Docker build tip #2692
Docker build tip #2692
Conversation
humitos
added
PR: work in progress
I agree with that, but I didn't find another (better) way yet. On the other hand, the RTD image could have more pre-defined users with a couple of gid and uid (1000-1005, for example, since they are really common). I don't know. |
agjohnson
added
PR: work in progress
|
2 different ideas to fix the docker/developer workflow:
cc @agjohnson |
|
I'm just adding this here to keep it together in the same place since I had to modify my old hack to allow conda. So, this is my new hacky # Read the Docs - Environment base
FROM readthedocs/build:2.0
MAINTAINER Manuel Kaufmann <[email protected]>
LABEL version="humitos"
USER root
# UID and GID from readthedocs/user
RUN groupadd --gid 1000 humitos
RUN useradd -m --uid 1000 --gid 1000 humitos
USER humitos
# Install miniconda as humitos user
WORKDIR /home/humitos
RUN curl -O https://repo.continuum.io/miniconda/Miniconda2-4.3.11-Linux-x86_64.sh
RUN bash Miniconda2-4.3.11-Linux-x86_64.sh -b -p /home/humitos/miniconda2/
# we can't just use ENV and prepend our own conda since 'python2.7'
# will be taken from there and `virtualenv` is not installed. So, it fails.
# http://stackoverflow.com/questions/11650840/linux-remove-path-from-path-variable
RUN export PATH=`echo $PATH | sed -e 's/:\/home\/docs\/miniconda2\/bin\/$//'`
ENV PATH=$PATH:/home/humitos/miniconda2/bin
# Add conda-forge channel with the highest channel priority
RUN conda config --add channels conda-forge
CMD ["/bin/bash"] |
agjohnson
added
PR: work in progress
|
We still don't have a better solution for this and it's the setup that I'm using to develop but I think, as Anthony said, this shouldn't be like this (the default option to develop), but on the other hand, we don't have anything else. Should I close this PR? @agjohnson is your setup with a better choice to suggest to newcomers? @ericholscher what's your setup? is it shareable or it's more complex? |
|
I just.. run docker? I don't have anything special I don't think about the users in my setup. |
|
Mmm... This is weird then. Why it does just work for you but not for me or other people? I'd like to have more information / talk about your setup or something because "just run docker" doesn't work on my Ubuntu nor Archlinux and I think it didn't work for Anthony also running OSX and I think that's why he uses Vagrant. 😕 |
|
@humitos, in my case, it works well on Windows 10 using MinGW64 (MSYS2). See #48. Indeed, it is a VM, so I suppose it's the same case as Anthony's Vargrant. However, it does not work in a Travis job (which is Ubuntu Trusty): https://travis-ci.org/1138-4EB/ghdl/jobs/320951163 Just out of curiosity, why are you adding a BTW, I fixed it by ensuring that each user writes only to directories which are already owned, and accesses any other directory with read-only permissions. I.e., I used |
|
hi @1138-4eb
I didn't create the docs user, it comes with the original RTD docker image. I created my own user inside the docker image ( This docker image is used by the |
|
@humitos After having some issues with virtualbox, I decided to give Docker for MacOS a try again. It seems to work pretty well now, so I've be using that. Like @ericholscher said, this solution just works, I don't worry about permissions or anything, it just runs. @1138-4eb we need the I think as we discussed in another PR, a |
If we all agree on this, I can create a PR with this and update the docs. Besides, it seems that this will be only necessary in Linux so I add a note about this. |
Where can I find the readthedocs code that uses the image with a given project? I.e. clone a repo with a
Where can I find info about those problems? Can
As explained above, you should be able to execute commands as two non-privileged users, one inside the container and a different one outside. It is 'cleaner' if each of them can only modify it's own sources, because it avoids the container modifying external resources which should not be touched, or generating auxiliary files that should not be left in the base repo. |
|
@humitos thoughts on this? I'm considering closing it, since it's quite old, but if it should be merged, we should do something with it :) |
This is necessary as permissions are all incorrect on the paths that are shared between the host system and the Docker build container. Closes #2692
|
I automated this in #4608, we can probably proceed there |
|
Closing this in favor of #4608 |
This is necessary as permissions are all incorrect on the paths that are shared between the host system and the Docker build container. Closes #2692
* Add a contrib Dockerfile for local build image on Linux This is necessary as permissions are all incorrect on the paths that are shared between the host system and the Docker build container. Closes #2692 * Use always latest image to build the Docker image * Make image label configurable in docker build script This re-reverts back to using label for some of the dockerfile. Also, instead of creating a group, we simply groupmod the existing docs group. This doesn't address the configuration changes necessary for development images yet. * Update command call for docker_build.sh * Add configuration option that patches the docker image names in development This setting can be used from local_settings.py, and signifies that you have run ``docker_build.sh`` to build local development images that replace the UID/GID.
I found a solution for my issue regarding local permissions between my host machine and the docker container and I added a Tip inside the docker section.
Fixes one of the issues reported at #2658