Debian package builds require devscripts and build-essential to be installed. Right now the CI job installs these on every run. If we provide a dedicated image with the two packages preinstalled it would reduce the duration of package builds.
Description
Details
Title | Reference | Author | Source Branch | Dest Branch | |
---|---|---|---|---|---|
Run apt-get update before mk-build-deps | repos/sre/wmf-debci!7 | mvernon | aptupdate | main | |
use wmf-debci docker images | repos/sre/wmf-debci!6 | jelto | use-wmf-debci-images | main |
Related Objects
Event Timeline
To be clear - this needs to be one image per suite we currently support and predictably named so builddebs.yml can use these images instead of docker-registry.wikimedia.org/${SUITE}
So to sum this up, we need a bullseye, bookworm and maybe a buster image which contain the following packages:
- dpkg-dev
- dgit
- git
- ca-certificates
- devscripts
- build-essential
That are at least all apt packages which I found in https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/blob/main/builddebs.yml?ref_type=heads. @MatthewVernon does this makes sense? Or do we need devscripts and build-essential only?
Also the question is where and how to build this images. We could setup a kokkuri image build in GitLab. But then we would have to use kokurri and blubber, which creates opinionated container images. I'm not sure if this would interfere with the Debian package builds. Afaik image builds using plain Dockerfiles is not implemented/allowed yet (T351792). So we may be blocked by T351792 here.
I don't feel strongly, but would incline to just build-essential and devscripts? [that'll pull in dpkg-dev]: that way packages will declare a correct set of Build-Depends (or not build), and git, dgit, ca-certificates are all pretty small so I don't think they'll extend build times quite as much (plus they're only needed for some of the optional jobs).
These images should be in the base images repository at operations/docker-images/production-images that gets built via docker-pkg as part of our pipeline.
So there is no reason for this task to be blocked on dockerfile builds on gitlab (the only thing blocked by that is actually moving the production-images repository to build its images on gitlab instead than on the build hosts.
Change 979355 had a related patch set uploaded (by Jelto; author: Jelto):
[operations/docker-images/production-images@master] add wmf-debci image
Change 979355 merged by Jelto:
[operations/docker-images/production-images@master] add wmf-debci image
jelto opened https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/merge_requests/6
use wmf-debci docker images
Change 980864 had a related patch set uploaded (by Jelto; author: Jelto):
[operations/docker-images/docker-pkg@master] add optional install_recommends to apt_install
Change 980864 abandoned by Jelto:
[operations/docker-images/docker-pkg@master] add optional install_recommends to apt_install
Reason:
in favor of I4c614a836ade6d101de6d861195c702d63901bdd
Change 981178 had a related patch set uploaded (by Jelto; author: Giuseppe Lavagetto):
[operations/docker-images/production-images@master] wmf-debci: also install recommended dependencies
Change 981178 merged by Jelto:
[operations/docker-images/production-images@master] wmf-debci: also install recommended dependencies
Change 982041 had a related patch set uploaded (by Jelto; author: Jelto):
[operations/docker-images/production-images@master] wmf-debci: fix templating in Dockerfile RUN command
Change 982041 merged by Jelto:
[operations/docker-images/production-images@master] wmf-debci: fix templating in Dockerfile RUN command
jelto merged https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/merge_requests/6
use wmf-debci docker images
The dedicated image for wmf-debci is available now. I triggered a small test job and Debian package building still works. @MatthewVernon you have more advanced use cases already with swift. Can you check if the pipelines for swift still work?
We have images for all three Debian suites now:
docker-registry.discovery.wmnet/wmf-debci-bookworm:0.0.3 docker-registry.discovery.wmnet/wmf-debci-buster:0.0.3 docker-registry.discovery.wmnet/wmf-debci-bullseye:0.0.3
(0.0.2 had a little typo with the Jinja templating and image builds failed on the build host).
I think we may be missing an apt update step now - I now get failures like https://gitlab.wikimedia.org/repos/data_persistence/swift/-/jobs/174503 :
Investigating (0) swift-build-deps:amd64 < 2.26.0-10+deb11u1+wmf1 @iU mK Nb Ib > Broken swift-build-deps:amd64 Depends on dh-exec:amd64 < none @un H > Removing swift-build-deps:amd64 because I can't find dh-exec:amd64 Done
dh-exec is in bullseye - https://packages.debian.org/bullseye/dh-exec which I suspect a missing apt update (or apt-get update).
mvernon opened https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/merge_requests/7
Run apt-get update before mk-build-deps
I think https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/merge_requests/7 will fix this.
mvernon merged https://gitlab.wikimedia.org/repos/sre/wmf-debci/-/merge_requests/7
Run apt-get update before mk-build-deps
@Jelto my various pipelines in repos I use for testing (pcre2 and swift) are now all passing.
Great, thanks for testing!
Then I'll close the task. If we have additional requirements then we can just add it to the wmf-debci images.
Change 984297 had a related patch set uploaded (by BCornwall; author: BCornwall):
[operations/docker-images/production-images@master] wmf-debci: Also create man1 dir
Change 984297 merged by BCornwall:
[operations/docker-images/production-images@master] wmf-debci: Also create man1 dir
Change 987837 had a related patch set uploaded (by BCornwall; author: BCornwall):
[operations/docker-images/production-images@master] Add new release of wmf-debci images for building
Change 987837 merged by BCornwall:
[operations/docker-images/production-images@master] Add new release of wmf-debci images for building