All,

Here are some updates about Guix container images for GitLab pipelines
or local podman usage.  I'm declaring this v1.0.

tl;dr: https://gitlab.com/debdistutils/guix/container

Final images are built from a pure Guix container now.  Everything is
done on public shared GitLab runners in the pipeline, no container
uploads.  Stage0 creates Debian+Guix that builds a pure Guix stage1
which builds the final Stage2 images.  The content of these images
appears to be reproducible, but alas the docker images itself aren't:
https://issues.guix.gnu.org/75090

No need for --disable-chroot in GitLab CI runs.  Local podman usage
ironically requires 'podman --privileged' if you want to avoid
--disable-chroot.  If someone can figure out which --cap-add are
sufficient, that would be nicer over --privileged.  Ultimately I think
'guix-daemon' should handle this, it is a desirable property to be able
to use chroot building inside a container.

I'm using small/medium GitLab runners.  It seems whatever 'guix' is
consuming resources for, it isn't helped by additional CPU nodes, disk,
or RAM.  Network bandwidth is improved by using guix from GitLab instead
of Savannah.  Maybe the bottleneck are the substitution servers?  Or
perhaps single-core CPU speed?  For stage1 [1], 1m52s is spent on 'guix
install skopeo' and 2m44s on 'guix pack'.  For stage2 [2], 1m35s is
spent on 'guix install nss-certs skopeo tar gzip' and 4m30s on 'guix
pack'.  Creating the stage0 debian+guix image is where the 'guix pull'
happens [3], and it takes around 35 minutes (I recall seeing runtimes
down to 25 minutes when I used larger nodes).

The 'latest' image with gcc, automake etc as a development environment
is around 400MB and the 'slim' image with minimal packages only is
183MB.  Does anyone how to optimize 'guix pack' output sizes?  Even the
'slim' image seems to have a lot of duplicated stuff [4].

There is a bunch of small nits, and if someone has ideas about
improvements that would be great!  See list of issues here:
https://gitlab.com/debdistutils/guix/container#known-quirks

Merry Christmas,
/Simon

[1] https://gitlab.com/debdistutils/guix/container/-/jobs/8723179887
[2] https://gitlab.com/debdistutils/guix/container/-/jobs/8723179903
[3] https://gitlab.com/debdistutils/guix/container/-/jobs/8723242065
[4] 'guix pack guix bash-minimal coreutils-minimal net-base' and
    doing cd /gnu/store; ls|sort -k1.33:

