Dockerfile rework and id remapping #16
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
StaticRocket
force-pushed
the
dockerfile-rework
branch
2 times, most recently
from
3f02307
to
6eb3330
Compare
nmenon
reviewed
Mar 26, 2024
StaticRocket
force-pushed
the
dockerfile-rework
branch
from
6eb3330
to
a28a2bd
Compare
I know this feels cursed, but this is the best way I've seen multiline commands formatted in a Dockerfile so we're doing that here before anything else. Signed-off-by: Randolph Sapp <[email protected]>
Every command run creates a new commit. Temporary files must be cleaned in the same command they are generated in to avoid committing things. Signed-off-by: Randolph Sapp <[email protected]>
We don't need to build 2 different images in the middle of this. There is substantial overlab between the build tools required to boostrap our tools in build-env.sh and the build tools required to build the kernel. Since we clean up after ourselves in build-env.sh there's no reason to make a temporary build container for this and then rip the entire rootfs out for the actual kpv container. In addition this prevents accidentally breaking apt with intermediary state files and clobbering the build cache. Signed-off-by: Randolph Sapp <[email protected]>
Use python-is-python3 instead of manually tweaking alternatives entries. Signed-off-by: Randolph Sapp <[email protected]>
Bind mount this script instead of copying it in. Cuts down on what's committed. Signed-off-by: Randolph Sapp <[email protected]>
Had some issues with aria2. Now I want status during builds. Signed-off-by: Randolph Sapp <[email protected]>
Required for coccinelle build. Signed-off-by: Randolph Sapp <[email protected]>
Signed-off-by: Randolph Sapp <[email protected]>
StaticRocket
force-pushed
the
dockerfile-rework
branch
from
a28a2bd
to
1eec734
Compare
Install the toolchains to /opt instead of /usr/local. I noticed in the shellcheck PR that this was happening but wanted to reserve functional changes for later. This is the preferred location for these things anyway. Signed-off-by: Randolph Sapp <[email protected]>
Switch everything to use entrypoint remapping. Use dumb-init to clean up any potential forks and gosu to switch user and execute command. Gosu is preferred over standard su because it ignores command line arguments and handles shell commands as well as binary paths. This uses the internal user and group "developer". Signed-off-by: Randolph Sapp <[email protected]>
Attempt to handle relative git paths, used by submodules, worktrees, and other custom git configurations. Fixes nmenon#12. Signed-off-by: Randolph Sapp <[email protected]>
StaticRocket
force-pushed
the
dockerfile-rework
branch
from
1eec734
to
e043a25
Compare
This should not be necessary and should be removed for multiple reasons. Use the docker proxy config [1] instead. [1] https://docs.docker.com/network/proxy/ Signed-off-by: Randolph Sapp <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reformat the Dockerfile, use entrypoint ID remapping, clean up pip artifacts, fix git submodule/worktree mapping, remove proxies.