manifests: Split container engines and deps into sub manifests #2877
Conversation
travier
force-pushed
the
container-engine-split
branch
from
c2b894c
to
8f8a648
Compare
manifest.yaml
Outdated
| @@ -1,6 +1,7 @@ | |||
| variables: | |||
| stream: testing-devel | |||
| prod: false | |||
| podman-machine-os: false | |||
There was a problem hiding this comment.
I imagine we'll use a new stream name for the new stream. My proposal is that we make our conditional logic based on that and not a new var here.
There was a problem hiding this comment.
This has the added benefit of not requiring us to change all of our manifest.yaml files on every branch.
There was a problem hiding this comment.
There is likely going to be multiple streams, one per version of podman
There was a problem hiding this comment.
But if we define the streams exhaustively that could work. Or we can probably set a "default" value somewhere that is overridden in more top level manifest?
There was a problem hiding this comment.
I've added a variable set with a default value that can be overridden by a top level manifest.
| @@ -0,0 +1,3 @@ | |||
| packages: | |||
| - podman | |||
| - crun | |||
There was a problem hiding this comment.
any openshift/os changes we need to make because we're breaking this out into a separate manifest?
There was a problem hiding this comment.
Likely, will look at this next.
travier
force-pushed
the
container-engine-split
branch
from
8f8a648
to
fc08d93
Compare
travier
force-pushed
the
container-engine-split
branch
from
fc08d93
to
229ae0e
Compare
travier
changed the title
travier
force-pushed
the
container-engine-split
branch
from
229ae0e
to
7ad2d8f
Compare
|
Things to clarify:
|
There was a problem hiding this comment.
Things to clarify:
* Should we include/exclude runc/crun?
What you have right now looks reasonable to me. I would expect anyone using container_engines: false would want to make that choice themselves in their derived layers. (But in practice, likely they'd just let the container engine of choice pull in its dep.)
* Should we include/exclude skopeo (pulls-in container-commons)?
This is used by rpm-ostree for the container update flow.
Actually, it's a runtime dep so a minimal compose would break anyway if it were excluded.
| - | | ||
| #!/usr/bin/env bash | ||
| set -xeuo pipefail | ||
| setsebool -P -N container_use_cephfs on # RHBZ#1692369 |
There was a problem hiding this comment.
Hmm, this seems more general than a podman thing. Let's keep that bit in fedora-coreos-base.yaml?
There was a problem hiding this comment.
This requires the containers selinux policy module otherwise it fails.
travier
force-pushed
the
container-engine-split
branch
from
7ad2d8f
to
4b4f032
Compare
- Split podman, moby-engine and related packages into distinct sub-manifests - Include both container engines by default
travier
force-pushed
the
container-engine-split
branch
from
4b4f032
to
12355ea
Compare
|
This is working for me with https://github.com/travier/podman-machine-config |
|
Converted back to draft. Let's hold this while we discuss with the podman folks more. |
|
Should we close this? |
|
I think it's still worth doing, even if it's not urgent anymore. |
manifests: Split container engines into sub-manifests
sub-manifests