We need to support two different read-only FS scenarios:
Full install at build time, no dynamic installs: in this case /opt/containerbase will be fully prepopulated, so cannot be mapped to a Volume, so needs to be read-only after build.
No/minimal install at build time, all dynamic installs: in this case /opt/containerbase should be mapped to a Volume and assumed to be empty at the beginning.
To support the first one in particular, we should coerce all package manager caches to a location in /tmp, proposed: /tmp/containerbase/cache. We should also assume in both scenarios above that either /tmp or /tmp/containerbase is mapped to a Volume and empty to begin with.
Ideally we can coerce all package managers to use our custom cache location through environment variables, and then Renovate does not need to set/override these when calling package managers through child processes.
rarkins
commented
1 month ago
We need to support two different read-only FS scenarios:
Full install at build time, no dynamic installs: in this case
/opt/containerbasewill be fully prepopulated, so cannot be mapped to a Volume, so needs to be read-only after build.No/minimal install at build time, all dynamic installs: in this case
/opt/containerbaseshould be mapped to a Volume and assumed to be empty at the beginning.To support the first one in particular, we should coerce all package manager caches to a location in
/tmp, proposed:/tmp/containerbase/cache. We should also assume in both scenarios above that either/tmpor/tmp/containerbaseis mapped to a Volume and empty to begin with.Ideally we can coerce all package managers to use our custom cache location through environment variables, and then Renovate does not need to set/override these when calling package managers through child processes.