Hi all! I’d like to gather some information about Docker use at build time: A) How, if at all, do you currently have Pants and Docker interacting, and B) What would you like that interaction to look like in an ideal world? [Note that I’m not talking about using Pants to build Docker images, but on using Docker at build time for consistency]. Please reply to the thread or DM me if you prefer. Really appreciate your input, which will go towards Pants improvements in this area.

Pretty much all I've ever used it is in CICD stuff where the runner is a container. And the main frustration in that situation was making a docker image with python, docker (and git?).... So pants could make more docker images (which thanks to pants/pex are hilariously simple)

I have a few small use-cases of wanting to build artifacts on systems with additional dependencies installed that I don't want to dirty my system on. For cases like running tests, I think it's appealing, but the overhead both cognitive and hypervisor-wise make me cautious. If we had more/better integration tests that relied on more system-y things like a DB running or another app, that could also be a potential win as well.

Our CI runs in a container (in self-hosted GHA runners on k8s). The container’s base image is the same as the base we use for our “prod” images, to ensure system libraries match between the build env and the prod env. We also have a script we use locally to run

./pants

goals within the CI image - we currently use this pretty much exclusively to avoid building mac-specific PEXes when building docker images locally

Oh I'm also curious on how this could interplay with a per-OS Python lockfile generator 🤔

https://github.com/pantsbuild/pants/discussions/16780 is also a recent relevant ticket