[Rpm-maint] [rpm-software-management/rpm] RFE: Standardize on OCI images for test-suite, even locally (Issue #2643)
Michal Domonkos
notifications at github.com
Thu Sep 7 14:11:07 UTC 2023
To summarize again, these are our options to resolve the ticket:
### 1) No change, keep the native & podman backends
Image building:
* Done by a host specific script, typically with a native package manager (DNF/Zypper/...)
Container layering:
* Host and per-test isolation is done with Bubblewrap & OverlayFS
Pros:
* Iterative `make shell` development, without needing to throw the container away on each rebuild
* Ability to reuse the same DNF/Zypper/... wrapper for managing software in the test tree in `make env`
* Pristine image with no pre-existing RPM artifacts or unwanted software
* Separate backends optimized for different use cases (native development vs. portability)
Cons:
* Possibly more maintenance due to the use of the native package manager
* More complicated to support other hosts natively (e.g. OpenSUSE)
### 2) Use an OCI base image
Image building:
* Done by Podman/Docker using a host specific Dockerfile
Container layering:
* Host and per-test isolation is done with Bubblewrap & OverlayFS
Pros:
* Standard base image format
* Easier to support other hosts
Cons:
* Less convenient `make env` (no host specific package manager wrapper, needs manual use, e.g. `dnf --installroot=$RPMTEST` works but is not optimal, needs more options for local cache reuse or to suppress warnings, all of which is part of `mktree.fedora` already)
* Less control over the base image (still tweakable through the Dockerfile but more work)
* Additional dependency on the host (Podman/Docker)
### 3) Use OCI for full image & container management
Image building:
* Done by Podman/Docker using a host specific Dockerfile
Container layering:
* Host isolation is done by Podman/Docker natively (`podman run`)
* Per-test isolation is done with Bubblewrap & OverlayFS
Pros:
* Single dependency on the host (Podman or Docker)
* Same stack locally and in CI
Cons:
* Less convenient and more complex `make env` (mounting `$RPMTEST` would require a different containerization stack than what's used in the test-suite)
* Much less useful `make shell` (user changes to the container are dropped on each RPM rebuild)
* Docker is missing a lot features, e.g. no equivalent for `podman image mount` or `podman unshare`
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2643#issuecomment-1710226738
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2643/1710226738 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230907/ef9410b4/attachment.html>
More information about the Rpm-maint
mailing list