From: wolf <wolf@wolfsden.cz>
To: Graham Addis <grahamjamesaddis@gmail.com>
Cc: Help-Guix@gnu.org
Subject: Re: guix docker on gitlab-ci
Date: Fri, 2 Jun 2023 00:04:35 +0200 [thread overview]
Message-ID: <ZHkV84ZtxsP-mpFt@ws> (raw)
In-Reply-To: <CAA4DTezH9ujkwGkxRoVwtkFQ=VU-vm061xCWm-iTvcqnT3JCGA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 5741 bytes --]
On 2023-05-30 07:52:57 +0100, Graham Addis wrote:
> Hi Worf,
>
> Thanks for the response, see below.
>
> On Mon, 29 May 2023 at 20:41, wolf <wolf@wolfsden.cz> wrote:
> >
> > On 2023-05-24 18:04:47 +0100, Graham Addis wrote:
> > > Dear people,
> > >
> > > I tried to create a docker image to use in a gitlab-ci instance but it
> > > failed because I couldn't use --entry-point="bin/sh -l -c" or
> > > equivalent, basically the gitlab-runner complains that it can't run
> > > binaries.
> >
> > Would this be better using just bin/sh for the entry point and passing the -l
> > and -c as an arguments?
>
> Probably, but I don't think that's an option in gitlab ci and anyway
> it would be nice to support the docker options.
>
> > > I've managed to get it working by making some changes to guix/scripts/pack.scm
> > >
> > > Adding a fn in docker-image, just before the call to
> > > build-docker-image, to create a list from the string passed in from
> > > --entry-point="bin/sh -l -c"
> > >
> > > (define (make-docker-exec-form prefix value)
> > > (cond
> > > ((equal? value '())
> > > '())
> > > ((equal? prefix '())
> > > (string-split value #\space))
> > > (else
> > > (let ((values (string-split value #\space)))
> > > (cons
> > > (string-append prefix "/" (car values))
> > > (cdr values))))))
> >
> > If I read this right (sorry, still somewhat new to guile), you basically split
> > the --entry-point argument on spaces and use those parts as separate values to
> > invoke, is that correct? If so, how would you pass a binary that has space in
> > the name (joke example: `/bin/ba sh') into the entry-point?
>
> Basically, yes, and you are right about the problem.
>
> I looked through all the guix documentation I could find and the only
> other place I saw that a list was passed in an option was for URLs and
> they were separated by spaces.
>
> > > And replacing the setting of entry-point in the build-docker-image call to:
> > >
> > > #:entry-point (make-docker-exec-form
> > > #$profile #$entry-point)
> > >
> > > The call to build-docker-image takes a list for entry-point, and it
> > > all works fine as far as I can tell.
> > >
> > > Before I send in a patch, some questions:
> > >
> > > Am I missing something?
> > >
> > > Am I on the right track?
> >
> > In my opinion (which you are free to disagree with :) ), I think it would be
> > better to either have /bin/sh as an entry-point (and pass -l -c as arguments
> > when starting the container, if required) or create a wrapper script /bin/shlc
> > that would exec /bin/sh with correct arguments.
>
> Yep, lots of possible workarounds, but it seems to me that it would be
> better spending the time adjusting the pack command to fit the spec.
>
> > Few random ideas: Maybe the same format Containerfiles use for cmd and
> > entrypoint directives could be used? Maybe the --entry-point could also (in
> > addition to a string) accept a list of strings (LISP list)?
>
> Sounds good to me. Do you have a reference for the json for this? (Not
> a big deal as I think I've worked it out from the code, but it's
> always nice to have the specs...)
>
> From the Dockerfile reference for ENTRYPOINT
> https://docs.docker.com/engine/reference/builder/#entrypoint there are
> two fomrs:
>
> ENTRYPOINT ["executable", "param1", "param2"] # The exec form, which
> is the preferred form:
>
> ENTRYPOINT command param1 param2 # The shell form:
>
> To implement the shell form I'd need to update build-docker-image in
> guix/docker.scm
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/docker.scm#n139
> to take a string instead of/ as well as the list it currently takes.
> Then update docker-image in guix/scripts/pack.scm
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/pack.scm#n592
>
> Invocation would then simply be --entry-point="command param1 param2"
>
> To implement the exec form (preferred according to docker) I wouldn't
> need to touch guix/docker.scm, but I would probably need to change the
> parsing for --entry-point as well as updating docker-iimge.
I did not know Guix does not currently support the shell form. In that light I
think it should not be implemented, since once your idea (arguments for entry
point) is implemented, it will be trivial for end-user to emulate it if so
desired.
>
> I prefer the second option, for which all I need is some guidance on
> the option syntax
>
> .e.g. --entry-point=["command", "param1", "param2"]
>
> Suggestions please. :)
>
> I could implement both and test for a string or a list and choose
> between the shell and exec forms from there, but to be consistent with
> the existing implementation.
>
> Once I'm clear about the best approach for this, I could add the CMD
> too, if that would be useful.
> https://docs.docker.com/engine/reference/builder/#cmd
>
> One strange thing, I couldn't see the need for prefixing the profile
> to the ENTRYPOINT command:
> https://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/pack.scm#n670
> I took it out and everything seems to work, so I'm not sure what
> problem it is fixing. Anybody any idea?
Wild guess, but it might depend on your container runtime (whether it uses execv
or execvp). Absolute path feels somewhat more robust.
>
> Thanks,
>
> Graham
>
W.
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2023-06-01 22:05 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-24 17:04 guix docker on gitlab-ci Graham Addis
2023-05-29 19:41 ` wolf
2023-05-30 6:52 ` Graham Addis
2023-05-31 17:47 ` Graham Addis
2023-06-01 21:55 ` wolf
2023-06-02 8:13 ` Graham Addis
2023-06-05 15:37 ` Graham Addis
2023-06-05 17:35 ` wolf
2023-06-05 21:38 ` Graham Addis
2023-06-13 16:56 ` Graham Addis
2023-06-19 15:54 ` Graham Addis
2023-06-01 22:04 ` wolf [this message]
2023-06-02 8:06 ` Graham Addis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZHkV84ZtxsP-mpFt@ws \
--to=wolf@wolfsden.cz \
--cc=Help-Guix@gnu.org \
--cc=grahamjamesaddis@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).