@ -91,6 +108,11 @@ func (p Plugin) Exec() error {
 		fmt.Println("Registry credentials or Docker config not provided. Guest mode enabled.")
 	}
 
+	// Check if we're in push-only mode
+	if p.PushOnly {
+		return p.pushOnly()
+	}
+
 	// add proxy build args
 	addProxyBuildArgs(&p.Build)
 
@@ -108,11 +130,23 @@ func (p Plugin) Exec() error {
 	for _, tag := range p.Build.Tags {
 		cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
 
-		if p.Dryrun == false {
+		if !p.Dryrun {
 			cmds = append(cmds, commandPush(p.Build, tag)) // docker push
 		}
 	}
 
+	// If TarPath is specified and Dryrun is enabled, save the image to a tar file
+	if p.TarPath != "" && p.Dryrun && len(p.Build.Tags) > 0 {
+		// Ensure parent directories exist
+		if err := os.MkdirAll(filepath.Dir(p.TarPath), 0755); err != nil {
+			return fmt.Errorf("failed to create parent directories for tar path: %s", err)
+		}
+
+		imageToSave := fmt.Sprintf("%s:%s", p.Build.Repo, p.Build.Tags[0])
+		fmt.Println("Saving image to tar:", p.TarPath)
+		cmds = append(cmds, commandSaveTar(imageToSave, p.TarPath))
+	}
+
 	if p.Cleanup {
 		cmds = append(cmds, commandRmi(p.Build.Name)) // buildah rmi
 	}
@@ -170,20 +204,21 @@ func commandLoginEmail(login Login) *exec.Cmd {
 	)
 }
 
-// helper function to create the docker info command.
+// helper function to create the docker version command.
 func commandVersion() *exec.Cmd {
 	return exec.Command(buildahExe, "version")
 }
 
 // helper function to create the docker info command.
 func commandInfo() *exec.Cmd {
-	return exec.Command(buildahExe, "info")
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "info")
 }
 
 // helper function to create the docker build command.
 func commandBuild(build Build) *exec.Cmd {
 	args := []string{
 		"bud",
+		"--storage-driver", "vfs",
 		"-f", build.Dockerfile,
 	}
 
@@ -217,6 +252,30 @@ func commandBuild(build Build) *exec.Cmd {
 	if build.Quiet {
 		args = append(args, "--quiet")
 	}
+	if build.Layers {
+		args = append(args, "--layers=true")
+		if build.S3CacheDir != "" {
+			args = append(args, "--s3-local-cache-dir", build.S3CacheDir)
+			if build.S3Bucket != "" {
+				args = append(args, "--s3-bucket", build.S3Bucket)
+			}
+			if build.S3Endpoint != "" {
+				args = append(args, "--s3-endpoint", build.S3Endpoint)
+			}
+			if build.S3Region != "" {
+				args = append(args, "--s3-region", build.S3Region)
+			}
+			if build.S3Key != "" {
+				args = append(args, "--s3-key", build.S3Key)
+			}
+			if build.S3Secret != "" {
+				args = append(args, "--s3-secret", build.S3Secret)
+			}
+			if build.S3UseSSL {
+				args = append(args, "--s3-use-ssl=true")
+			}
+		}
+	}
 
 	if build.AutoLabel {
 		labelSchema := []string{
@@ -297,14 +356,14 @@ func commandTag(build Build, tag string) *exec.Cmd {
 		target = fmt.Sprintf("%s:%s", build.Repo, tag)
 	)
 	return exec.Command(
-		buildahExe, "tag", source, target,
+		buildahExe, "tag", "--storage-driver", "vfs", source, target,
 	)
 }
 
 // helper function to create the docker push command.
 func commandPush(build Build, tag string) *exec.Cmd {
 	target := fmt.Sprintf("%s:%s", build.Repo, tag)
-	return exec.Command(buildahExe, "push", target)
+	return exec.Command(buildahExe, "push", "--storage-driver", "vfs", target)
 }
 
 // helper to check if args match "docker prune"
@@ -318,7 +377,7 @@ func isCommandRmi(args []string) bool {
 }
 
 func commandRmi(tag string) *exec.Cmd {
-	return exec.Command(buildahExe, "rmi", tag)
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "rmi", tag)
 }
 
