Comments (12)
Unfortunately --workspace_status_command
is fairly undocumented. I wrote a bit in #54 (comment), so I'm not going to repeat myself again here.
Kubernetes uses the stamp
attribute in docker_bundle
to use the git describe
version string as the tag.
It's a somewhat complicated example, but how we have things set up:
- We created a
.bazelrc
in our repo which runs--workspace_status_command hack/print-workspace-status.sh
on all builds. hack/print-workspace-status.sh
calls into some other scripts which munge thegit describe
into a semantic version, and then we print these values, which will be saved by bazel into thestable-status.txt
andvolatile-status.txt
files. Of note for this example is
STABLE_DOCKER_TAG ${KUBE_GIT_VERSION/+/_}
which adds a line like
STABLE_DOCKER_TAG v1.8.0-alpha.1.187_c34ee60f80acc7-dirty
into the bazel-out/stable-status.txt
file.
- Finally, in the
docker_bundle
rule we can use{STABLE_DOCKER_TAG}
for the docker tag:
docker_bundle(
name = binary,
images = {"gcr.io/google_containers/%s:{STABLE_DOCKER_TAG}" % binary: binary + "-internal"},
stamp = True,
)
(See my comment in the other issue as to why this is STABLE_DOCKER_TAG
instead of DOCKER_TAG
- basically, we want changes to this value to trigger rebuilds of the image.)
from rules_docker.
@sebgoa I'm going to open another issue to discuss this. @dlorenc and I have been thinking about this exact issue a fair amount lately and there is potentially room for collaboration.
from rules_docker.
@jmhodges Great question. Technically, this google/containerregistry
library can precompute the digest and push-by-digest, but we don't currently expose this option. Frankly, I'm not 100% certain registries other than GCR would even accept this, but why I think that is a really long story :)
You may be interesting in the stamp = True
option I just added to docker_push
. @ixdy may have some tricks on getting interesting values into the status files this consumes.
On a semi-related note, @dlorenc and I have been debating what some useful rules_k8s
might look like. Frankly, I am a die-hard advocate that K8s shouldn't be deploying using "immutable" tags and should be resolving tags to digests at a single cut-point of the deployment process. Among the rules I've wanted to experiment with is one that would allow you to bazel run :pod
to build dependent containers, publish them, and deploy a pod from a checked in yaml (substituting certain tags for published digests). This is still 100% vaporware, but I'd love to get your thoughts on directions you might find useful.
from rules_docker.
Thanks for the response!
I have some open source code that I push to Docker Hub, so support for non-gcr would be helpful.
I don't quite follow what stamp
does in the push context. I lost the thread at what --stamp-info-file
does when passed to the pusher binary (which I can't seem to find a reference to on the web).
I would love a rules_k8s rather than building my own! The k8s API doesn't seem to support using digests instead of tags, so I'm pretty focused on getting the tagging right. Being able to change the image of a deployment's container spec from a bazel target only when its dependencies change is exactly what I'd like.
from rules_docker.
(Also I might just not understand the whole of what stamping means in the bazel context, in general. The docs are a little vague about what you can do with it.)
from rules_docker.
@jmhodges You should be able to pass a digest anywhere you can pass a tag reference to K8s.
re: DockerHub
All of this should support DockerHub, but we make you specify the domain they use as-if they were any other registry. See the docs, but registry = "index.docker.io"
is what you want.
re: stamping
Basically, if you pass stamp = True
to docker_push
or docker_bundle
you can pass variables to name components and we will substitute some values for them. If you add the option and look under bazel-out
I think you will see stable-status.txt
and volatile-status.txt
, which should give you an indication of the variables available (I believe you can augment this, but @ixdy has a bit more experience with this than me). I realized yesterday that this didn't make it into the README.md
when I recently added it to docker_push
, so I'll open a separate issue to track this. Not the best, but see here for an example.
from rules_docker.
Ah, cool, so it's for including data that's globally available, but not for specific targets. Thanks and too bad!
from rules_docker.
@jmhodges I wanted to follow up and see whether there was still anything actionable left here that you wanted to see us implement? I'm about to look at improving the stamping documentation in the README
.
from rules_docker.
@mattmoor don't want to hijack the issue, but picking up on your k8s rules idea above. What I am trying to do is make a build within a Pod and push to a private registry. So that I can run my container builds as k8s jobs.
I might open another issue, but roughly speaking the assumption is that I don't have bazel or docker locally, the builds are triggered by a k8s controller when I create a TPR object. It is for creating custom runtime for http://kubeless.io/.
from rules_docker.
(to be clear, not the TPR aspect, but the runtime bit)
from rules_docker.
I think everything from this thread is covered by the other issues, so closing.
from rules_docker.
Ugh, sorry, I keep meaning to come back here and mention that I had to fork docker_push in order get it to read the image tag from a file so I could do the shasum work using bazel's APIs.
I'm doing images the k8s-approved way and it simplifies a lot of re-building-and-deploying-every-commit problems without a lot more CI infra. Okay, have a good day!
from rules_docker.
Related Issues (20)
- When sandbox network is disabled rules_docker rules cannot communicate with docker daemon HOT 1
- Multi-Architecture Support for container_run_and_commit HOT 1
- Shelless invocation for container_run_and_commit HOT 1
- Support multiple python versions in py3_image's py_binary HOT 1
- Support image labels/annotations HOT 1
- Default to Bazel target architecture HOT 2
- Bad timezone for Marocco with @go_image_base//image
- Use binary output from go_binary for go_image
- `container_run_and_extract` does not work with Podman HOT 1
- How to properly use dockerfile_image? HOT 4
- How to get the coredump file in container?
- Sporadic failures of `wrong number of hex digits for sha256`
- The `workdir` for `cc_image` is not the runfiles directory by default.
- go_image always builds for linux/amd64 irrespective of host platform
- rules_nodejs and rules_docker conflict
- container_pull failed for images layers with MediaType "application/vnd.docker.image.rootfs.diff.tar"
- portable_mtime for py3_image
- Support Native Bazel Tags for Build Querying
- py3_image: No Matching Toolchains Found
- rules_docker fails to build with HEAD bazel
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rules_docker.