Giter Site home page Giter Site logo

dosimont / guix Goto Github PK

View Code? Open in Web Editor NEW

This project forked from metacall/guix

0.0 0.0 0.0 56 KB

Docker image for using Guix in a CI/CD environment.

Home Page: https://metacall.io

License: Apache License 2.0

Dockerfile 60.78% Shell 20.96% Scheme 18.26%

guix's Introduction

MetaCall Guix

Docker image for using Guix in a CI/CD environment.

How to use it

This image encapsulates the Guix daemon. For now, Guix does not have a daemonless option, so packaging it into a Docker image has some implications. The Guix daemon needs to fork, and forking a process during build phase is not allowed, so we have to work with it in a different way. There are two options:

  1. Running the build with Docker, using the --privileged flag and commiting the result on each step. For example, imagine we have the following Dockerfile:

    FROM metacall/guix:latest AS example

# Copy some dependencies
COPY . .

    Now we can build the image metacall/example with docker run + commit:

    # Build the base image
docker build -t metacall/example -f Dockerfile .
# Run a guix pull
docker run --privileged --name tmp metacall/example sh -c 'guix pull'
# Commit changes
docker commit tmp metacall/new-image && docker rm -f tmp
# Install some package
docker run --privileged --name tmp metacall/example sh -c 'guix package -i guile'
# Commit changes
docker commit tmp metacall/example && docker rm -f tmp
# Push the final image
docker push metacall/example

    A complete working example used in production can be found here: https://github.com/metacall/distributable

  2. Running the build with BuildKit using the buildx extension for Docker (like how it is done in this repository: https://github.com/metacall/guix/blob/e9a0e791af919ddf74349cdbb11acc325ee1b48b/Dockerfile#L73). BuildKit allows to pass extra arguments to the RUN command in the Dockerfile. With the --security=insecure flag we can allow Docker to fork while it is building. The previous example can be transformed into this:

    FROM metacall/guix:latest AS example

# Copy some dependencies
COPY . .

# Run guix pull and install dependencies
RUN --security=insecure sh -c '/entry-point.sh guix pull' \
    && sh -c '/entry-point.sh guix package -i guile'

    For building this image we need Docker v19.03 or superior and the buildx plugin:

    # Install the buildx plugin
docker build --platform=local -o . git://github.com/docker/buildx
mkdir -p ~/.docker/cli-plugins/
mv buildx ~/.docker/cli-plugins/docker-buildx

    If you have it already installed, we need to create an insecure builder (this must be run only once):

    # Create an insecure builder
docker buildx create --use --name insecure-builder --buildkitd-flags '--allow-insecure-entitlement security.insecure'

    Finally, for building the Dockerfile with the already created insecure builder, we have to run this command:

    # Build and push the image with buildx
docker buildx build -t metacall/example -o type=registry --allow security.insecure .

guix's People

Contributors

viferga avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.