Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Execute External Build Command #996

Closed
wants to merge 8 commits into from
Closed

Execute External Build Command #996

wants to merge 8 commits into from

Conversation

otaviof
Copy link
Member

@otaviof otaviof commented Sep 26, 2019
edited
Loading

Extending s2i build command to build images using an external command, in this PR we are adding buildah, docker and podman. Therefore, users can run:

s2i build app-src nginx:latest app-dst --with-builder buildah
s2i build app-src nginx:latest app-dst --with-builder docker
s2i build app-src nginx:latest app-dst --with-builder podman

The idea is to improve user experience to in a single action, generate the Dockerfile and use a external command to build the container image, therefore the build environment would allow to bring OCI toolset.

@openshift-ci-robot openshift-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 26, 2019
@openshift-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: otaviof
To complete the pull request process, please assign adambkaplan
You can assign the PR to them by writing /assign @adambkaplan in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@sbose78
Copy link

sbose78 commented Sep 26, 2019

Good work, let's ensure that this is tested without the docker socket active on the host.

@otaviof
Copy link
Member Author

otaviof commented Sep 26, 2019

Good work, let's ensure that this is tested without the docker socket active on the host.

Indeed, without Docker socket exposed it was not able to reach the point of invoking the external builder. I've made a few more changes, making sure it's only calling CreateDockerfile instead of Build, and the Docker integration is not enabled either when using --as-dockerfile or --with-builder options.

@otaviof otaviof force-pushed the issue-966-with-builder branch 3 times, most recently from 85b75d2 to 9c5ef9c Compare September 27, 2019 14:47
@openshift-ci-robot openshift-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 27, 2019
@otaviof
Copy link
Member Author

otaviof commented Sep 27, 2019

/retest

@openshift-ci-robot openshift-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Sep 27, 2019
@sbose78
Copy link

sbose78 commented Sep 30, 2019
edited
Loading

If a user uses,

s2i build app-src nginx:latest app-dst --with-builder docker

Let's ensure we don't return an error.

It could internally take any of the following code paths:

@sbose78
Copy link

sbose78 commented Sep 30, 2019
edited
Loading

  1. Turn off docker daemon
  2. user does an s2i build --with-builder=buildah 💚
  3. s2i rebuild --with-builder=buildah 🔴

(3) attempts a Pull Image using the docker API, and would therefore fail.

source-to-image/pkg/cmd/cli/cmd/rebuild.go

Lines 48 to 54 in 0b950e4

client, err := docker.NewEngineAPIClient(cfg.DockerConfig)
s2ierr.CheckError(err)
dkr := docker.New(client, cfg.PullAuthentication)
pr, err := docker.GetRebuildImage(dkr, cfg)
s2ierr.CheckError(err)
err = build.GenerateConfigFromLabels(cfg, pr)
s2ierr.CheckError(err)

@bparees Do you think we should refactor all docker API calls to start using external tool invocations wherever applicable?
In this case, we need to refactor to do an inspect using skopeo.

@sbose78
Copy link

sbose78 commented Sep 30, 2019
edited
Loading

Another thing:

If s2i build --with-builder=docker takes the route of using the external docker command instead of the existing docker API route, then #973 gets exposed here.

s2i build ... and s2i build --with-builder=docker should not be taking two different code paths. That could cause inconsistent behavior.

In light of the above, my preference would be to invest in :

  1. Refactor all workflows to make all invocations using external tools ( docker / podman / buildah). When the --with-builder is not specified, we use docker build .. for now.
  2. Fix --as-dockerfile doesn't read builder image labels labels #973 as part of that. We might use the skopeo library to inspect images here.

@bparees bparees mentioned this pull request Oct 1, 2019
Closed
@otaviof
Copy link
Member Author

otaviof commented Oct 3, 2019

If a user uses,

s2i build app-src nginx:latest app-dst --with-builder docker

Let's ensure we don't return an error.

It could internally take any of the following code paths:

* invoke the docker API ( as it does today ). This touches less code.

* invoke the external command. I see you have https://github.com/openshift/source-to-image/pull/996/files#diff-e4469a02d9eb983856b288f828175cb8R35  :)

@sbose78 Please consider latest commit. Now it support --with-builder=docker triggering the original path, so using Docker API.

