Integrate upstream as a fork to address Windows connection issues, build caching #537
Conversation
The Docker client connection is now initialized with better options. * In bridge schema: Removed the unix socket default value for `Host`. * In the Image resource: API version negotiation is enabled. * In the upstream Provider resource: remove an assumed input Host value, and use `client.FromEnv` to provide safe defaults for all platforms.
Any stage pulling from another registry may have an auth configuration, supplying these in `ImageBuildOptions` allows the daemon to use these in addition to the target server auth.
Does the PR have any schema changes?Looking good! No breaking changes found. |
* Sets tar options to remove uid, gid from files. * Uses session-based auth with injected registry auth. Prior to this commit, verbose logs would report errors importing cache manifests from images built with arg `BUILDKIT_INLINE_CACHE=1`: ``` [builder 1/6] FROM docker.io/library/node:alpine@sha256:4a3a2ccfa801ce6960e7fc29fc5e5a1ed896b633e4731cdb87b4e1a1e9ad246e digest: sha256:13a7ee18c229d7dd37fc02dee457f4e525951359df4cad0db5eeb56079cc806b importing cache manifest from 616138583583.dkr.ecr.us-west-2.amazonaws.com/docker-provider-test-11ec639:latest error: unexpected status code [manifests latest]: 401 Unauthorized ```
The context dir must be validated and made into an absolute dir. Methods from `docker/cli/image/build` are used to massage the input path and validate it before using it in build options.
AaronFriel
force-pushed
the
friel/fast-follows
branch
from
869bfdc to
56534cd
Compare
Does the PR have any schema changes?Looking good! No breaking changes found. |
AaronFriel
force-pushed
the
friel/fast-follows
branch
from
56534cd to
2bc208c
Compare
Does the PR have any schema changes?Looking good! No breaking changes found. |
| // | ||
| // There is some measurement error here, as we're measuring Docker via `pulumi up` and step 2 will | ||
| // have to download the first stage from the repository. To minimize this the same Pulumi program is | ||
| // used and the each stage uses a small image as the base. |
There was a problem hiding this comment.
I have noticed that sometimes with small images, using a custom cache can be slower than building "from scratch" - i.e. pulling the public image. Are we worried about this here?
There was a problem hiding this comment.
I could go a step further and make this a YAML program - no Go compilation step. That would be faster yet.
There was a problem hiding this comment.
I could go a step further and make this a YAML program
That's a great point. Actually, should we use YAML as the default language to author tests across our org going forward?
| if err := exec.Command("docker", "image", "prune").Run(); err != nil { | ||
| return fmt.Errorf("error pruning dangling images: %w", err) | ||
| } | ||
| if err := exec.Command("docker", "builder", "prune", "-a").Run(); err != nil { |
There was a problem hiding this comment.
Would a prune -af be appropriate here? Or, rather: is there ever a situation where in a test we'd need to force clear the cache?
There was a problem hiding this comment.
Unlike the other prune commands, -f removes prompts for confirmation. It must detect that it's not in an interactive terminal and skips the prompt.
| // | ||
| // We expect Step 1 to take more time than the sleep duration, ensuring we don't have a local cache. | ||
| // | ||
| // With `--cache-from` and a decent network connection, we expect Step 2 to take less time than the |
There was a problem hiding this comment.
This is such an excellent code comment; thank you! 🎉
| @@ -66,7 +139,7 @@ func TestDockerfileGo(t *testing.T) { | |||
|
|
|||
| opts := base.With(integration.ProgramTestOptions{ | |||
| Dependencies: []string{ | |||
| "github.com/pulumi/pulumi-docker/sdk/v4", | |||
| "github.com/pulumi/pulumi-docker/sdk/v4=../sdk", | |||
There was a problem hiding this comment.
Do we still need this with the replace directive below?
There was a problem hiding this comment.
Yes and no. ProgramTest will copy the example program to /tmp/$randomDir, and the replace directive would not work from that location (../sdk => /tmp/sdk).
Using this mode of Dependencies is just a little more explicit, and it will fail more loudly on major version updates if we forget to update it.
|
Curious - what are the pros of opening a single PR for this as opposed to 8 separate PRs? (potentially, stacked the way @abhinav does in pu/pu) Is that mainly for the speed of iteration? |
|
Speed yes, and I think it's helpful when making large PRs such as this to have a sync with reviewers. @guineveresaenger and I spoke on Monday before her review. |
By commit, this pull request:
unixspecific defaults.docker login.