Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
26 check-ins for the month beginning 2023-03-01 by user wyoung
Following month ↑|
2023-03-31
| ||
| 18:49 | Updated the Podman docs to no longer talk about all the "sudo" stuff we used to have to do to get it to build and run. There are no more mknod calls to fail in that rootless environment. ... (check-in: 779cb8fd user: wyoung tags: trunk) | |
|
2023-03-30
| ||
| 18:14 | Updated the container size info in the Fossil v Git doc to track recent developments. ... (check-in: 283b1a42 user: wyoung tags: trunk) | |
| 14:51 | Commit [cda5d6a7] invalidated the BusyBox steps in the Tcl and Python examples in §3.2 of the containers doc. ... (check-in: ddcdc6f3 user: wyoung tags: trunk) | |
|
2023-03-28
| ||
| 13:29 | Using "FROM busybox" in the second stage of the Dockerfile instead of "FROM scratch" plus a copy of the busybox.static binary installed via APK in the first stage. We're throwing this layer away in the third stage, so the difference is immaterial. This simplifies things without losing anything we care about. ... (check-in: cda5d6a7 user: wyoung tags: trunk) | |
| 00:02 | Post-sleep edit pass on the new material in §3.2 of the containers doc. ... (check-in: d21fb267 user: wyoung tags: trunk) | |
|
2023-03-27
| ||
| 07:24 | Refined the Tcl and Python examples in the new §3.2 of the container doc. ... (check-in: 9baa4423 user: wyoung tags: trunk) | |
| 06:33 | Switched to a split ENTRYPOINT/CMD scheme for launching the Fossil server in the container. The immediate need is so we override lower-level ENTRYPOINTs provided by mix-in layers, but it's more correct generally. ENTRYPOINT says this is the hard-coded purpose of the container, and CMD gives the arguments to that command. The split is therefore between the mandatory parts and the parts the user might want to override without needing to write their own Dockerfile. ... (check-in: deb99e22 user: wyoung tags: trunk) | |
| 04:59 |
The container now uses BusyBox only in the build and setup stages,
leaving just the static Fossil binary in the final stage, plus absolute
necessities like a /tmp directory.
This removes the justification for the custom BusyBox configuration, which then means we can use Alpine's busybox-static package in the second stage, saving a bunch of network I/O and build time. That in turn means we no longer have any justification for jailing the Fossil binary, since there's nothing extra left inside the container for it to play with. Doing this required bumping the Dockerfile syntax back up from 1.0 to 1.3 to get the "COPY --chmod" feature; tested it in Podman, which has had it for two years now. Doing all of this simplifies the Dockerfile and its documentation considerably. As a bonus, it builds quicker, and it's nearly a meg lighter in compressed image form. Especially for the case of using the container as a static "fossil" binary builder, this is nothing but win. ... (check-in: 79ac06a5 user: wyoung tags: trunk) | |
|
2023-03-24
| ||
| 10:21 | Comment and whitespace tweaks ... (check-in: 81c30ab9 user: wyoung tags: trunk) | |
| 08:27 | Switched from a Dockerfile "ADD" command to wget for the BusyBox source tarball because, surprisingly, BuildKit pulls the URL unconditionally under the logic that it can't know whether to cache the pulled data until it has a copy to compare against! This not only means you pull the BusyBox source tarball for each container build even though it's tagged and thus cannot possibly change, it puts a load on GitHub which then causes it to begin throttling each pull, making your local builds slower and slower when iterating on a change set, as in the prior set of commits. By pushing the URL down into a wget command, we cause BuildKit to see an unchanging shell script line (assuming $BBXURL keeps its default) so it *does* cache the pulled layer. ... (check-in: ac955594 user: wyoung tags: trunk) | |
| 08:13 | Another fixup to the nojail patch to track the previous. (Can't reliably create these patches without having a committed version to diff against, alas.) ... (check-in: c9e4b3d2 user: wyoung tags: trunk) | |
