[new release] obuilder and obuilder-spec (0.2) #17900
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CHANGES: - Add support for nested / multi-stage builds (@talex5 ocurrent/obuilder#48 ocurrent/obuilder#49). This allows you to use a large build environment to create a binary and then copy that into a smaller runtime environment. It's also useful to get better caching if two things can change independently (e.g. you want to build your software and also a linting tool, and be able to update either without rebuilding the other). - Add healthcheck feature (@talex5 ocurrent/obuilder#52). - Checks that Docker is running. - Does a test build using busybox. - Clean up left-over runc containers on restart (@talex5 ocurrent/obuilder#53). If btrfs crashes and makes the filesystem read-only then after rebooting there will be stale runc directories. New jobs with the same IDs would then fail. - Remove dependency on dockerfile (@talex5 ocurrent/obuilder#51). This also allows us more control over the formatting (e.g. putting a blank line between stages in multi-stage builds). - Record log output from docker pull (@talex5 ocurrent/obuilder#46). Otherwise, it's not obvious why we've stopped at a pull step, or what is happening. - Improve formatting of OBuilder specs (@talex5 ocurrent/obuilder#45). - Use seccomp policy to avoid necessary sync operations (@talex5 ocurrent/obuilder#44). Sync operations are really slow on btrfs. They're also pointless, since if the computer crashes while we're doing a build then we'll just throw it away and start again anyway. Use a seccomp policy that causes all sync operations to "fail", with errno 0 ("success"). On my machine, this reduces the time to `apt-get install -y shared-mime-info` from 18.5s to 4.7s. Use `--fast-sync` to enable to new behaviour (it requires runc 1.0.0-rc92). - Use a mutex to avoid concurrent btrfs operations (@talex5 ocurrent/obuilder#43). Btrfs deadlocks enough as it is. Don't stress it further by trying to do two things at once. Internal changes: - Improve handling of file redirections (@talex5 ocurrent/obuilder#46). Instead of making the caller do all the work of closing the file descriptors safely, add an `FD_move_safely` mode. - Travis tests: ensure apt cache is up-to-date (@talex5 ocurrent/obuilder#50).
talex5
force-pushed
the
release-obuilder-0.2
branch
from
18fb99e
to
f40d43a
Compare
|
The CI failures are due to |
Fixed in #17901 All green now, thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Run build scripts for CI
CHANGES:
Add support for nested / multi-stage builds (@talex5 Rename
stagetype totocurrent/obuilder#48 Add support for nested / multi-stage builds ocurrent/obuilder#49).This allows you to use a large build environment to create a binary and then
copy that into a smaller runtime environment. It's also useful to get better caching
if two things can change independently (e.g. you want to build your software and also
a linting tool, and be able to update either without rebuilding the other).
Add healthcheck feature (@talex5 Add a healthcheck feature ocurrent/obuilder#52).
Clean up left-over runc containers on restart (@talex5 Clean up left-over runc containers on restart ocurrent/obuilder#53).
If btrfs crashes and makes the filesystem read-only then after rebooting there will be stale runc directories.
New jobs with the same IDs would then fail.
Remove dependency on dockerfile (@talex5 Remove dependency on dockerfile ocurrent/obuilder#51).
This also allows us more control over the formatting
(e.g. putting a blank line between stages in multi-stage builds).
Record log output from docker pull (@talex5 Record log output from docker pull ocurrent/obuilder#46).
Otherwise, it's not obvious why we've stopped at a pull step, or what is happening.
Improve formatting of OBuilder specs (@talex5 Improve formatting of OBuilder specs ocurrent/obuilder#45).
Use seccomp policy to avoid necessary sync operations (@talex5 Use seccomp policy to avoid necessary sync operations ocurrent/obuilder#44).
Sync operations are really slow on btrfs. They're also pointless,
since if the computer crashes while we're doing a build then we'll just throw it away and start again anyway.
Use a seccomp policy that causes all sync operations to "fail", with errno 0 ("success").
On my machine, this reduces the time to
apt-get install -y shared-mime-infofrom 18.5s to 4.7s.Use
--fast-syncto enable to new behaviour (it requires runc 1.0.0-rc92).Use a mutex to avoid concurrent btrfs operations (@talex5 Use mutex to avoid concurrent btrfs operations ocurrent/obuilder#43).
Btrfs deadlocks enough as it is. Don't stress it further by trying to do two things at once.
Internal changes:
Improve handling of file redirections (@talex5 Record log output from docker pull ocurrent/obuilder#46).
Instead of making the caller do all the work of closing the file descriptors safely, add an
FD_move_safelymode.Travis tests: ensure apt cache is up-to-date (@talex5 Travis tests: ensure apt cache is up-to-date ocurrent/obuilder#50).