From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id KNjdJis8RWZh/QAAqHPOHw:P1 (envelope-from ) for ; Thu, 16 May 2024 00:50:19 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id KNjdJis8RWZh/QAAqHPOHw (envelope-from ) for ; Thu, 16 May 2024 00:50:19 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=autistici.org header.s=stigmate header.b=NOPFSCFK; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1715813419; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=SUWL+yMYVJnQpgMkWaH8PsFKH1ND7fJLoxpJTm4O9J8=; b=YcQrJyeTPN+Lz9ca8GdY20gnpzEMUuMJmeuVPIlKexifmyz2OF8UN6o/5bwxuIT/hM9IO5 9Dmpr5Ato1sy1j0io3XMfYJ/fjT4OQNijjVWrzQkdEyty1vHhNmfxd0sA9qi/mJZyCc0tX mSmz02gFMhba0GI8c3tU5UugCLzkMmbIHnJnZthIe3url9iM62PLInvHWn+Nu62TolCBiV gZopu9ep7XTyveGG96NqyGnT/jS4zCKqxdaefXWJjVfKvZfXzrr5i80bXi+8XEhXwZZqf6 ZaBMltvAkSbwD++geL//JIBEV1JEs8DMbX7dC8kR8KSF3xYpmWqf4rwEIv9B4Q== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=autistici.org header.s=stigmate header.b=NOPFSCFK; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Seal: i=1; s=key1; d=yhetil.org; t=1715813419; a=rsa-sha256; cv=none; b=UbSwqkbPM0g8UH+eRsPGllsLdDOmi9w6rX2bDVcBpnU04T4tJViXq4+ibUdV2TyIuuYljV RJvcJ3Tu4Nit6EWfxw/5khB/yc4lm7BP379KePSsz6G6kzqv5KsVZRBoFeU49iZlgBQ5fQ J9TFp/gDsvf0j7+2wJP2viaz6SK8QC8ZIOgptswIu//b9PoKz/+O93DQxBs2qZfxokXrmc KDADLCNU8K+B1pf60VBktW70L7znkYWbu72ztMdwsZfNv6tB/suJaDDcI/IYXhZLizvp+3 +SAlzRGre+b7sYoUGgZqIq4NcOcgdMyJ8YVCMQjiVgSIr5WfN4YOoPTpggT/0g== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 684E42333F for ; Thu, 16 May 2024 00:50:18 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s7NRj-0004hW-TQ; Wed, 15 May 2024 18:50:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s7NRg-0004dO-K0 for guix-patches@gnu.org; Wed, 15 May 2024 18:50:00 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1s7NRg-0007AW-Bw for guix-patches@gnu.org; Wed, 15 May 2024 18:50:00 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1s7NRh-0000SE-W0 for guix-patches@gnu.org; Wed, 15 May 2024 18:50:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#70265] Add docker cli Guix Home service and some docker authentication plugins Resent-From: paul Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 15 May 2024 22:50:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70265 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 70265@debbugs.gnu.org, Andrew Tropin , Tanguy Le Carrour , paren@disroot.org Received: via spool by 70265-submit@debbugs.gnu.org id=B70265.17158133841724 (code B ref 70265); Wed, 15 May 2024 22:50:01 +0000 Received: (at 70265) by debbugs.gnu.org; 15 May 2024 22:49:44 +0000 Received: from localhost ([127.0.0.1]:44897 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s7NRP-0000Rk-VS for submit@debbugs.gnu.org; Wed, 15 May 2024 18:49:44 -0400 Received: from confino.investici.org ([93.190.126.19]:37145) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s7NRN-0000Re-Lf for 70265@debbugs.gnu.org; Wed, 15 May 2024 18:49:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autistici.org; s=stigmate; t=1715813378; bh=SUWL+yMYVJnQpgMkWaH8PsFKH1ND7fJLoxpJTm4O9J8=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=NOPFSCFK47rXI8WhUZ+2qThiT2XhvPhhwvFYQNMqJS9fUABnUjJoC3h3wDgAjBg4T WgfSFWVtDUITxNl5rTRyr9PEVKmwA3UGeeIFikIWt6L7f13pa4+KGnj6spf21SisFX BUWV76ZQpV1Qsot/kIRWP7aAPSdSfT6nUzKFUYus= Received: from mx1.investici.org (unknown [127.0.0.1]) by confino.investici.org (Postfix) with ESMTP id 4VfpM60dynz117q; Wed, 15 May 2024 22:49:38 +0000 (UTC) Received: from [93.190.126.19] (mx1.investici.org [93.190.126.19]) (Authenticated sender: goodoldpaul@autistici.org) by localhost (Postfix) with ESMTPSA id 4VfpM56v5Yz117l; Wed, 15 May 2024 22:49:37 +0000 (UTC) Message-ID: Date: Thu, 16 May 2024 00:49:37 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.0 References: <95e5c6e85e09ead19a43fc37612d62bc91a64048.1712523439.git.goodoldpaul@autistici.org> <814c5c6c8ba59b4069966f46c995e7a8fd0d9b88.1712523439.git.goodoldpaul@autistici.org> <87a5l5ttz5.fsf_-_@gnu.org> Content-Language: en-US In-Reply-To: <87a5l5ttz5.fsf_-_@gnu.