Skip to content

fix(container): pin UV binary to build platform in cross-compilation stages#819

Merged
raballew merged 2 commits into
jumpstarter-dev:mainfrom
raballew:fix/uv-platform-in-builder
Jun 22, 2026
Merged

fix(container): pin UV binary to build platform in cross-compilation stages#819
raballew merged 2 commits into
jumpstarter-dev:mainfrom
raballew:fix/uv-platform-in-builder

Conversation

@raballew

Copy link
Copy Markdown
Member

Summary

  • Fixes multi-platform Docker builds failing with qemu-aarch64: Could not open '/lib/ld-linux-aarch64.so.1'
  • COPY --from=<multi-platform-image> resolves the source image against the target platform, not the stage platform. In builder stages pinned to $BUILDPLATFORM, this copies an aarch64 UV binary into an amd64 container. The statically-linked UV binary runs via QEMU, but the dynamically-linked Python it downloads cannot find the aarch64 dynamic linker.
  • Uses a named stage pinned to $BUILDPLATFORM for the UV image so COPY always gets the native-architecture binary

Failing CI run: https://github.com/jumpstarter-dev/jumpstarter/actions/runs/27947151753/job/82694686925

Test plan

  • CI multi-platform image build passes without QEMU dynamic linker errors
  • Add build-pr-images label to trigger the image builds

🤖 Generated with Claude Code

@coderabbitai

coderabbitai Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 01ca6ba9-937a-4838-b7cd-ca4fcaf91e2f

📥 Commits

Reviewing files that changed from the base of the PR and between deed30c and 0bc05af.

📒 Files selected for processing (4)
  • python/.devfile/Containerfile.client
  • python/.gitignore
  • python/Containerfile
  • python/Makefile
✅ Files skipped from review due to trivial changes (1)
  • python/.gitignore
🚧 Files skipped from review as they are similar to previous changes (2)
  • python/.devfile/Containerfile.client
  • python/Containerfile

📝 Walkthrough

Walkthrough

Both python/Containerfile and python/.devfile/Containerfile.client introduce a dedicated uv-bin intermediate build stage based on ghcr.io/astral-sh/uv. The subsequent COPY instructions now reference this named stage alias instead of copying directly from the pinned image reference. Additionally, the Makefile is updated to configure per-package uv cache directories during test execution, with corresponding .gitignore entries to exclude cache artifacts from version control.

Changes

uv Build and Test Infrastructure

Layer / File(s) Summary
Introduce uv-bin named stage
python/Containerfile, python/.devfile/Containerfile.client
Both files add FROM ghcr.io/astral-sh/uv:... AS uv-bin and update COPY --from=uv-bin to pull /uv, /uvx, and /bin/ from the named stage instead of referencing the image directly.
Per-package uv cache directory support
python/Makefile, python/.gitignore
Makefile pkg-test-% target sets UV_CACHE_DIR to $(CURDIR)/.uv-cache/$* for isolated per-package caching, clean-test removes .uv-cache, and .gitignore adds .uv-cache/ ignore pattern.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

  • jumpstarter-dev/jumpstarter#749: Updates the same ghcr.io/astral-sh/uv image tag and COPY source in the same Containerfiles, directly overlapping with the build stage wiring changed here.

Suggested reviewers

  • mangelajo

Poem

A bunny hops through Docker layers neat,
A uv-bin stage makes the build complete!
Per-package caches hop so neatly by,
Named stages now let the artifacts fly.
🐇✨ Clean and tidy, cache tucked away!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title directly and specifically describes the main change: pinning the UV binary to the build platform in cross-compilation Docker stages to fix multi-platform builds.
Description check ✅ Passed The description is directly related to the changeset, explaining the problem, root cause, and solution implemented across the modified Dockerfiles and configuration files.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

raballew and others added 2 commits June 22, 2026 14:56
…stages

COPY --from=<multi-platform-image> resolves the source image against
the target platform, not the stage platform. In builder stages pinned
to $BUILDPLATFORM, this copies an aarch64 UV binary into an amd64
container, causing QEMU failures when UV tries to run aarch64 Python.

Use a named stage pinned to $BUILDPLATFORM for the UV image so the
COPY always gets the native-architecture binary.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Parallel make test targets share a single UV cache directory, causing
rename collisions on macOS (os error 66) when multiple uv processes
write simultaneously.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@raballew raballew force-pushed the fix/uv-platform-in-builder branch from deed30c to 0bc05af Compare June 22, 2026 12:56
@raballew raballew merged commit 96a6c7b into jumpstarter-dev:main Jun 22, 2026
34 of 35 checks passed
evakhoni pushed a commit to evakhoni/jumpstarter that referenced this pull request Jun 24, 2026
…stages (jumpstarter-dev#819)

## Summary

- Fixes multi-platform Docker builds failing with `qemu-aarch64: Could
not open '/lib/ld-linux-aarch64.so.1'`
- `COPY --from=<multi-platform-image>` resolves the source image against
the **target** platform, not the stage platform. In builder stages
pinned to `$BUILDPLATFORM`, this copies an aarch64 UV binary into an
amd64 container. The statically-linked UV binary runs via QEMU, but the
dynamically-linked Python it downloads cannot find the aarch64 dynamic
linker.
- Uses a named stage pinned to `$BUILDPLATFORM` for the UV image so COPY
always gets the native-architecture binary

Failing CI run:
https://github.com/jumpstarter-dev/jumpstarter/actions/runs/27947151753/job/82694686925

## Test plan

- [ ] CI multi-platform image build passes without QEMU dynamic linker
errors
- [ ] Add `build-pr-images` label to trigger the image builds

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants