You're encountering this error during Docker build:
Error: openssl-snapsafe-libs conflicts with 1:openssl-libs-1.0.2k-24.amzn2.0.16.x86_64
You could try using --skip-broken to work around the problem
Amazon Linux 2 has conflicting OpenSSL packages between openssl-snapsafe-libs and openssl-libs. This is a known issue when building Docker images on AL2.
- Removed
openssl-develfrom the main package installation - Added separate OpenSSL installation with conflict resolution
- Uses
--skip-brokenflag to handle conflicts gracefully
scripts/build-with-retry.sh- Handles build failures with retry logic- Automatically retries failed builds up to 3 times
- Provides better error handling and logging
The Dockerfile now handles OpenSSL conflicts automatically:
docker buildx build --platform=linux/amd64 -f dockerfiles/Dockerfile -t ghcr.io/aarondd/lambda-gdal:3.8 .Use the new retry script for more robust builds:
./scripts/build-with-retry.sh 3.8.3 3.12If you still encounter issues, try this manual approach:
# Build with skip-broken flag
docker buildx build \
--platform=linux/amd64 \
--build-arg GDAL_VERSION=3.8.3 \
-f dockerfiles/Dockerfile \
-t ghcr.io/aarondd/lambda-gdal:3.8 \
--push .If OpenSSL conflicts persist, consider using a different base:
# Alternative: Use Amazon Linux 2023 instead of AL2
FROM public.ecr.aws/lambda/provided:al2023 AS builderThe current Dockerfile uses multi-stage builds which should help isolate the OpenSSL installation.
-
Test the build locally first:
docker build -f dockerfiles/Dockerfile -t test-gdal . -
If successful, push to registry:
./scripts/build-with-retry.sh 3.8.3 3.12
-
Verify the image works:
docker run --rm ghcr.io/aarondd/lambda-gdal:3.8 gdal-config --version
- Always test builds locally before pushing
- Use the retry script for production builds
- Monitor for OpenSSL package updates in Amazon Linux 2
- Consider migrating to Amazon Linux 2023 when available for Lambda
The updated Dockerfile should resolve the OpenSSL conflict issue you encountered! 🚀