Hi all! I’d like to gather some information about ...
# general
Hi all! I’d like to gather some information about Docker use at build time: A) How, if at all, do you currently have Pants and Docker interacting, and B) What would you like that interaction to look like in an ideal world? [Note that I’m not talking about using Pants to build Docker images, but on using Docker at build time for consistency]. Please reply to the thread or DM me if you prefer. Really appreciate your input, which will go towards Pants improvements in this area.
Replies here if you like, thanks!
Pretty much all I've ever used it is in CICD stuff where the runner is a container. And the main frustration in that situation was making a docker image with python, docker (and git?).... So pants could make more docker images (which thanks to pants/pex are hilariously simple)
I have a few small use-cases of wanting to build artifacts on systems with additional dependencies installed that I don't want to dirty my system on. For cases like running tests, I think it's appealing, but the overhead both cognitive and hypervisor-wise make me cautious. If we had more/better integration tests that relied on more system-y things like a DB running or another app, that could also be a potential win as well.
I'm also interested, I think, in running commands in docker containers as a plugin (the images would be specified in-plugin as well) 🤔
Our CI runs in a container (in self-hosted GHA runners on k8s). The container’s base image is the same as the base we use for our “prod” images, to ensure system libraries match between the build env and the prod env. We also have a script we use locally to run
goals within the CI image - we currently use this pretty much exclusively to avoid building mac-specific PEXes when building docker images locally
In an ideal world we wouldn’t need to run docker-in-docker to avoid pex incompatibilities 🙂 it’d be great if
./pants package <path/to/docker_image:target>
knew to package any dependencies for the os/arch of the target docker image instead of the host. whether that’s by running the sub-
of the
in a docker container or by changing the platform args of the pex-build process, I’m not sure
Oh I'm also curious on how this could interplay with a per-OS Python lockfile generator 🤔
🤔 1