Hello Guix!
Has anyone succeeded in building a Docker image suitable for use in
GitLab-CI? I haven’t. Here’s what I tried.
Initially, I built an image with ‘guix system image -t docker …’ but
that doesn’t work because then the image’s “entry point” is shepherd,
but shepherd never returns. Thus, GitLab-CI would spawn the image and
eventually time out.
So I tried this instead:
guix pack guix bash-minimal coreutils-minimal grep net-base \
--save-provenance -S /bin=bin -S /share=share -S /etc=etc \
-f docker --max-layers=100
… with ‘.gitlab-ci.yml’ doing something like this:
--8<---------------cut here---------------start------------->8---
build:
image: registry.gitlab.inria.fr/…
tags: ["ci.inria.fr", "linux"]
before_script:
- echo "nameserver 10.0.2.3 # XXX" > /etc/resolv.conf
- guix archive --authorize < /share/guix/ci.guix.gnu.org.pub
- guix archive --authorize < /share/guix/bordeaux.guix.gnu.org.pub
- guix-daemon --disable-chroot &
script:
- guix shell -m manifest.scm -- rubber --pdf article.tex
artifacts:
paths:
- article.pdf
--8<---------------cut here---------------end--------------->8---
Problem is, name resolution appears to fail in the container image; the
‘resolv.conf’ trick was a crude attempt to work around it, but it
failed. I guess the problem is that I don’t know how GitLab-CI or
Docker is supposed to set up networking inside those containers.
Thoughts?
Neat tip to upload your Guix-built image to a registry: use Skopeo.
guix shell skopeo -- skopeo login registry.gitlab.inria.fr
guix shell skopeo -- skopeo copy \
docker-archive:///gnu/store/…-docker-image.tar.gz \
docker://registry.gitlab.inria.fr/… \
--insecure-policy
(“Insecure policy”, what could possibly go wrong?)
Ludo’.
