-
Notifications
You must be signed in to change notification settings - Fork 362
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add chown to COPY commands to reduce layer count #969
Conversation
Thanks for submitting your first pull request! You are awesome! 🤗 |
Thanks! Linking up to previous discussions: This closes #164 and is an expansion of #861. The missing piece brought up in #861 was that using ARGs for username in chown means requiring docker 19.03, which was a little more recent than we wanted to force. Since we are already templating, using a template variable for NB_USER instead of env variable would let us do this in a way that works back to 17.09. Want to take a stab at that? Then I think we can land this one. |
repo2docker/buildpacks/base.py
Outdated
@@ -100,7 +100,7 @@ | |||
{% if build_script_files -%} | |||
# If scripts required during build are present, copy them | |||
{% for src, dst in build_script_files|dictsort %} | |||
COPY {{ src }} {{ dst }} | |||
COPY --chown=${NB_USER}:${NB_USER} {{ src }} {{ dst }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
adding NB_USER as a template variable in addition to build arg will allow us to do {{ NB_USER }}
here and support docker engine back to 17.09 instead of requiring 19.03.
Thanks for the awesome, thorough response. of course y'all know about all this stuff, and 👻 me for not scrolling down. this updates it to a jinja var, and also moved the magic 1000 up to one spot... as well as some notes with some of the information gleaned from the above. from a docs perspective, perhaps there is a good place I can add some docs like: ## Minimum Supported Docker Engine Version
To support the current flagship deployments, `repo2docker` currently requires Docker engine 17.09+.
Newer language features should be avoided until they are generally available on <platform, platform...> This could be a separate, docs only PR... |
Another thing I'm thinking about while digging around in the templates... way out of scope for this PR, but... If the script object got a little fatter, and knew about its own files, they could be added "just in time". Further, multiple files headed for the same destination could be copied in a single layer For example, So something like: apt = Script(
files={"/tmp/": ["apt.txt"]},
directives=["RUN apt-get install /tmp/apt.txt"],
) consumed like... {% for script in stage_scripts %}
{% for file in script.files %}
{% for src, dst in script.files|dictsort %}
COPY --chown={{ user }}:{{ user }} [{% for s in src %}{{ s }},{% endfor %}] {{ dst }}
{% endfor -%}
{% for s in script.directives %}
{{ directive }}
{% endfor %}
{% endfor %} |
Nice work actually implementing this. We might have known about this but apparently never got around to doing something about it :D 👍 on the docs only PR The idea from #969 (comment) also needs a new issue/PR because (at least I) need a bit more explanation to understand what and why this would work. |
Awesome, thanks for finishing this one! |
Hooray! A pleasure working with you kind folks.
Re: that Script thing: I'll try to put something together that demonstrates
it better...
|
Hi folks, thanks for repo2docker! ❤️
In the generated Dockerfile, this combines a number of
COPY
and subsequentUSER
andRUN chown
calls with theCOPY --chown
syntax.Anecdotally, this seems to reduce the layer count a good deal: 45 vs 53 for one of the first tests that runs with just an
environment.yml
... my tests are still chugging, so I don't have a bunch of other data points, bless CI!I haven't assessed the impact to size, but I would image it would result in a 2-1 reduction, as the
chown
ed files are, to my knowledge, copied in the subsequent layer. Can't hurt to look!closes #164
closes #861