@sbose78
Copy link

sbose78 commented Oct 3, 2019

Summarizing the conversation on slack
https://coreos.slack.com/archives/CHK22LM6Y/p1569950216332100?thread_ts=1569948800.330600&cid=CHK22LM6Y

➡️ s2i build --with-builder=docker. We invoke external tool. That's what is being done now in the PR.
➡️ Let's not support --with-builder in s2i rebuild ...., it's going to bring up other issues with image inspection. rebuild would be a deprecated feature in the next minor release.
➡️ Removing all docker API calls in valuable codepaths isn't a priority but a nice goal to have.

@sbose78
Copy link

sbose78 commented Oct 3, 2019

@sbose78 Please consider latest commit. Now it support --with-builder=docker triggering the original path, so using Docker API.

Not that I don't like this ;) I like it very much. However, this is opposite to what we summarized the other day :) It is fine to fall back to your older approach of calling external docker since we are no longer going to invest in rebuild.

➡️ s2i build --with-builder=docker. We invoke external tool. That's what is being done now in the PR.

@openshift-ci-robot openshift-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 4, 2019
@otaviof
Copy link
Member Author

otaviof commented Oct 4, 2019

Summarizing the conversation on slack
https://coreos.slack.com/archives/CHK22LM6Y/p1569950216332100?thread_ts=1569948800.330600&cid=CHK22LM6Y

➡️ s2i build --with-builder=docker. We invoke external tool. That's what is being done now in the PR.

Done. Reverting the changes we had before, where on using --with-builder you always invoke a external tool, including docker in this case.

➡️ Let's not support --with-builder in s2i rebuild ...., it's going to bring up other issues with image inspection. rebuild would be a deprecated feature in the next minor release.

Okay. The parameter --with-builder is not introduced over there, so it's "done".

➡️ Removing all docker API calls in valuable codepaths isn't a priority but a nice goal to have.

This topic I would like to tackle in a different PR.

@openshift-ci-robot openshift-ci-robot removed the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Oct 4, 2019
@otaviof
Copy link
Member Author

otaviof commented Feb 5, 2020

/retest

@otaviof otaviof force-pushed the issue-966-with-builder branch 2 times, most recently from d01e585 to 61be61a Compare February 5, 2020 16:32
@otaviof
Copy link
Member Author

otaviof commented Feb 5, 2020

/retest

@otaviof otaviof force-pushed the issue-966-with-builder branch 3 times, most recently from 6e465a3 to e0bfbc7 Compare February 6, 2020 05:33
@openshift-ci-robot openshift-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Feb 6, 2020
@otaviof
Copy link
Member Author

otaviof commented Feb 7, 2020

@adambkaplan, @sbose78 the build failures are addressed, please consider.

@pradeepto
Copy link

@sbose78 @adambkaplan @otaviof What is pending for this PR to be merged? There is no action on this since last 14 days. Can one of you please have a look and unblock this? Thanks.

adambkaplan
adambkaplan requested changes Feb 24, 2020
View reviewed changes
test/integration/docker/with_builder_test.go
// expect to find generated Dockerfile with s2i extension
expectedFiles := []string{filepath.Join(tempdir, "Dockerfile.s2i")}

dockerfile.RunDockerfileTest(t, config, expected, nil, expectedFiles, false)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@otaviof why run the Dockerfile test here? Since this is running on our Jeninks VM, why not run an actual Docker build (just like the other docker-based tests)?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In fact, it does run the actual Docker file build, but via the --with-builder external builder command-line. Therefore, we os/exec this builder command and wait for the outcome.

@LaVLaS LaVLaS mentioned this pull request May 25, 2020
Closed
@otaviof
Copy link
Member Author

otaviof commented Jul 15, 2020

/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 15, 2020
@openshift-bot
Copy link
Contributor

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci-robot openshift-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 27, 2020
@adambkaplan
Copy link
Contributor

/lifecycle frozen

We will want to resurrect this PR once we are ready to implement the node cache feature.

@openshift-ci-robot openshift-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Nov 24, 2020
@coreydaley
Copy link
Member

@otaviof Is this pull request still relevant?

@otaviof
Copy link
Member Author

otaviof commented Apr 27, 2022

@otaviof Is this pull request still relevant?

Definitely not relevant. I'm closing it.

@otaviof otaviof closed this Apr 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbose78 sbose78 sbose78 requested changes

@adambkaplan adambkaplan adambkaplan requested changes

@coreydaley coreydaley Awaiting requested review from coreydaley

Assignees
No one assigned
Labels
do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@otaviof @openshift-ci-robot @sbose78 @Avni-Sharma @DhritiShikhar @adambkaplan @pradeepto @openshift-bot @coreydaley