ci: Shift to a prebuilt Docker image#62
Conversation
|
Cool, this sounds like a good idea to me, and even at least one kernel dev found this useful!
So not having a custom PPA we need to fetch from, just our custom build in our repo? Seems good, in case the PPA accidentally disappears.
Yep, external devs already found this useful.
Probably don't even need a full blown debian distro, could roll our own. Definitely out of scope for V0. Do you have any measurements what the image size is AFTER this change, for comparison?
I don't follow; we can't download build artifacts from Travis, so the time it takes to build the docker image in travis doesn't matter. Or do you mean having more time to run continuous-integration on travis?
Would you mind moving these to our organization? I trust everyone in the org with the keys, but I would like to prevent departures from github from affecting our infra.
With the above change in repo, I'm cool with you setting up the docker org, and trusting you with the responsibility of releasing updates to the docker image. Maybe you could share the pw privately with me and Joel should we ever need it? TODO: will have more comments inline in the PR |
|
When using Docker I shy away from the idea of downloading binary images (we do this by relying on a distro, but there is a level of assurance that the binaries from a distro have been generated safely). Have we given consideration to this? Another downside is it breaks people running on on-x86 systems. This detail is less of a blocker as we already have this problem with the nightly clang images being x86-only. |
That's a fair point.
I think the current cl makes it so that you can still invoke driver on a non-x86 host. Is the issue that the docker image is not garunteed to work across architectures? If so, could we make an additional ppc docker image that is NOT used on travis (since their infra is only x86_64 to my knowledge), but for folks prefering/using docker+ppc? |
nathanchance
force-pushed
the
prebuilt-dockerimage
branch
from
4ee8e3d to
f839e84
Compare
Yes, the QEMU binaries are built and installed during the Dockerfile build and the image will be updated daily so there will never be dependency issues (because as noted in b7ee15e, the QEMU binaries are built on Ubuntu).
I don't but I will take a look tonight/tomorrow. I have noticed that the builds on average with a 100% ccache hit rate seem to be about a minute faster with this change.
I made the comment more thinking down the line if we ever need to build something that is out of date with Debian, we wouldn't be cutting into the build time of this repo because the Dockerfile is in another one so we have a full 50 minutes to do whatever we need to there.
Absolutely, just wanted to get your approval for it first :) Done: https://github.com/ClangBuiltLinux/dockerimage
https://hub.docker.com/r/clangbuiltlinux/ I can add you guys as owners of the organization and you should be able to manage it too.
Hmmm not sure I understand exactly. What binary images are we downloading?
Well I guess the
Yeah it's not (I just tested on my Raspberry Pi) so I think having various architecture images wouldn't be a bad idea (link to look into later). I guess QEMU would need to be cross compiled in those cases. |
|
https://hub.docker.com/u/ndesaulniers/ is my account. |
Done. |
|
LGTM, let's make sure to resolve any issues @shenki foresees, or at least file some TODO's in the dockerimage issue tracker. |
Right, the Docker image will not work on ppc64 as it is now a binary that is built and published for x86 only (where as before it was dynamically generated).
That would help. (The ppc64le support for Travis is in soft release. eg: https://github.com/grooverdan/hello-world/blob/master/.travis.yml#L5) re: qemu, I would prefer we help Debian update their packaging instead of working around it by building locally. Local builds work around the problem for this project, but it does not help the wider ecosystem. I have engaged some Debian developers to see if what can be done to help. For example, I did this for the skiboot package and the Debian maintainer has now published a new version: https://metadata.ftp-master.debian.org/changelogs/main/s/skiboot/skiboot_6.1-3_changelog |
Fair point, I hadn't considered that. However, a user wanting to take advantage of it could still just run
I mean those two things don't have to be mutually exclusive. We can work on getting their package updated and build locally in the meantime. Hopefully, they will update the package after we make it clear that we need an updated version. If you wanted to absolutely minimize our delta with Debian, we could install |
I agree. I've filed ClangBuiltLinux/dockerimage#1.
Porque no los dos? 🌮 😋
How do we contact the current maintainer? |
I've given this some thought and I think this is probably a reasonable way to ensure that we stay close in line with Debian: ClangBuiltLinux/dockerimage@0706b50 Additionally...
I've now switched to this: ClangBuiltLinux/dockerimage@1fa7a8f Assuming there are no major issues, I will pull request these tonight and push the changes needed in this repo after that (can be viewed here: https://github.com/nathanchance/continuous-integration/commits/prebuilt-dockerimage-after-review) |
nathanchance
force-pushed
the
prebuilt-dockerimage
branch
3 times, most recently
from
0d5d7e4 to
dadd124
Compare
|
@shenki do you have reservations that have not been satisfied with this PR or filed issues? |
|
Apologies for the radio silence. I've been off on another project. I don't think we had any issues with the using the PPA as we were. The advantage of sticking with packaged software is when the maintainer updates Debian/Ubuntu, we would see the new package included in the image without doing any work. I preferred the previous setup where an image was built at runtime, as the idea of downloading a preconstructed image worries me. However given we are only using this for throw away builds to spot build errors, I think the risk is acceptable. I appreciate the hard work that has gone in to this change, and if consensus to move in that direction then we should merge it. Thanks @nathanchance! |
|
@tpimh's suggestion to move to Ubuntu Bionic/Cosmic in #34 would allow us to continue using the PPA and potentially make creating multi-arch containers easier but that's something that can be discussed in the dockerimage repo (current version of that change) because that's where it would be merged. I'm happy with this change as is if everyone else is! |
This moves our Travis setup to use a Docker image built specifically for ClangBuiltLinux. It will be built daily via a Travis cron. The benefits of this include: 1. Removing the potentially messy dependency dance that we are currently doing with our QEMU PPA by moving to an up to date version of Ubuntu instead of Debian. 2. Having a consistent environment that can not only be used by Travis but by other developers looking to get involved with the project. 3. Faster CI. The current image clocks in at around 231MB, which is the only thing that needs to be downloaded because everything else is already installed and setup. 4. If for some reason we wanted to switch environments (such as to a smaller distro like Alpine Linux), we could build more things from source if they were out of date because we would have a full 50 minutes with a Travis job (since the Dockerfile is in a separate repo). Closes ClangBuiltLinux#34. Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
As of ClangBuiltLinux/dockerimage@99b0f1a, we no longer package GCC in our Docker iamge. Don't check for it in driver.sh (where it was never actually used after commit 4ae8976). Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
nathanchance
force-pushed
the
prebuilt-dockerimage
branch
from
dadd124 to
235265e
Compare
3 participants
I think it is time that this is brought to a pull request for discussion.
This moves our setup to having our Docker environment be prebuilt and
setup automatically daily with a Travis cron.
The benefits of this include:
Removing the potentially messy dependency dance that we are currently
doing with our QEMU PPA.
Having a consistent environment that can not only be used by Travis
but by other developers looking to get involved with the project.
Faster CI. The current image clocks in at around 450MB, which is the
only thing that needs to be downloaded because everything else is
already installed and setup.
If for some reason we wanted to switch environments (such as to a
smaller distro like Alpine Linux), we could built more things from
source because we would have a full 50 minutes with a Travis job.
Currently, the Dockerfile and other files are on my GitHub, they are
fairly easy to understand and modify.
https://github.com/nathanchance/cbl-dockerimage
I can create a ClangBuiltLinux organization on Docker Hub and move the
image there and the repo to this organization if people so desire. I am
also open to having that reviewed as well, all comments are welcome!
Closes #34.