linuxkit icon indicating copy to clipboard operation
linuxkit copied to clipboard
verified publisher icon linuxkit

Support build-args

Open deitch opened this issue 6 years ago • 12 comments

Open issue for discussing supporting --build-arg in lkt pkg build. On the one hand, this does limit some of the reproducibility, as they can change at build-time without being tracked in any version-controlled file. On the other hand, docker build already supports it (has for a long time), and it can open the door towards cross-arch building (which itself deserves a whole other topic due to buildkit).

deitch avatar Aug 01 '19 07:08 deitch

I use build-arg to change builds commit / release / tag of a git repo if needed. So would be nice to have!

pwFoo avatar Mar 09 '20 21:03 pwFoo

As workaround I need to build images with docker build before I can use linuxkit. Second advantage is that I can build from a git repo instead of local Dockerfiles.

pwFoo avatar Mar 13 '20 18:03 pwFoo

@deitch Is it possible to add linuxkit "config" (cmd, capabilities, binds, ...) to a docker build created image instead of use linuxkit pkg?

pwFoo avatar Mar 14 '20 12:03 pwFoo

I use build-arg to change builds commit / release / tag of a git repo if needed

I do that with a lot of my images; it is how I inject all of that info. I suspect most everyone who builds with docker does it.

As workaround I need to build images with docker build before I can use linuxkit

What do you mean?

Is it possible to add linuxkit "config" (cmd, capabilities, binds, ...) to a docker build created image instead of use linuxkit pkg?

Again, please describe what you mean?

deitch avatar Mar 15 '20 15:03 deitch

I need to sort some things. Written a quick and dirty script to build a custom system with linuxkit based on busybox, rustysd, crun and gpm. https://github.com/dengleros/dosctl/blob/master/README.md

I use linuxkit and docker build (url based source) in my script to work around some limitations / problems.

pwFoo avatar Mar 15 '20 20:03 pwFoo

Forgive me for being dense @pwFoo . Can you write out a sample here? E.g. "here are the steps I would like to be able to take, and the expected outcome," followed by, "here is what I do now to work around it"?

deitch avatar Mar 16 '20 10:03 deitch

I tried to use linuxkit to build docker images, tar archives and os (kernel+initrd) from remote build context (git repo), but it fails with git clone the repo. Also I would need build-arg. Because both doesn't work with linuxkit pkg / build I moved to docker build with most parts aside os (kernel+initrd) itself...

Would be great to just use linuxkit for all that parts. Workaround for needed and missing features is the way back to docker build. I wouldn't change my script back to linuxkit for the docker build parts to collect some examples / error messages at the moment. So I stay with the current solution until linuxkit will support all needed features and options.

pwFoo avatar Mar 20 '20 23:03 pwFoo

@deitch Tried to use gitrepo for url / git based build context, but it doesn't work? #3478

pwFoo avatar Mar 21 '20 08:03 pwFoo

Tried to use gitrepo for url / git based build context

Let's keep that conversation in the other issue, now that it is clear.

For this one, it is back to build-arg. You are looking to pass arbitrary build-args to the docker build underlying lkt pkg build?

deitch avatar Mar 22 '20 11:03 deitch

Yes, that is what I try to do!

pwFoo avatar Mar 22 '20 13:03 pwFoo

Definitely open to the idea. Want to send a PR in for it?

deitch avatar Mar 22 '20 15:03 deitch

This issue became a blocker for us as well. We need to have kind of devloper/debug build, which includes some convenience instruments for ad-hock tinkering. These instruments absolutely can not be included in production builds because that would be very obvious security hole.

Solution proposed in #3774 does not sacrifice reproducibility, since the build-arg is declared within the build.yml. Therefore all mutations in it, would result in the different artefact hash.

zededa-yuri avatar Apr 05 '22 12:04 zededa-yuri