Open ed-randall-blk opened 3 months ago
pangeo/base-image Dockerfile contains a number of ONBUILD instructions to help the developer with standard installs of additional packages etc. Unfortunately, none of these work in certain corporate environments where an SSL inspection proxy is used.
We've never had a problem with this on JupyterHubs deployed by this project or by 2i2c. So I'm afraid it won't be a priority to add workarounds here, but pinging @consideRatio for awareness.
A preBuild step similar to the existing postBuild would be provide a useful point where we could configure the additional certs, proxy environment config, and anything else required before apt-get package installation can succeed.
Interesting idea, thanks for sharing. We have generally tried to stick to the standard repo2docker definition files https://repo2docker.readthedocs.io/en/latest/config_files.html. But of course one nice aspect of using the pangeo base-image instead of repo2docker's approach of dynamic docker image creation is that you can fork this repository and do all the ONBUILD or other docker command customizations you need!
Thankyou for the repo2docker info. It seems that they've never had an issue either, presumably because the standards authors have no experience of dealing with corporate firewalls either. Which is why I raised the issue. I'll go over there and raise the same about a preBuild hook.
The first ONBUILD step which handles apt.txt
can never work because there's no way for me to pre-set the proxy env needed. Of course we can fork but that's always the solution of last resort.
Is your feature request related to a problem? Please describe. pangeo/base-image Dockerfile contains a number of ONBUILD instructions to help the developer with standard installs of additional packages etc. Unfortunately, none of these work in certain corporate environments where an SSL inspection proxy is used. We see errors from the ONBUILD steps like:
Describe the solution you'd like A
preBuild
step similar to the existingpostBuild
would be provide a useful point where we could configure the additional certs, proxy environment config, and anything else required before apt-get package installation can succeed.Describe alternatives you've considered As a workaround we have to forego the convenience of the provided ONBUILD steps and repeat the same logic in our own Dockerfile which builds FROM pangeo/base-image. We've considered forking pangeo/base-image into our own repo to make these changes possible.
Additional context Possible code for the
preBuild
hook (untested): (Insert at line 117 of https://github.com/pangeo-data/pangeo-docker-images/blob/master/base-image/Dockerfile between existing ONBUILDChecking for binder
andChecking for apt.txt
)