-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ko builder design proposal draft #5611
Conversation
Codecov Report
@@ Coverage Diff @@
## master #5611 +/- ##
==========================================
- Coverage 70.64% 70.52% -0.13%
==========================================
Files 411 413 +2
Lines 15860 15982 +122
==========================================
+ Hits 11205 11271 +66
- Misses 3827 3880 +53
- Partials 828 831 +3
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some quick comments
docs/design_proposals/ko-builder.md
Outdated
- _share with other developers_: no additional tools are required to | ||
`skaffold run` with the ko builder, not even Docker. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe add a placeholder here to note that it may depend on ko
if we don't embed ko.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added
docs/design_proposals/ko-builder.md
Outdated
```go | ||
type KoArtifact struct { | ||
// Flags are additional build flags passed to the builder. | ||
// For example: `["--platform=linux/amd64,linux/arm64"]`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you choose a different example? Although users will need this for now, we'll handle platforms separately in the future.
Typically we've been exposing key config flags as explicit keys on the artifact. The docker
artifact, for example, exposes cacheFrom
(--cache-from
), network
(--network
). From a quick glance, it seems to me that we'd want to support specifying an alternative .ko.yaml
(KO_CONFIG_PATH), GOLDFLAGS
?
And possibly SOURCE_DATE_EPOCH
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I've modified this struct to include the configuration options.
A config option I left out is disable-optimizations
. This is useful when debugging, and the implementation can set this to true when the user runs skaffold debug
. I don't know yet if there are scenarios where users would want to set this to true even if not in debug mode.
// BaseImage overrides the default ko base image. | ||
// Corresponds to, and overrides, the `defaultBaseImage` in `.ko.yaml`. | ||
BaseImage string `yaml:"fromImage,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Exposing this as a separate field is great 👍
- It would allow Skaffold to support a range of ko versions. On the other | ||
hand, these versions would need to be tracked and documented. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would we need to provide a version field to allow a user to choose between them?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If Skaffold doesn't embed ko, then the ko version used would be whichever is first in the user's PATH
I think?
docs/design_proposals/ko-builder.md
Outdated
Embedding ko would require some stability guarantees for the most important | ||
interfaces that Skaffold would use: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think API stability matters as much as documented behavioural stability.
We embed Cloud Native Buildpacks' pack
as a library, and they occasionally make big changes, but provide backward and forward compatibility for at least a couple of versions. So embedding will not break users using a buildpacks builder that has updated to the newer version of pack
before we've updated our embedding.
This seems to be less of a concern with ko since there does not appear to be any independently-released dependencies.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. When I think of interface stability, I include the behavior and not just the parameters. I've added your comment on behavioral stability to make it clearer.
Updates based on feedback from @briandealwis
docs/design_proposals/ko-builder.md
Outdated
// Specify as the number of seconds since January 1st 1970, 00:00 UTC. | ||
// You can override this value by setting the `SOURCE_DATE_EPOCH` | ||
// environment variable. | ||
SourceDateEpoch unit64 `yaml:"sourceDateEpoch,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
would most users want this to be time.Now
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd expect most would leave it at 0
, for reproducible builds. That's the ko default.
The proposal doesn't actually touch on reproducible builds yet, but we could elaborate on this. ko makes reproducible builds possible, for users who care about that. It requires a reproducible build environment though (consistent paths, GOROOT
, etc) - until we add the ability to pass the go build
flags required to remove paths from the binary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a nit: we can drop this field from config and rely on plumbing through SOURCE_DATE_EPOCH
env variable for reproducible builds to the build process.
We can set it to time.Now
when the env variable is not set.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd suggest leaving the default to 0
. This is the ko default, and I see both Knative and Tekton uses this. It'd be confusing if ko behaved differently when used via Skaffold.
Your point of plumbing through envvars is good. Is there an established pattern in Skaffold for whether config in skaffold.yaml
takes precedence over external builder config (e.g., Jib config in pom.xml
/build.gradle
)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sounds good.
|
||
1. Should Skaffold embed ko (as a Go module), or shell out? | ||
|
||
Benefits of embedding: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
one more benefit: it doesn't require users to install/know anything about ko
to adopt it. this makes it easier for users to try it out simply by changing around some config in their skaffold.yaml
, rather than installing a new tool entirely.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be great to do it under the hood by prompting the user without actually them changing the artifact type. We can easily do it for IDE users. For CLI users, we can show this as a tip in skaffold diagnose
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tejal29 do you mean as part of skaffold init
?
Embedding ko would require some level of documented behavioural stability | ||
guarantees for the most ko interfaces that Skaffold would use, such as | ||
[`build.Interface`](https://github.com/google/ko/blob/82cabb40bae577ce3bc016e5939fd85889538e8b/pkg/build/build.go#L24) | ||
and | ||
[`publish.Interface`](https://github.com/google/ko/blob/82cabb40bae577ce3bc016e5939fd85889538e8b/pkg/publish/publish.go#L24), | ||
or others? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't there be some code duplication across skaffold and ko repos to create the publisher and builder object. All of this https://github.com/google/ko/blob/82cabb40bae577ce3bc016e5939fd85889538e8b/pkg/commands/publish.go#L62
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree, there would be. These seemed like the most appropriate existing interfaces. We should look into defining something at a slightly higher level in ko to avoid the duplication.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would you take up that work too ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I'll coordinate with the ko team and create the necessary PRs to do that.
docs/design_proposals/ko-builder.md
Outdated
// Specify as the number of seconds since January 1st 1970, 00:00 UTC. | ||
// You can override this value by setting the `SOURCE_DATE_EPOCH` | ||
// environment variable. | ||
SourceDateEpoch unit64 `yaml:"sourceDateEpoch,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a nit: we can drop this field from config and rely on plumbing through SOURCE_DATE_EPOCH
env variable for reproducible builds to the build process.
