[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: guix docker on gitlab-ci
From: |
wolf |
Subject: |
Re: guix docker on gitlab-ci |
Date: |
Fri, 2 Jun 2023 00:04:35 +0200 |
On 2023-05-30 07:52:57 +0100, Graham Addis wrote:
> Hi Worf,
>
> Thanks for the response, see below.
>
> On Mon, 29 May 2023 at 20:41, wolf <wolf@wolfsden.cz> wrote:
> >
> > On 2023-05-24 18:04:47 +0100, Graham Addis wrote:
> > > Dear people,
> > >
> > > I tried to create a docker image to use in a gitlab-ci instance but it
> > > failed because I couldn't use --entry-point="bin/sh -l -c" or
> > > equivalent, basically the gitlab-runner complains that it can't run
> > > binaries.
> >
> > Would this be better using just bin/sh for the entry point and passing the
> > -l
> > and -c as an arguments?
>
> Probably, but I don't think that's an option in gitlab ci and anyway
> it would be nice to support the docker options.
>
> > > I've managed to get it working by making some changes to
> > > guix/scripts/pack.scm
> > >
> > > Adding a fn in docker-image, just before the call to
> > > build-docker-image, to create a list from the string passed in from
> > > --entry-point="bin/sh -l -c"
> > >
> > > (define (make-docker-exec-form prefix value)
> > > (cond
> > > ((equal? value '())
> > > '())
> > > ((equal? prefix '())
> > > (string-split value #\space))
> > > (else
> > > (let ((values (string-split value #\space)))
> > > (cons
> > > (string-append prefix "/" (car values))
> > > (cdr values))))))
> >
> > If I read this right (sorry, still somewhat new to guile), you basically
> > split
> > the --entry-point argument on spaces and use those parts as separate values
> > to
> > invoke, is that correct? If so, how would you pass a binary that has space
> > in
> > the name (joke example: `/bin/ba sh') into the entry-point?
>
> Basically, yes, and you are right about the problem.
>
> I looked through all the guix documentation I could find and the only
> other place I saw that a list was passed in an option was for URLs and
> they were separated by spaces.
>
> > > And replacing the setting of entry-point in the build-docker-image call
> > > to:
> > >
> > > #:entry-point (make-docker-exec-form
> > > #$profile #$entry-point)
> > >
> > > The call to build-docker-image takes a list for entry-point, and it
> > > all works fine as far as I can tell.
> > >
> > > Before I send in a patch, some questions:
> > >
> > > Am I missing something?
> > >
> > > Am I on the right track?
> >
> > In my opinion (which you are free to disagree with :) ), I think it would be
> > better to either have /bin/sh as an entry-point (and pass -l -c as arguments
> > when starting the container, if required) or create a wrapper script
> > /bin/shlc
> > that would exec /bin/sh with correct arguments.
>
> Yep, lots of possible workarounds, but it seems to me that it would be
> better spending the time adjusting the pack command to fit the spec.
>
> > Few random ideas: Maybe the same format Containerfiles use for cmd and
> > entrypoint directives could be used? Maybe the --entry-point could also (in
> > addition to a string) accept a list of strings (LISP list)?
>
> Sounds good to me. Do you have a reference for the json for this? (Not
> a big deal as I think I've worked it out from the code, but it's
> always nice to have the specs...)
>
> From the Dockerfile reference for ENTRYPOINT
> https://docs.docker.com/engine/reference/builder/#entrypoint there are
> two fomrs:
>
> ENTRYPOINT ["executable", "param1", "param2"] # The exec form, which
> is the preferred form:
>
> ENTRYPOINT command param1 param2 # The shell form:
>
> To implement the shell form I'd need to update build-docker-image in
> guix/docker.scm
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/docker.scm#n139
> to take a string instead of/ as well as the list it currently takes.
> Then update docker-image in guix/scripts/pack.scm
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/pack.scm#n592
>
> Invocation would then simply be --entry-point="command param1 param2"
>
> To implement the exec form (preferred according to docker) I wouldn't
> need to touch guix/docker.scm, but I would probably need to change the
> parsing for --entry-point as well as updating docker-iimge.
I did not know Guix does not currently support the shell form. In that light I
think it should not be implemented, since once your idea (arguments for entry
point) is implemented, it will be trivial for end-user to emulate it if so
desired.
>
> I prefer the second option, for which all I need is some guidance on
> the option syntax
>
> .e.g. --entry-point=["command", "param1", "param2"]
>
> Suggestions please. :)
>
> I could implement both and test for a string or a list and choose
> between the shell and exec forms from there, but to be consistent with
> the existing implementation.
>
> Once I'm clear about the best approach for this, I could add the CMD
> too, if that would be useful.
> https://docs.docker.com/engine/reference/builder/#cmd
>
> One strange thing, I couldn't see the need for prefixing the profile
> to the ENTRYPOINT command:
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/pack.scm#n670
> I took it out and everything seems to work, so I'm not sure what
> problem it is fixing. Anybody any idea?
Wild guess, but it might depend on your container runtime (whether it uses execv
or execvp). Absolute path feels somewhat more robust.
>
> Thanks,
>
> Graham
>
W.
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
signature.asc
Description: PGP signature
- Re: guix docker on gitlab-ci,
wolf <=