-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support building Docker images #42
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few gotchas to watch out for
src/mach/pack/alpha/jib.clj
Outdated
(defn jib [{::tools-deps/keys [paths lib-map]} {:keys [image-name image-type tar-file base-image target-dir main]}] | ||
(println "Building" image-name) | ||
(-> (Jib/from base-image) | ||
(.addLayer (into [] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think libraries need to be run through elodin, otherwise:
[foo/core "1.0.0"]
, and[bar/core "1.0.0"]
both have the filename "core-1.0.0.jar", which means you miss one from the classpath (or get an exception, not sure what jib does)- Git dependencies are likely to use
src
as their folder name, this means conflicts again, but also that you have no identification of where they came from.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you! Now I understand the need for elodin :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name is a bit silly, it's a bit of a joke referencing a book, the king killer Chronicle.
src/mach/pack/alpha/jib.clj
Outdated
paths) | ||
(.build))) | ||
(.setEntrypoint (into-array String ["java" | ||
"-cp" (str/join ":" (cons (str target-dir "/*") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately, using "*" only utilizes .jar files, and ignores directories (which would be brought in by git dependencies).
This is a frustrating limitation I've run into before.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, thanks for the tip! :)
Thanks for the comments, I'll fix these and test a bit more with libs with same artifact name and git libs. I also thought that a progress bar (like docker build has) would be good especially while working with remote registries. Seems that this could be done with jib-core events. Thinking that progrock might be a good dependency-free library for rendering a progress bar. |
No problem with a progress bar! Especially if this is a little slow. |
So that paths to directories or libraries inside the container would not collide.
Status bar can be disabled via -q Verbose prints can be enable via -v
Added path munging for library jars, dirs and project dirs, and added a progress bar (can be disabled with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking great.
I think it might be worth adding support for -J
and -O
(either now or in the future) to this builder, what do you think?
Thanks! Some thoughts below (sorry for long post :) tl;dr, maybe At first I thought Another thing that I noticed in jib-faq was Java agents. The Maven/Gradle plugins have option to add files relative to container root, which helps when making a Jib packages to A user coud be set via setUser and seems that distroless images have a |
I agree that I wouldn't primarily keep these settings in deps.edn. My general approach (and the reason pack doesn't have a pack.edn yet) is to create a If we support JAVA_TOOL_OPTIONS then I'm more than happy. It was just an omission I was worried about. I agree that -e needs to be different for this runner. Is the src:dest format that docker uses appropriate here? Glad to see alignment with jib as much as possible. Thanks for the deep dive and reference. |
Thanks for the guidance! I hope I'm not swamping you with this :) Maybe we need both |
Went ahead and tried out |
Fantastic, there's something great here. This has been really easy to review, thank you for your contribution. I'll have another look over before I merge, are you happy that this is finished now? |
It has been a pleasure to work on this, thank you :) Sounds great, I think I'm ok with the current state, would be good if someone else also tries this out to get feedback. Ideas discussed in the PR are good further development material :) |
Hi! I was thinking that a demo like this might be neat, maybe linked from readme or from a tweet, since it's a bit lengthy: 0% cat deps.edn
{:paths ["src"]
:deps {ring/ring-jetty-adapter {:mvn/version "1.7.1"}}}
0% cat src/run_app/main.clj
(ns run-app.main
(:require [ring.adapter.jetty :as jetty]))
(defn handler [_]
{:status 200
:headers {"Content-Type" "text/plain"}
:body "Hello World"})
(defn -main [& _]
(jetty/run-jetty handler
{:port (or (some-> (System/getenv "PORT")
(Integer/parseInt))
3000)}))
0% # First deploy is slower, since base layer needs to be pushed
0% clj -A:pack mach.pack.alpha.jib --image-name eu.gcr.io/tiuhti/run-app --image-type registry -m run-app.main
Building eu.gcr.io/tiuhti/run-app
[================================================= ] 98/100 00:37
0% gcloud beta run deploy run-app --image eu.gcr.io/tiuhti/run-app --region us-central1
Allow unauthenticated invocations to [run-app] (y/N)? y
Deploying container to Cloud Run service [run-app] in project [tiuhti] region [us-central1]
✓ Deploying new service... Done.
✓ Creating Revision...
✓ Routing traffic...
✓ Setting IAM Policy...
Done.
Service [run-app] revision [run-app-00999eb5-debc-483a-9531-569dc2ff0f14] has been deployed and is serving traffic at https://run-app-uia3uyq3da-uc.a.run.app
0% curl https://run-app-uia3uyq3da-uc.a.run.app
Hello World
0% # Subsequent deploys are fast, since only changes in layers are transferred
0% sed -i "" -e 's/World/World\!/' src/run_app/main.clj
0% clj -A:pack mach.pack.alpha.jib --image-name eu.gcr.io/tiuhti/run-app --image-type registry -m run-app.main
Building eu.gcr.io/tiuhti/run-app
[===================================================] 103/100 00:06
0% gcloud beta run deploy run-app --image eu.gcr.io/tiuhti/run-app --region us-central1
Deploying container to Cloud Run service [run-app] in project [tiuhti] region [us-central1]
✓ Deploying... Done.
✓ Creating Revision...
✓ Routing traffic...
Done.
Service [run-app] revision [run-app-00002] has been deployed and is serving traffic at https://run-app-uia3uyq3da-uc.a.run.app
0% curl https://run-app-uia3uyq3da-uc.a.run.app
Hello World! |
That demo would make a good https://asciinema.org/ and those link quite nicely in github readmes. |
Adds support for building to Docker image directly via Jib. Uses the jib-core API and supports local Docker daemon, tarball and remote registries.