 // trace writes each command to stdout with the command wrapped in an xml
@@ -326,3 +385,134 @@ func commandRmi(tag string) *exec.Cmd {
 func trace(cmd *exec.Cmd) {
 	fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
 }
+
+// pushOnly handles pushing images without building them
+func (p Plugin) pushOnly() error {
+	// If source tar path is provided, load the image first
+	if p.SourceTarPath != "" {
+		fileInfo, err := os.Stat(p.SourceTarPath)
+		if err != nil {
+			if os.IsNotExist(err) {
+				return fmt.Errorf("source image tar file %s does not exist", p.SourceTarPath)
+			}
+			return fmt.Errorf("failed to access source image tar file: %s", err)
+		}
+
+		if !fileInfo.Mode().IsRegular() {
+			return fmt.Errorf("source image tar %s is not a regular file", p.SourceTarPath)
+		}
+
+		fmt.Println("Loading image from tar:", p.SourceTarPath)
+		loadCmd := commandLoadTar(p.SourceTarPath)
+		loadCmd.Stdout = os.Stdout
+		loadCmd.Stderr = os.Stderr
+		trace(loadCmd)
+		if err := loadCmd.Run(); err != nil {
+			return fmt.Errorf("failed to load image from tar: %s", err)
+		}
+	}
+
+	// Check for required tags
+	if len(p.Build.Tags) == 0 {
+		return fmt.Errorf("no tags specified for push")
+	}
+
+	// Use the repository name as the source image name
+	sourceImageName := p.Build.Repo
+	sourceTags := p.Build.Tags
+
+	// For each source tag and target tag combination
+	taggedForPush := make(map[string]bool)
+
+	for _, sourceTag := range sourceTags {
+		sourceFullImageName := fmt.Sprintf("%s:%s", sourceImageName, sourceTag)
+
+		// Check if the source image exists in local storage
+		existsCmd := commandImageExists(sourceFullImageName)
+		existsCmd.Stdout = nil // suppress output, we only care about the exit code
+		existsCmd.Stderr = os.Stderr
+		trace(existsCmd)
+
+		if err := existsCmd.Run(); err != nil {
+			fmt.Printf("Warning: Source image %s not found\n", sourceFullImageName)
+			// Continue to the next source tag if available, otherwise return error
+			if len(sourceTags) > 1 {
+				continue
+			}
+			return fmt.Errorf("source image %s not found, cannot push", sourceFullImageName)
+		}
+
+		// For each target tag, tag and push
+		for _, targetTag := range p.Build.Tags {
+			targetFullImageName := fmt.Sprintf("%s:%s", p.Build.Repo, targetTag)
+
+			// Skip if source and target are identical
+			if sourceFullImageName == targetFullImageName {
+				fmt.Printf("Source and target image names are identical: %s\n", sourceFullImageName)
+				taggedForPush[targetFullImageName] = true
+			} else {
+				// Tag the source image with the target name
+				fmt.Printf("Tagging %s as %s\n", sourceFullImageName, targetFullImageName)
+				tagCmd := exec.Command(buildahExe, "--storage-driver", "vfs", "tag", sourceFullImageName, targetFullImageName)
+				tagCmd.Stdout = os.Stdout
+				tagCmd.Stderr = os.Stderr
+				trace(tagCmd)
+				if err := tagCmd.Run(); err == nil {
+					taggedForPush[targetFullImageName] = true
+				} else {
+					fmt.Printf("Warning: Failed to tag %s as %s: %s\n", sourceFullImageName, targetFullImageName, err)
+				}
+			}
+		}
+	}
+
+	// If no images were tagged or found, we can't proceed
+	if len(taggedForPush) == 0 {
+		return fmt.Errorf("no images found or tagged for repository %s, cannot push", p.Build.Repo)
+	}
+
+	var cmds []*exec.Cmd
+
+	// Push all tagged images
+	for tag := range taggedForPush {
+		// Extract tag from the full image name
+		_, tagOnly, found := strings.Cut(tag, ":")
+		if !found {
+			continue
+		}
+
+		// Push the image if not in dry-run mode
+		if !p.Dryrun {
+			cmds = append(cmds, commandPush(p.Build, tagOnly))
+		}
+	}
+
+	// Execute all commands
+	for _, cmd := range cmds {
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
+		trace(cmd)
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("command failed: %s", err)
+		}
+	}
+
+	return nil
+}
+
+
+
+// commandLoadTar creates a command to load an image from a tar file
+func commandLoadTar(tarPath string) *exec.Cmd {
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "pull", "docker-archive:"+tarPath)
+}
+
+// commandImageExists creates a command to check if an image exists
+func commandImageExists(image string) *exec.Cmd {
+	return exec.Command(buildahExe, "inspect", "--storage-driver", "vfs", "--type", "image", image)
+}
+
+// commandSaveTar creates a command to save an image to a tar file
+func commandSaveTar(image string, tarPath string) *exec.Cmd {
+	return exec.Command(buildahExe, "push", "--storage-driver", "vfs", image, "docker-archive:"+tarPath)
+}

docker/docker/Dockerfile.linux.amd64

@@ -1,22 +1,12 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
-
-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
-
-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
-
-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+FROM quay.io/buildah/stable:v1.36.0
 
+# Set up the working directory
 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
 
-# Add plugin binary
+# Add the plugin binary
 ADD release/linux/amd64/drone-docker /bin/
+
+# Set the entrypoint to the plugin binary
 ENTRYPOINT ["/bin/drone-docker"]

docker/ecr/Dockerfile.linux.amd64

@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora
 
-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers
 
-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang
 
-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0
 
 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/
 
 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/

docker/gcr/Dockerfile.linux.amd64

@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora
 
-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers
 
-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang
 
-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0
 
 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/
 
 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/

docker/heroku/Dockerfile.linux.amd64

@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora
 
-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers
 
-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang
 
-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0
 
 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/
 
 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/

scripts/build.sh

@@ -14,5 +14,4 @@ GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-gcr    ./cmd/drone
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-ecr    ./cmd/drone-ecr
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-docker ./cmd/drone-docker
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-acr    ./cmd/drone-acr
-GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-heroku   ./cmd/drone-heroku
-
+GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-heroku   ./cmd/drone-heroku