-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker 4.0.0 - What Changed? (Request for feedback) #436
Comments
My most important use case is a smooth (and working) interface to explicitly specify the platform of the build image, e.g.
(Whether the setting goes under |
Super excited about this! |
I believe we can close this issue and/or refer users to the release notes? |
My agency and myself have been using I'll make a few comments for the sake of progress:
I do believe that putting the digest here makes more sense, and it identifies the image uniquely whereas the image name doesn't necessarily At the very least, it'd be nice to have
Well, that's kind of an issue for us. In my opinion, you don't want to keep automatically-generated docker images in your local docker registry as it pollutes a lot. In 3.x, there were a lot of Before working with Pulumi, I used to do CLI scripts like this: # Build the image with a humanly readable name
docker build . --tag my-org/foo
# Tag the image before pushing it to the registry
docker tag my-org/foo 123456789012.dkr.ecr.eu-west-1.amazonaws.com/foo
# Push to AWS ECR
aws ecr push 123456789012.dkr.ecr.eu-west-1.amazonaws.com/foo
# Untag the ECR image to clean up the local namespace
docker rmi my-org/foo 123456789012.dkr.ecr.eu-west-1.amazonaws.com/foo The idea behind it was that the build artifacts should be cleaned up to improve the Developer Experience, making sure you don't have to regularly browse through images manually. So, in that regard, 4.0 is a step forward (no more
It would be great if you could also add the https://docs.docker.com/build/cache/backends/gha/ 🙏 In short, our xmas list is:
That being said, I think you did an outstanding job already releasing 4.0 🚀 |
It isn't immediately clear to me how I can inform Pulumi that the underlying files changed and that the image should be re-built and pushed. Can you elaborate? Here's a sample code: new docker.Image("image", {
imageName: pulumi.interpolate`gcr.io/${gcp.config.project}/service:${env}`,
build: {
context: "../service",
target: "production",
platform: "linux/amd64",
},
}).imageName |
My understanding is that It then forms a digest of all the hashes in more or less the same way that docker's own engine would, and that digest serves as a diff : if no file has changed then the digest is the same and no diff appears |
If that is the case, then it isn't working for me on v4.2.1 and with GCR. |
In case anyone else if feeling lost, here's the helper code that I ended up writing. It generates a hash of the directory as a unique identifier. const hash = await calculateDirectoryHash("../service");
new docker.Image("nextjs-image", {
imageName: pulumi.interpolate`gcr.io/${gcp.config.project}/service:${env}-${hash}`,
build: {
context: "../service",
target: "production",
platform: "linux/amd64",
},
});
// …
import * as hasha from "hasha";
import * as ignore from "ignore";
async function calculateDirectoryHash(dir) {
const ig = ignore.default();
const gitignorePath = path.join(dir, ".gitignore");
try {
await fs.access(gitignorePath);
const gitignoreContents = await fs.readFile(gitignorePath);
ig.add(gitignoreContents.toString());
} catch (error) {
// If file does not exist, do nothing
}
const dirContent = await fs.readdir(dir);
const validContent = dirContent.filter((file) => !ig.ignores(file));
const hashes = await Promise.all(
validContent.map(async (item) => {
const itemPath = path.join(dir, item);
const stat = await fs.stat(itemPath);
if (stat.isDirectory()) {
// If the item is a directory, recurse into it
return calculateDirectoryHash(itemPath);
} else {
// If the item is a file, hash its content
return hasha.fromFile(itemPath, { algorithm: "sha256" });
}
})
);
// Hash the concatenated hashes of all items in the directory
return hasha(hashes.join(""), { algorithm: "sha256" });
} I do feel like I'm going in circles here and that there should be a native way to do this. |
@gunar have you tried a minimal reproduction of your issue? The built-in system usually works for me -- does not try to rebuild images unless files have changed. Perhaps there is a configuration fix. |
@gunar can you create an issue with a repro, ideally a GitHub repository containing a Pulumi program & steps to reproduce by modifying a file? We do know there are some issues with dockerignore behavior, and we're looking into that. |
Closing this issue out, as the Docker 4.0.0 release (and several additional minor version updates) have been shipped now, and most of the topics raised on this thread have been addressed. For any additional feedback, please do open issues to track! |
Apparently I should be using |
Hello and welcome to pulumi-docker 4.x.x preview! 🎉
Here is a summary of the changes that are being made for you to try out and report back on.
Be aware that some of the features from 3..x.x may not have made it into this version yet; it is helpful to us if you let us know which ones you cannot live without. Feature requests welcome! Please use the
v4.x.x
tag when doing so. 🙏v4.0.0-alpha.0
Deprecated (not in schema):
[localImageName](https://www.pulumi.com/registry/packages/docker/api-docs/image/#localimagename_nodejs)
- please useimageName
in combination withskipPush: true
[digest](https://www.pulumi.com/registry/packages/docker/api-docs/image/#digest_nodejs)
[id](https://www.pulumi.com/registry/packages/docker/api-docs/image/#id_nodejs)
Soft deprecated (in schema, but no functionality)
[env](https://www.pulumi.com/registry/packages/docker/api-docs/image/#env_nodejs)
- takes any field you like, does nothing. UseBuilderVersion
insteadNot feature complete
[extraOptions](https://www.pulumi.com/registry/packages/docker/api-docs/image/#extraoptions_nodejs)
- we need to implement all former CLI flags explicitly. Feedback requested! We will also set these explicitly as buildArg options, not a grab bag.CacheFrom
andstages
` - coming soontarget
- coming soonMigrating
localImageName
is deprecated. You can build any image usingimageName
. You may setskipPush
to true if you do not wish to push your image to a registry.ImageRegistry
is nowRegistry
.new DockerBuild
you will need to migrate tonew DockerBuildArgs
.DockerBuildArgs
and useDockerBuildArgs
instead ofDockerBuild
to construct a new Docker build object.Id
output field is currently the same as the Image name. This may be subject to change.The new stuff!
pulumi up
; instead, it will trigger anupdate
only on changes to your Pulumi program. See thoughts on implementing ReadLatest on default branch
The text was updated successfully, but these errors were encountered: