Re: Release: Docker Image? DockerHub? skopeo?

[Danny Milosavljevic]

Hi zimoun,

On Tue, 17 Nov 2020 18:30:57 +0100
zimoun <zimon.toutoune@gmail.com> wrote:

> > Yeah, someone needs to create /tmp.  That someone is not Guix (it
> > would be weird).  
> 
> Created where?

Created when creating the docker image--presumably by Docker when evaluating
Composefile.

AFAIK Docker images are supposed to be composed of multiple things using a
Composefile.[1]

So Docker has to have some mechanism to set up the shared space that all those
multiple things need.

Ideally, we/the user should use this mechanism to add /tmp--not create it
manually by some weird script in the running container.

> If with the container:
> 
> --8<---------------cut here---------------start------------->8---
> docker exec guix mkdir -h
> OCI runtime exec failed: exec failed: container_linux.go:349: starting 
> container process caused "exec: \"mkdir\": executable file not found in 
> $PATH": unknown

You have to use guix repl, then it will work.
There's no coreutils in there, just guix.

That's what /with-guix-daemon.scm in guix-on-docker does (it's already in the
image), among other weird things.

I paste it in full here:

(use-modules (ice-9 match))
(if (not (file-exists? "/tmp"))
    (mkdir "/tmp"))
(system "/root/.config/guix/current/bin/guix-daemon 
--build-users-group=guixbuild --disable-chroot &")
(sleep 2)
(match (command-line)
 ((me next-executable rest ...)
  (match (cons next-executable rest)
   ;; gitlab runner invokes "sh -c" for a shell existence check.
   ;; Replace it by bash.
   (("sh" "-c" rest ...)
    (apply execlp "guix" '("guix" "environment" "--ad-hoc" "bash" "coreutils" 
"--" "bash")))
   ((next-executable rest)
    (apply execlp next-executable (cons next-executable rest)))))
 ((me)
  ;; For gitlab runner, see 
<https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#overriding-the-entrypoint-of-an-image>.
  (apply execlp "guix" '("guix" "repl"))))
(exit 1)

It's used as entrypoint by me manually (because it's full of weird workarounds
like this it's NOT the default entrypoint), overriding docker's entrypoint by
["guix", "repl", "--", "/with-guix-daemon.scm"].

> Sorry to be so naive.

No, I don't use docker that much--and when I do, it's to run simple images
others have created.  So I just really don't know how this is supposed to
be set up.  I mean there has to be a way to set this up--that is one of the
first things anyone would need--shared /tmp, /etc/passwd, /etc/group,
/etc/services and so on.  The parts that are composed together by Docker have
to negotiate a common version of those, right?

> > /tmp is a common directory, so it does not belong to any of the parts that
> > have been composed, or maybe there should be a standard "/tmp" part?
> >
> > Is there such a standard "/tmp" part in Docker-land?
> >
> > Similarly, but worse, with /etc/passwd, /etc/group, /etc/services and so 
> > on.  
> 
> I do not know.

I hope that others will chime in explaining what the standard way to do this
is.  The workaround above *does* work, though (and is the wrong thing to do).

[1] https://docs.docker.com/compose/

pgpC3SJf5ZJ7g.pgp
Description: OpenPGP digital signature