dotnet-issue-labeler[bot]
commented
1 year ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Closed mthalman closed 5 months ago
dotnet-issue-labeler[bot]
commented
1 year ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
mthalman
commented
1 year ago [Triage] It's not known whether there are any other parts of Image Builder that would need to be updated to support this configuration. It's only known at this point that the Build command is affected: https://github.com/dotnet/dotnet-buildtools-prereqs-docker/pull/832#issuecomment-1489274912
mthalman
commented
5 months ago There's a greater need for this due to the crossdeps Dockerfiles for Azure Linux/Mariner.
We're wasting time pushing very large images and generating SBOMs for them. For example, azurelinux-3.0-crossdeps-builder is about 3GB compressed. This would also reduce the vulnerability scanning that needs to be done.
lbussell
commented
5 months ago [Triage] Before proceeding, we should determine how long this image takes to build, if this image is ever cached in any builds, and if having the image cached could provide us some value over building it locally every time we use the image.
mthalman
commented
5 months ago It takes about 1 hr 10 mins to build azurelinux-3.0-crossdeps-builder.
lbussell
commented
5 months ago [Triage] It's not clear whether the crossdeps images are worth building local-only since they take so long to build. Since it's not clear we should leave this as-is for now until there's another compelling reason to implement this feature.
Image Builder doesn't currently support a Dockerfile being configured as "local-only" (meaning the manifest defines all of its tags as
isLocal = true). Attempting to do so leads to this issue: https://github.com/dotnet/dotnet-buildtools-prereqs-docker/pull/832#issuecomment-1489274912An image defined this way would be built locally and could be referenced by other Dockerfiles but the built image wouldn't be published.
Such a Dockerfile can be useful to define shared state that is needed by derived images that do get published or as a common "builder" image. This is the case in the https://github.com/dotnet/dotnet-buildtools-prereqs-docker repo with the Mariner crossdeps-builder Dockerfile. Its used as builder image for several derived Dockerfiles in order to produce those images. But since it's a builder image, it doesn't actually need to be published itself. Because of this limitation in the infrastructure, it needed to be defined with actual tags which forces it to be published (e.g. https://github.com/dotnet/dotnet-buildtools-prereqs-docker/blob/4485000b802f82a8bbc4222f5c4e37546e3855e2/src/cbl-mariner/manifest.json#L68-L69).