From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <help-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms13.migadu.com with LMTPS
	id KOxQNnQJYGfvzAAAqHPOHw:P1
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 16 Dec 2024 11:05:25 +0000
Received: from aspmx1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0.migadu.com with LMTPS
	id KOxQNnQJYGfvzAAAqHPOHw
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 16 Dec 2024 12:05:24 +0100
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1734347124; a=rsa-sha256; cv=none;
	b=BGeo8KfF0Sd4eUzSmtBaGRSGedxr9KMyQ7wVAVBHbW9LeuGugmeFUYm451uCkWY9+sk/eK
	DZjVfEeubA7ZL45H2dDvtZ7lcRcSFh3xRg9Ch4yRSNo5ImUBP2roCfqx4fX+KTqM0t3tG3
	DISNWFhYV3Qz2XNt0iFKMX26mraF661a3pQTsdsdnn/Z8vbmOlqNJ6gD9/rbDS1zjoHcNf
	9Y+aIDJLpZmLghwuzt0NW9jelxmSqWUUBAGdhfytuhnFI4IW8WsAxPf5GlOrISfb6J0ePT
	f1Gt8jBTqyFLlwSARiXBrx6UKYVgj8vb5dFGJYgCbGcqj/kVlKBlOENf29eRng==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1734347124;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post; bh=zKiCockiH53SIBf32ZF4QjYDuHWI1+uhH66E9MlK5Qg=;
	b=q+PapNMiF9VS2aQok+5dtyjEBeQ+ZOm20I0HG+uu3I/0IwK/7vFptAe1YD0ll2BH4bl21P
	twbPZ4Q2VrwLBGqjDlBjzmHUP63j+PYvzZIOZ5w+E4fBpL59BAR9Pzpb87velb5IP+onEO
	73aLki0rLGApMY9fwVUWZvS3M8wVYGSdHz1oLI0Azzu+aMMRHelqIlw7m2HY8rHLpPv5sa
	O3MUyjXQQJ6tOxi1aB7A8ucYpw2nkKUBpkIy0bQJxS64s42zTU7zwGnXEAx946Z//GDkJ2
	OxWDzPOnFrbjS6N3zAXfkSk+Ce6X9kn3A715QE8OiKkdW92YiJHEuVQOD5TsJg==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 942DA1E562
	for <larch@yhetil.org>; Mon, 16 Dec 2024 12:05:24 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <help-guix-bounces@gnu.org>)
	id 1tN8uJ-0004BD-RH; Mon, 16 Dec 2024 06:05:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <andreas@enge.fr>) id 1tN8u6-000495-Ov
 for help-guix@gnu.org; Mon, 16 Dec 2024 06:04:48 -0500
Received: from hera.aquilenet.fr ([185.233.100.1])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <andreas@enge.fr>) id 1tN8u4-0006ij-86
 for help-guix@gnu.org; Mon, 16 Dec 2024 06:04:46 -0500
Received: from localhost (localhost [127.0.0.1])
 by hera.aquilenet.fr (Postfix) with ESMTP id 99696346;
 Mon, 16 Dec 2024 12:04:40 +0100 (CET)
X-Virus-Scanned: Debian amavis at hera.aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
 by localhost (hera.aquilenet.fr [127.0.0.1]) (amavis, port 10024) with ESMTP
 id RbL5bLcPiw84; Mon, 16 Dec 2024 12:04:40 +0100 (CET)
Received: from jurong (176-179-191-150.abo.bbox.fr [176.179.191.150])
 by hera.aquilenet.fr (Postfix) with ESMTPSA id 787A6251;
 Mon, 16 Dec 2024 12:04:39 +0100 (CET)
Date: Mon, 16 Dec 2024 12:04:37 +0100
From: Andreas Enge <andreas@enge.fr>
To: Simon Josefsson <simon@josefsson.org>
Cc: help-guix@gnu.org, ludovic.courtes@inria.fr, suhail@bayesians.ca,
 Cayetano Santos <csantosb@inventati.org>
Subject: Re: Building a Docker image for GitLab-CI
Message-ID: <Z2AJRccAAH9bIflo@jurong>
References: <87ttb4d5c8.fsf@inventati.org> <87a5cwd4bn.fsf@inventati.org>
 <87ed27oqn9.fsf@kaka.sjd.se>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87ed27oqn9.fsf@kaka.sjd.se>
X-Rspamd-Server: hera
X-Rspamd-Queue-Id: 99696346
X-Spamd-Result: default: False [-9.58 / 15.00]; REPLY(-4.00)[];
 NEURAL_HAM(-3.00)[-0.999]; BAYES_HAM(-2.98)[99.93%];
 MID_RHS_NOT_FQDN(0.50)[]; MIME_GOOD(-0.10)[text/plain];
 MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[];
 FROM_HAS_DN(0.00)[]; RCVD_COUNT_TWO(0.00)[2];
 URIBL_BLOCKED(0.00)[readme.md:url,inria.fr:url,localhost:helo,localhost:rdns]; 
 RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[];
 RCPT_COUNT_FIVE(0.00)[5]; TO_DN_SOME(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; ARC_NA(0.00)[]
X-Spamd-Bar: ---------
X-Rspamd-Action: no action
Received-SPF: pass client-ip=185.233.100.1; envelope-from=andreas@enge.fr;
 helo=hera.aquilenet.fr
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: help-guix@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/help-guix>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org
Sender: help-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
X-Migadu-Spam-Score: -5.69
X-Spam-Score: -5.69
X-Migadu-Queue-Id: 942DA1E562
X-Migadu-Scanner: mx12.migadu.com
X-TUID: UyJzWRXtOj/X

Hello Simon,

Am Mon, Dec 16, 2024 at 11:42:34AM +0100 schrieb Simon Josefsson via:
> I am trying to get a Guix container usable in GitLab, and thought I'd
> share my status.  I have established working networking in the resulting
> Guix container, which seems like progress (whoohoo!).  tl;dr:

at work we are using gitlab CI to build guix docker containers and run a
node on openshift for the bordeaux build farm:
   https://gitlab.inria.fr/enge/plm-guix
The README.md is completely outdated and serves mainly as a reminder to
myself on how this docker thing works; every time I look at it after a
break of a few months I have forgotten how to use a docker container...

And of course I have already forgotten the details; probably we should
write a little blog post. I will talk about it with my colleague when I
meet him next year ;-)

We also start with a Debian image and use a Dockerfile to install Guix
in it, as described in the Guix manual. Then for CI, we use this fixed
docker image to create a new one every time our repository (with a
channels.scm file and the plmshift.scm OS configuration file) changes.
In our case, this second docker image is the artefact that we then deploy.
We use "docker in docker" to create the images, and if I understood
correctly, this requires some privileges; these may not be given on
gitlab.com, but are available in our self-hosted instance.

Andreas