gd3s60nav0qhp8lxjj21ffynivwibfl5-avahi-0.8
3jhfhxdf6v5ms10x5zmnl166dh3yhbr1-bash-minimal-5.1.16
x47i4yafqxdav838aykda9c2hhhn9sa4-bash-minimal-5.1.16
87z5k84hxbqs87plgwsl2v6a4j7m3k7h-bash-static-5.1.16
56aq6sdx35f7rsxq8jq9ypafk0dhd3p3-bzip2-1.0.8
59kd6jyvrq8prl9mbnh3g8d22rc1dbwv-bzip2-1.0.8
qy1769103d15zh8gg09wlywfsyblham4-coreutils-minimal-9.1
vdaspmq10c3zmqhp38lfqy812w6r4xg3-curl-8.6.0
af6rfyb76j51g2m981a4r0747pvg3j7c-dbus-1.15.8
dnjwcdxmwma6fl7fvvn3p4frib7f5chl-disarchive-0.6.0
vb1rs3dk181ariczl0zqcmfjncjkrv0f-emacs-subdirs
faxgciaw9wxz8zyxk70f2pa3c5rr8al7-expat-2.5.0
zzpbp6rr43smwxzvzd4qd317z5j7qblj-gcc-11.4.0-lib
hdb3jmxa67zkh4wj0l6w9ga3gj84k1yc-gdbm-1.23
9ri7c2haj2q3f5p6859z64kjvrjyy5n6-git-minimal-2.46.0
zgsphhmliwgmjjv1czmbyjql3gk7ynsx-glib-2.78.0
zvlp3n8iwa1svxmwv4q22pv1pb1c9pjq-glibc-2.39
pxnrbpc30m5qsr8jqx86a9m42mzn25ni-glibc-utf8-locales-2.39
kka705681m1hq98b9jz98vxk9s5qd4ld-gmp-6.3.0
9mkcil1rl450r84hn1hcbny5pi5js8ig-gnutls-3.8.3
7k8b93779dqpwcg2qjdvnf4nl43jv7hf-grep-3.11
mfkz7fvlfpv3ppwbkv0imb19nrf95akf-guile-3.0.9
003k1369b9b35b7vgfzjqrc1iha555i2-guile-avahi-0.4.1
1myi8hwa0a3lf9qw14dkqckhv9ljpzp1-guile-bytestructures-1.0.10
rf9xg52fa4zpn9ywd9w4kczhib4ggfsq-guile-bzip2-0.1.0
2bmrqh4w9pcgns0pi3wwqasrshpmv8hw-guile-gcrypt-0.4.0
kcvbb34cv4p19sg3rmi2rrld03wyvhpb-guile-git-0.9.0
pgjyl3fn4sflk6xy63qd5anrhqwylpgw-guile-gnutls-4.0.0
711y2zrpg0ygxaghy72v8hzwla7mjaqg-guile-json-4.7.3
p7qx1yhxlz61r1hpcgdvdhqq343cryyp-guile-lib-0.2.8
02i9pa0yj18riq7g90bzx0jaxmlxnax4-guile-lzlib-0.3.0
n2jz9qnxf7ainkzsdjyl3d4x078g15lw-guile-lzma-0.1.1
nj1051ag55p7llr1wc0ml6hg08gk1prs-guile-semver-0.1.1
yhzifwp225x81i9d056xa2r11g5w40kd-guile-sqlite3-0.1.3
vhby2mrlf25flwx571bmnllccigb49ml-guile-ssh-0.18.0
7h0khqsyzz3ic8dwyfmbbr5404qkmm98-guile-zlib-0.2.1
i0fm4jrkgz6rxpcscd1sazx62fwhqd58-guile-zstd-0.1.1
pzghsxxfx5dll69ikhckissq3b38542z-guix-1.4.0-29.3032221
0r2fx1lr1h2i3cl1x5fw4s4ly95qspya-gzip-1.13
w9zl48a95kylc7a91rwrrk27v70my968-gzip-1.13
96lahq0x84fiaj341vzx0fw5h18iyq9q-http-parser-2.9.4-1.ec8b5ee
prf6y8cmysfdf6jys86ixcv1kdw4l2lf-info-dir
9vjs14mzxki1q857wc8jfhbfj06gvkcp-libcap-2.64
62xxxmgmpk6zhzdr1ciya6f572y75xkw-libdaemon-0.14
lqgg509yb3f85ck4k6l0qp7a70bz7daa-libevent-2.1.12
s6iqwc5sqjrk76kzslqc1n1wlcvfyqkw-libffi-3.4.4
pr73chdirm3jc2j7npc6hqzmcwjs7l8m-libgc-8.2.4
gfqifdfnfvnbksbm0w87fvq76138i8da-libgcrypt-1.10.1
ni0kk5ff3z8sdglksb3850c9w44a2zaj-libgit2-1.8.3
881qgylidmmx92jdv1wvkzjs858dw9cd-libgpg-error-1.47
7xizylh3gi6sj23nz19q6xhvx2d50wvr-libidn2-2.3.4
jcjm231n2g8mqs0w2pa85hv7l1nfi2qa-libpsl-0.21.1
085636515w3h03dp2fr7w3clsn3p2wj7-libssh-0.10.6
pr8xfc53m3fc6rx8jrfis1xz8jvbb53h-libssh2-1.10.0
b801mrqqcsnhbr34544mlfyanzg3skfx-libtasn1-4.19.0
zpaw3cp2k9jx36yhkpwra3jilfbb1mc7-libunistring-1.1
4775wjc2972kiwfsq710fv5pfzyc5laq-libx11-1.8.7
wxwv020jwxq9gr070vwy3fh8n028gwqg-libxau-1.0.10
y5a0l9a3z214yar8q7mznqqd4pnw0vvp-libxcb-1.15
q1vqb2hfclghbpl1vn094l1rzj12b6qb-libxcrypt-4.4.36
v712yc2mwkc10m1nzgjz3linnvl5i1dh-libxdmcp-1.1.3
40aa02d5xnxpi2w6dhlr4ldf1kir1wz2-lzlib-1.13
b9kfblvwd0xx5jr8zzvz4ypa0936jh6v-mit-krb5-1.20
7rsdf5kcqh0gl88av6nkgvgxg1ywvc5b-ncurses-6.2.20210619
bfp25w47fxn8z0fdwj45prx2609sx59j-net-base-5.3
al613p11xv5w1xmnqn7ykw0x6d4b0539-nettle-3.9.1
8i2kr43jfbqvhpv67hs8kgncj2kk19b6-nghttp2-1.58.0-lib
xc98v8v485rs704wb26mipb0y5npdl1z-openssl-3.0.8
cmzi8a17f44fvb55s77jd7d4r678w093-p11-kit-0.24.1
gwn3p1r5ghlapv9yjad0mk2n23la7j8z-pcre2-10.42
a3lsdsalcmg5wnk67869af7wljprkbam-pkg-config-0.29.2
bwfrm3dmm33lfr69r1h5jy24hj51ii23-profile
dl3665ynrp41ynyw2ay5kfqix93myj5d-readline-8.1.2
81wqxjgqfinrxxh473c89r1n7arxfv3s-sed-4.8
laj6a3z6gjza9f18kyxw1nz5211ghwfs-sqlite-3.39.3
j5zgzgsmbjgywr67r86h1n6s4qiabv5q-tar-1.34
2p8j6npwa2k59d8lbhlqzvffn0437x8l-util-linux-2.37.4-lib
70s4sq1hx1m5rmsg5bcnjxslwc8ppiag-xz-5.4.5
fbaw0sb21gv02qq7gs9wg5y5wlpdgzih-xz-5.4.5
1prv14v6jfnzzg7szm57690b7fr6sx33-zlib-1.3
m05g4pzw906bg2pydbl74vrnvkmi9rbj-zstd-1.5.2-lib