We can set it to time.Now
when the env variable is not set.
|
||
Please describe what new test cases you are going to consider. | ||
|
||
1. Unit and integration tests for ko builder, similar to other builders. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cross project integration tests to make sure changes to ko publish
or any used Interface does not break skaffold
|
||
1. Should Skaffold embed ko (as a Go module), or shell out? | ||
|
||
Benefits of embedding: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be great to do it under the hood by prompting the user without actually them changing the artifact type. We can easily do it for IDE users. For CLI users, we can show this as a tip in skaffold diagnose
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM after closing all open issues.
[default repo](https://skaffold.dev/docs/environment/image-registries/) | ||
maps directly to this value. | ||
|
||
### Open questions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How can skaffold debug
identify Ko images as being Go? Is there an image label or environment variable set?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can skaffold debug
look at the artifact type in skaffold.yaml
?
If not, I'd suggest looking for the KO_DATA_PATH
environment variable, which is always set.
Other options:
- look at the entrypoint, it's always
/ko-app/ko
- check if
PATH
contains/ko-app
- look at the
author
field of the image layer at the top of the stack (in the image configuration), the value will beko
.
Export functions and a variable to enable embedding of ko's `publish` functionality to be embedded in other tools. See GoogleContainerTools/skaffold#5611
Export functions and a variable to enable embedding of ko's `publish` functionality to be embedded in other tools. See GoogleContainerTools/skaffold#5611
@halvards Please merge this when you get a chance. |
I don't have write access to the repo, so someone else will have to merge for me. |
- Export functions and a variable to enable embedding of ko's `publish` functionality to be embedded in other tools. See GoogleContainerTools/skaffold#5611 - Remove DockerRepo PublishOption and flag. This removes the `DockerRepo` config option and `--docker-repo` flag from the PR. New PR with the extracted config option: ko-build#351 - Fix copyright headers for boilerplate check. - Use DockerRepo PublishOption instead of env var. - Override defaultBaseImage using BuildOptions. Remove exported package global SetDefaultBaseImage and instead allow programmatic override of the default base image using the field `BaseImage` in `options.BuildOptions`. Also fix copyright header years. - Add BuildOptions parameter to getBaseImage This enables access to BaseImage for programmatically overriding the default base image from `.ko.yaml`. - Add UserAgent to BuildOptions and PublishOptions This enables programmatically overriding the `User-Agent` HTTP request header for both pulling the base image and pushing the built image. - Rename MakeBuilder to NewBuilder and MakePublisher to NewPublisher. For more idiomatic constructor function names.
- Export functions and a variable to enable embedding of ko's `publish` functionality to be embedded in other tools. See GoogleContainerTools/skaffold#5611 - Remove DockerRepo PublishOption and flag. This removes the `DockerRepo` config option and `--docker-repo` flag from the PR. New PR with the extracted config option: ko-build#351 - Fix copyright headers for boilerplate check. - Use DockerRepo PublishOption instead of env var. - Override defaultBaseImage using BuildOptions. Remove exported package global SetDefaultBaseImage and instead allow programmatic override of the default base image using the field `BaseImage` in `options.BuildOptions`. Also fix copyright header years. - Add BuildOptions parameter to getBaseImage This enables access to BaseImage for programmatically overriding the default base image from `.ko.yaml`. - Add UserAgent to BuildOptions and PublishOptions This enables programmatically overriding the `User-Agent` HTTP request header for both pulling the base image and pushing the built image. - Rename MakeBuilder to NewBuilder and MakePublisher to NewPublisher. For more idiomatic constructor function names.
- Export functions and a variable to enable embedding of ko's `publish` functionality to be embedded in other tools. See GoogleContainerTools/skaffold#5611 - Remove DockerRepo PublishOption and flag. This removes the `DockerRepo` config option and `--docker-repo` flag from the PR. New PR with the extracted config option: #351 - Fix copyright headers for boilerplate check. - Use DockerRepo PublishOption instead of env var. - Override defaultBaseImage using BuildOptions. Remove exported package global SetDefaultBaseImage and instead allow programmatic override of the default base image using the field `BaseImage` in `options.BuildOptions`. Also fix copyright header years. - Add BuildOptions parameter to getBaseImage This enables access to BaseImage for programmatically overriding the default base image from `.ko.yaml`. - Add UserAgent to BuildOptions and PublishOptions This enables programmatically overriding the `User-Agent` HTTP request header for both pulling the base image and pushing the built image. - Rename MakeBuilder to NewBuilder and MakePublisher to NewPublisher. For more idiomatic constructor function names.
No description provided.