| 08:07 | Dropped our canned /etc/os-release file entirely, recommending instead that those who need a VM-like container image switch the second stage from "scratch" to one of Google's "distroless" images, which provide that and more. That in turn gets rid of the need for the dummied up /usr/bin and /run, which simplifies the mainstream case. ... (check-in: d778a023 user: wyoung tags: trunk) | |
| 07:43 | Updated the nojail patch so it applies cleanly atop all these recent Dockerfile changes. No functional change; merely tracks changes in the context parts of the diff. ... (check-in: 2bdd5819 user: wyoung tags: trunk) | |
| 07:03 | Tiny clarity tweaks to the Dockerfile. No functional change. ... (check-in: 591e3eb9 user: wyoung tags: trunk) | |
| 05:23 | Removed a reference to /etc/os-release from stage 2 of the Dockerfile. Commit [4cb5c03e] took care of stage 1 only. ... (check-in: 4b41a7f8 user: wyoung tags: trunk) | |
| 05:20 | Switched from "adduser" and "addgroup" commands for setting up the "fossil" user to direct echo-into-output, same as we already do for the root user. We had to to it for root since the BusyBox implementation of adduser/addgroup won't create these files if they're missing, but that meant we had two different ways of creating users and groups. This not only removes a weak dependency, it's more consistent. ... (check-in: fff11fc6 user: wyoung tags: trunk) | |
| 05:17 | Added the interactive debugging shell command to the Quick Start section of the containers doc for easy cut-and-paste. ... (check-in: 2f014407 user: wyoung tags: trunk) | |
|
2023-03-23
| ||
| 18:03 | URL and whitespace fixes to previous. ... (check-in: 9e73519c user: wyoung tags: trunk) | |
| 16:40 | The /etc/os-release workaround for nspawn's pickiness has caused the feature to go into negative ROI territory. Ripped it out of the mainstream process and made it a manual step for those who need it, in the hopes that this will cause fewer ongoing problems than leaving it as it is. ... (check-in: 4cb5c03e user: wyoung tags: trunk) | |
| 15:51 | Dropped declaration of Dockerfile syntax version from 1.4 to 1.0. Put it at 1.4 when we were using heredocs, a feature that went from experimental to stable at that version, then failed to drop it back when we replaced the use of heredocs with externally generated files to regain Podman compatibility. ... (check-in: 5b62bfe1 user: wyoung tags: trunk) | |
| 15:42 | Linked to the Dockerfile from the top of the containers doc. ... (check-in: 2210c15d user: wyoung tags: trunk) | |
|
2023-03-13
| ||
| 20:58 | Renamed the new "Capabilities" glossary entry to "Capability" since we shouldn't be using a plural top-word entry even though they're defined, transported, stored, and otherwise treated as a group. Also replaced a use of this word in its own definition. ... (check-in: d3f45814 user: wyoung tags: trunk) | |
| 20:44 | Moved the "snapshot" term in the glossary down into a footnote because it's got assorted problems, making it a much worse overall synonym for "version" even than "UUID". ... (check-in: 733ef88a user: wyoung tags: trunk) | |
| 19:54 | Expanded the "version/revision/UUID/snapshot" discussion in the glossary into a separate term since these aren't strict synonyms for "check-in", the definition which previously hosted this topic. ... (check-in: 58030a78 user: wyoung tags: trunk) | |
| 19:00 | Added a new glossary item "Capabilities" to introduce the term and distinguish it from "Permissions", and made several changes to the referenced document to reinforce this distinction and explain why we bother to make it. ... (check-in: 23b91f37 user: wyoung tags: trunk) | |
|
2023-03-02
| ||
| 17:24 | The recommendation to configure Fossil with the --static flag is semi-obsolete, and the following advice to look further down in the same document for the Docker workaround was wholly obsolete since moving all of this into the dedicated containers.md doc. Fixed all this up, and linked to the "why" answers on Stack Overflow about all of this in a few more places. ... (check-in: d282e42c user: wyoung tags: trunk) | |