Ensure correct and optimal images are used in pipelines #990
Assignees
Labels
Comments
|
Related: #869 |
|
Related: #805 |
sbomer
added a commit
that referenced
this issue
Apr 4, 2024
Per #990 we would like to avoid installing `sudo` onto our build images if possible. This was added for dotnet/llvm-project#456, which I believe didn't end up using `sudo`.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are a variety of patterns in use that are not correct or could be made more optimal.
Managed-only builds
We have large images that are intended for native builds. They get used for managed builds, too, which is massive overkill, but we don't offer anything better.
https://github.com/dotnet/arcade/blob/5d8abb43f355edc287d57907967224a0ac5ebb9f/eng/common/templates/jobs/source-build.yml#L17
Referenced image Dockerfile: https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/centos/stream8/Dockerfile
Some runtime repos use the build images for testing. Perhaps they would be satisfied with the same more minimal image.
https://github.com/dotnet/diagnostics/blob/217abce2d2f1a253795231925b049b1171f151ea/eng/pipelines/pipeline-resources.yml#L37
The new image flavor be based on
runtime-depsand add a few tools likegit. That's what I'd expect to see at https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/cbl-mariner/2.0/amd64/Dockerfile (when we have anazure-linux/3.0folder.Cross builds
Some cross builds use old patterns.
https://github.com/dotnet/diagnostics/blob/217abce2d2f1a253795231925b049b1171f151ea/eng/pipelines/pipeline-resources.yml#L21
We should stop producing these forms of image:
Varying targets
Some teams need separate targets. Today, the build targets Ubuntu 16.04. The referenced example targets Ubuntu 18.04. Could it just build in plain Mariner instead? Would that provide sufficient compatibility? We should understand the requirements.
https://github.com/dotnet/jitutils/blob/0601313f1d0c30fbfe0143e405d1918c5daed920/coredistools.yml#L42
sudoOur images contain
sudo. It would be very nice to remove it. It's hard to see that this is a good pattern.https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/centos/stream8/Dockerfile#L54
We should revisit this too:
https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/cbl-mariner/2.0/helix/amd64/Dockerfile#L31
Python on Debian
Python is integrated into Debian more than other distros. This actually makes it more complicated for our use case. We don't appear to have an optimal pattern. We need to work on that more (and document it).
https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/debian/12/helix/amd64/Dockerfile#L26-L40
Helix and toolsets
There are lots of toolset packages in our helix images. Do we have use cases where they are used in helix?
https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/main/src/debian/12/helix/amd64/Dockerfile#L5-L23
Tagging scheme
The tagging scheme is a bit different for our two repo families, w/rt OS version. They should be the same.
mcr.microsoft.com/dotnet/runtime-deps:8.0-cbl-mariner2.0mcr.microsoft.com/dotnet-buildtools/prereqs:cbl-mariner-2.0The text was updated successfully, but these errors were encountered: