Proposal: Multiple base images support #103
Conversation
Signed-off-by: David Mulder <dmulder@samba.org>
Signed-off-by: David Mulder <dmulder@samba.org>
Signed-off-by: David Mulder <dmulder@samba.org>
Signed-off-by: David Mulder <dmulder@samba.org>
Oh, that's really unfortunate. I was hoping that all the "business logic" could be neatly contained within the script. I'll mediate some on these and also ask for some of the others to also take a look. Thanks a ton for submitting this PR! |
I'll poke around and see if there is some way around this (and maybe ask around). |
| ARG BASE_IMAGE | ||
| FROM ${BASE_IMAGE} |
There was a problem hiding this comment.
I disagree with this approach. Different base os-image implies different installer-program (dnf, zypper, apt..) as well as different list of packages names. It requires adding ifs within the Containerfile which makes it hard-to-read and hard-to-maintain over time.
IMHO, a better approach would be to have multiple Container files per base OS and pass it as argument to top-level Makefile.
| @@ -16,6 +16,7 @@ $(warning podman detected but 'podman version' failed. \ | |||
| endif | |||
| endif | |||
|
|
|||
| BUILD_OPTS:=--build-arg BASE_IMAGE=registry.fedoraproject.org/fedora:36 | |||
There was a problem hiding this comment.
I would prefer to have different Containerfiles and pass it as (optional) argument to Makefile. See my comments below.
There was a problem hiding this comment.
I like the --build-arg approach iff it reduces the delta between supported versions, but otherwise I agree here that it doesn't seem to streamline the approach
| LABEL org.opencontainers.image.title="Samba ADDC container" | ||
| LABEL org.opencontainers.image.description="Samba ADDC container" | ||
| LABEL org.opencontainers.image.created="%BUILDTIME%" | ||
| LABEL org.opencontainers.image.version="%%PKG_VERSION%%-%RELEASE%" | ||
| LABEL org.opencontainers.image.vendor="SINK Project" | ||
| LABEL org.openbuildservice.disturl="%DISTURL%" |
There was a problem hiding this comment.
Those standard annotations are good idea and should probably be used in all of SINK containers.
| LABEL org.opencontainers.image.version="%%PKG_VERSION%%-%RELEASE%" | ||
| LABEL org.opencontainers.image.vendor="SINK Project" | ||
| LABEL org.openbuildservice.disturl="%DISTURL%" | ||
| LABEL org.opensuse.reference="registry.opensuse.org/opensuse/samba-ad-server:%%PKG_VERSION%%-%RELEASE%" |
There was a problem hiding this comment.
However, this annotation is OpenSUSE specific and should be only in OpenSUSE specific container file (something like Containerfile.opensuse).
| RUN if [[ $(cat /etc/os-release) == *openSUSE* ]]; then \ | ||
| zypper --non-interactive install --no-recommends \ | ||
| findutils \ | ||
| python3-pip \ | ||
| python3-jsonschema \ | ||
| samba-python3 \ | ||
| python3-pyxattr \ | ||
| samba-ad-dc \ | ||
| procps \ | ||
| samba-client \ | ||
| samba-winbind \ | ||
| python3-dnspython \ | ||
| krb5-server \ | ||
| sambacc; \ | ||
| zypper clean; \ | ||
| else \ | ||
| /usr/local/bin/install-packages.sh \ | ||
| "${INSTALL_PACKAGES_FROM}" \ | ||
| "${SAMBA_VERSION_SUFFIX}" \ | ||
| "${INSTALL_CUSTOM_REPO}"; \ | ||
| fi |
There was a problem hiding this comment.
Those type of if-else are a nightmare to maintain. Think of all the other distros out there -- would to like to have a long if-else within the Containerfile itself?
|
I tend to agree with @synarete. I put this together as a proof of concept, and it is ugly. I think having a container file for each distro may be best. |
I think that's probably for the better too. I wouldn't mind so much a bunch of if statements inside a proper shell script, after all what's a script for? But agree that putt a lot of logic inside the containerfile is ugly. I do like the idea of supporting multiple distro bases so that we have a common upstream "home" for samba container images - I think it's better for collaboration and sharing common bits (where possible) and tests. |
I think I'll still ask around and see if I can work around the install line being in the Containerfile. If that weren't an issue, this solution would be much cleaner. |
I asked our build team, and they recommend we simply maintain multiple Containerfiles. Our build system builds images offline. So it parses the Containerfile for package install commands, then injects the required packages into the build environment. |
As a side note: we currently use |
I've filed an issue requesting some kind of work around, so we could perhaps explore a single Containerfile again in the future. |
We use the base image |
|
I'm going to close this request and create a new one with distro-specific Containerfiles. |
This is a proposal for adding opensuse build support. It's a bit awkward in places, and I'll explain why.
The openSUSE build service requires the package install line to be in the container file. So installing from the install-packages.sh script isn't an option. This is because our build environment parses dependencies from that install line prior to performing the build.
The install command also must be within the first 2 lines of the RUN command, sigh. This is possibly a bug in our build code.
One required change from Fedora would be to add sambacc to COPR, so that it can be installed via yum.