RFE: formalize Containerfile workflow for custom stage outputs #5529
Labels
jira
Issues which will be sync'd to a card at https://issues.redhat.com/projects/RUN
Comments
nalind
added
the
jira
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 15, 2024
In certain cases, having a context set could change the meaning of a Containerfile. See: containers/buildah#5529 For details of a situation affecting Flatpaks and bootc images. This applies to both to any context from the CONTEXT parameter, and the implicit context from SOURCE_CODE_DIR. To avoid any possible problems, just change to the context directory and use a context argument of .
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 16, 2024
Expose the --skip-unused-stages argument to Buildah as a parameter. This is needed to handle certain Containerfiles where stages have hidden side-effects like writing things to the context directory. See containers/buildah#5529 for details.
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 16, 2024
Expose the --skip-unused-stages argument to Buildah as a parameter. This is needed to handle certain Containerfiles where stages have hidden side-effects like writing things to the context directory. See containers/buildah#5529 for details.
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 16, 2024
Expose the --skip-unused-stages argument to Buildah as a parameter. This is needed to handle certain Containerfiles where stages have hidden side-effects like writing things to the context directory. See containers/buildah#5529 for details.
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 16, 2024
Expose the --skip-unused-stages argument to Buildah as a parameter. This is needed to handle certain Containerfiles where stages have hidden side-effects like writing things to the context directory. See containers/buildah#5529 for details.
github-merge-queue bot
pushed a commit
to konflux-ci/build-definitions
that referenced
this issue
May 16, 2024
In certain cases, having a context set could change the meaning of a Containerfile. See: containers/buildah#5529 For details of a situation affecting Flatpaks and bootc images. This applies to both to any context from the CONTEXT parameter, and the implicit context from SOURCE_CODE_DIR. To avoid any possible problems, just change to the context directory and use a context argument of .
owtaylor
added a commit
to owtaylor/build-definitions
that referenced
this issue
May 21, 2024
Expose the --skip-unused-stages argument to Buildah as a parameter. This is needed to handle certain Containerfiles where stages have hidden side-effects like writing things to the context directory. See containers/buildah#5529 for details.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
See also: containers/podman#12605
In some cases, we want a Containerfile to take control of generating layer contents and metadata in very specific ways. Examples:
This is somewhat possible currently, you can do this by mounting the context directory (or a subdirectory) read-write, writing a container image there, then making the next stage inherit that with a containers-transports url -
FROM oci-archive:out.ociarchive.But there are some downsides:
FROM oci-archive:out.ociarchiveis not context-relative, it's just a filesystem path interpreted relative to the working directory of buildah. This is inconsistent: in all other cases (COPY, run --mount, etc.) referenced filesystem paths are context-relative and are restricted to being a subdirectory of the context dir, and also creates a problem that the Containefile no longer is independent of the context dir specified on thebuildah buildline - a Containerfile might only work with a context-dir of., for example.--skip-unused-stages=falseor make a dummy reference to the stage (see the bootc Containerfile above for an example.)Ideally, it would be possible to do something like:
Though just fixing the path issue would already be an improvement.
Possible Questions
Couldn't this just be scripted using individual buildah commands? Why is a Containerfile necessary?
One place where we want to use this is as part of the Konflux build service. In this case, it's very desirable to separate out the specification of what we build (via a Containerfile) from the mechanics of how we build it (with different resource limits, on multiple architectures, etc.) Having to customize the build task mixes the two up creating an explosion of different possible tasks. It's also quite desirable to be able to just give a developer a Containerfile and say "this is how you build a Flatpak", compared to a (possibly complex) shell script.
What about compatibility with other Containerfile consumers
All I can say here is that while
FROM oci-archive:<path>isn't a syntax extension to the Containerfile spec, it's still a Buildah specific extension.The text was updated successfully, but these errors were encountered: