On Wed, 2018-06-13 at 11:32 +0100, Daniel P. Berrangé wrote: > On Tue, Jun 12, 2018 at 12:12:12PM +0200, Andrea Bolognani wrote: > > The pre-built images have been hand-crafted using the > > build dependencies recorded in the libvirt-jenkins-ci > > repository: of course that's not something that we want > > to keep doing manually going forward, so figuring out a > > sensible way to generate Dockerfiles and potentially > > even Docker images automatically is pretty high on the > > priority list. > > When first testing I produced a custom Ubuntu docker image > with not much effort. I was just creating a file in > "libvirt-jenkins-ci" repo called "images/ubuntu-18.04.docker" > that contains > > FROM ubuntu:18.04 > RUN apt-get update > ENV PACKAGES \ > ::PACKAGE-LIST:: \ > RUN apt-get -y install $PACKAGES Pretty much exactly how I've created the images you can find on Docker Hub, except for > RUN mkdir /build > WORKDIR /build this bit, which AFAICT is entirely unnecessary. > ::PACKAGE-LIST:: can be built by reading the > guests/vars/projects/libvirt.yml file, and then > expanding it based on guest/vars/mappings.yml > > I hadn't written code for that bit, but it just > needs a short python script to read the two > yaml files and map the data sets. Yeah, same here: I just extracted the package list from the output of a 'lcitool update' run this time around, but I was planning on writing a tool to do that for me just like you mention. The one thing I haven't quite figured out yet is where to store the resulting Dockerfiles. If we committed them to some repository we could take advantage of Docker Hub's autobuild support, which would be pretty neat; on the other hand, being generated content, they have no business being committed, plus it would be tricky to ensure the generated files are always in sync with the source mappings without introducing a bunch of scaffoling to the libvirt-jenkins-ci repository. Similarly, once we have a tool that can process the mappings and spit out a flat list of packages, it would make sense to drop the Ansible code that we already have for that, and load generated files instead, but that would have the same drawbacks as above. So right now I'm leaning towards leaving the Ansible part alone and using the new tool once a month or so to manually generate fresh images and upload them to Docker Hub, but I'd like to hear what you think about the issue. > I was only going to do packages forthe libvirt.yml, > but we can expand to cover the other modules too > quite easily, as its just taking the union of all > the project files. I don't think we can/want to do that. The way build dependencies for projects are set up right now, we expect to build eg. libvirt-glib against our own copy of libvirt rather than the distro-provided one, so libvirt is *not* included among the packages required by the libvirt-glib project. So if we included build dependencies for all projects in the Docker images, that would make them way bigger and you would still be unable to build libvirt-glib or whatever on top of them. Perhaps we can find some way out of this later, but I'd rather move one step at the time instead of trying to solve all the things in one fell swoop :) > Other distros are just the same but change the > name of the pkg manager command. Yup. [...] > > env: [...] > > + - IMAGE="ubuntu-18" > > script: > > - docker run [...] > > + "libvirt/build:$IMAGE" > > This is a pretty alien approach to take for docker images. > This defines an image called 'libvirt/build' and then uses a > tag to identify different distros. The normal practice is > for tags to identify different versions of the same distro. > Using tags for completely different distros, fedora vs ubuntu, > on the same image name is not something I'd expect. > > ie rather than > > Name: libvirt/build > Tag: ubuntu-18.04 > > we should have > > Name: libvirt/ubuntu > Tag: 18.04 I don't mind having several images and using the tag only for the version number, if that's something that will make the result look less alien to Docker users; however, I think we should keep the names consistent with what we use on our CentOS CI, so it would be ubuntu:18 instead of ubuntu:18.04. > Though perhaps make clear it is for CI, so > > Name: libvirt/ci-ubuntu > Tag: 18.04 Just like for the guests you can create and manage with lcitool, while these images will be primarily used for Travis CI they should be usable for developers as well, which is why I picked the name "build" instead of "ci" or "travis-ci" in the first place. At the same time, I didn't use just the distribution name because I didn't want to give the impression that by pulling them you would get an OS with libvirt already installed. I'm thinking something libvirt/build-on-ubuntu:18 would do, but perhaps other people can come up with something better. > Annoyingly you can't use '/' in an image name to create a > multilevel namespace, so we have to include 'ci' to either > the image name or organization name. We already have gotten hold of the libvirt organization name, and we should definitely maintain control of it to avoid squatting. -- Andrea Bolognani / Red Hat / Virtualization -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list