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: paul X-ACL-Warn: , paul via Guix-patches From: paul via Guix-patches via Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Spam-Score: -6.97 X-Migadu-Queue-Id: 684E42333F X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -6.97 X-TUID: tVjbP+NjMm9L Hello Ludo’ , I think you are raising a fair point. I was also not sure about whether to upstream this service, even if I have been using it for some months. On 5/4/24 18:36, Ludovic Courtès wrote: > A more general question: do you think this particular example (libsecret > plugin) could be solved in another way without involving Home? (For > example by having a plugin search path in the package.) > > Do you have other use cases in mind? My main use case for this is currently is docker compose v2. I packaged the binary from github in my personal channel [0] and with this service [1]in my home-environment I'm able to use docker compose (without dash) commands. > The reason I’m asking is that it feels heavyweight for what looks like > “basic” Docker configuration. It definitely is and whether to accept this patch imho depends on the ETA for the optimal solution. Assuming someone packages docker compose v2 and its dependencies, then as far as I'm aware there are are 3 ways to make docker-cli aware of plugins on Guix: 1. this service, i.e. listing plugins in docker's configuration file. the advantage of this solution is that it doesn't require changing the docker-cli package. the disadvantage is that docker for some reason always tries to write the following to the config file, even if it is not needed : "auths": { "https://index.docker.io/v1/": {} } this is why i added it in the documentation, but as you pointed out it is useless. 2. We make a docker-cli-with-bundled-plugins function or similar that takes a list of plugin packages and hardcodes their paths into docker's source code before compilation. This is the approach I took here [2]. This currently requires recompilation every time since docker compose v2 is not in guix. 3. We patch docker [3] to make it aware of plugins with a search path like DOCKER_CLI_PLUGINS . But I don't think this patch should live in Guix. It should go into docker mainline to make sure that it is supported also in future releases. I never tried contributing to docker, this does not seem a complex change but I wonder why it was never done until now. Given all of the above the shortest way to achieve my goal of using docker compose v2 seemed #1 but I can see how for the Guix project the best would be #3. What do you think (and everyone CCed as well)? Could this service be a temporary workaround (after addressing your comments), while I try to see whether docker mainline could be interested in a patch? I will address your comments after we reach consensus on how to proceed, so that I don't make everyone lose more time than I already have. Thank you all for your work, giacomo [0]: https://gitlab.com/orang3/small-guix/-/blob/master/small-guix/packages/compose.scm [1]: https://gitlab.com/orang3/guix-deployments/-/blob/main/modules/common/home/fishinthecalculator/home-configuration.scm?ref_type=heads#L71 [2]: https://github.com/bonfire-networks/bonfire-app/blob/main/manifest.scm#L57 [3]: https://github.com/docker/cli/blob/master/cli-plugins/manager/manager_unix.go