-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Publish windows lifecycle images #326
Comments
Some thoughts after experimenting a bit with this today:
|
I was wondering if, instead of using a Dockerfile, we should write a simple program in go. Given the ecosystem of helpers we have for generating images it shouldn't be too difficult. I think it would make it easy to make and test changes if we do things like add new labels. |
Ah, that's an interesting idea. We could look into it. I wonder if we'd still need to enable experimental features in the daemon to create the manifest list. It seems that updating the |
I may have been confused... it seems that to enable the manifest list experimental feature we just need to update the config.json, which should be possible. |
I started looking into this today - the most complicated piece (I believe) will be extracting the downloaded lifecycle tgz into a layer tar format. |
Apologies for the late chime-in. Having this in a standalone utility should work well, though extracting that One potential concern right now though is that we haven't solved baselayer-less images yet for Windows (e.g. we haven't made The gist of that problem is that the Windows daemon will only pull/store images that have 6 specific files in the bottom-most layer (details). I only discovered this experimentally and it is not documented in moby, the OCI spec nor is it an issue for registries, just for Windows Docker daemons (not sure about containerd/k8s). My ideal hope is that we'll be able to solve that without adding these 6 special files to any images (just have pack/lifecycle dynamically add those files before they land on the daemon). If that approach doesn't work, we'll need to add these special files to every single-layer Windows image that we publish (likely as a second layer that pack/lifecycle discards). This latter approach would probably have to be spec'd out and all that. The work to drive this out is coming up after our main But with all that said, I don't feel like the work for lifecycle images has to be blocked since the registries can store the these images and |
After discussion with @ameyer-pivotal , it feels like scenarios having manifests lists with mixed OSes won't be very common (if even possible), so we can disregard for now. |
After some experimentation and discussion with @ameyer-pivotal, the easiest first iteration of lifecycle images that we could think of would be to use Using that would guarantee the lifecycle image could be pulled to a daemon (1809 can be pulled to any Windows daemon, even newer ones), and since it's a foreign layer, the base layer's data would never actually "live" on the registry. What would you all think about that approach? |
That makes sense to me. Unlike Because of the more complex labeling logic required by multi-api support I went ahead and implemented an image generating helper in #347 - https://github.com/buildpacks/lifecycle/pull/347/files#diff-42bf4cd03a39193c16208248a0c2e7d30 .I also changed the packaging logic (also b/c of the API changes). The new |
Fork with working GHA for creating the Windows image: https://github.com/natalieparellano/lifecycle/runs/949910201?check_suite_focus=true Now on to the manifest list part... |
Current approach using the docker cli to create the manifest list: https://github.com/natalieparellano/lifecycle/actions/runs/196468263 It created the images here: https://hub.docker.com/repository/docker/natalieparellano/lifecycle/tags?page=1 Tested them out on both platforms, they work :) |
Latest images available at |
Lifecycle
0.9.0
will support windows. We need to publish windows lifecycle images to enable platforms likepack
to use untrusted windows builder images.I think we should make the
buildpacksio/lifecycle:0.9.0
tag point to a manifest list that includes manifests for both linux and windows images. Then when the tag is pulled the correct image for the docker daemon platform will be resolved. In addition, we may want to publish simple os specific tags pointing to the individual manifests (the golang image tags provide a good example of this pattern https://hub.docker.com/_/golang).It's also worth noting that the windows lifecycle image will need to include foreign layers (media type:
application/vnd.docker.image.rootfs.foreign.diff.tar.gzip
). We probably don't need to do anything special to make this happen if we use either aDockerfile
orggcr
to produce these images.The text was updated successfully, but these errors were encountered: