On 6/5/19 5:10 PM, Daniel P. Berrangé wrote:
> On Fri, May 24, 2019 at 01:17:17PM +0200, Marc-André Lureau wrote:
>> Hi
>>
>> On Fri, May 24, 2019 at 9:41 AM Philippe Mathieu-Daudé
>> <phi...@redhat.com> wrote:
>>>
>>> On 5/24/19 1:40 AM, Marc-André Lureau wrote:
>>>> Released last month.
>>>>
>>>> Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
>>>> ---
>>>> tests/docker/dockerfiles/fedora.docker | 2 +-
>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/tests/docker/dockerfiles/fedora.docker
>>>> b/tests/docker/dockerfiles/fedora.docker
>>>> index 69d4a7f5d7..1496b68ba1 100644
>>>> --- a/tests/docker/dockerfiles/fedora.docker
>>>> +++ b/tests/docker/dockerfiles/fedora.docker
>>>> @@ -1,4 +1,4 @@
>>>> -FROM fedora:29
>>>> +FROM fedora:30
>>>
>>> Hmm this patch is pending for review:
>>> https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg00819.html
>>
>> Oh I missed that. Maybe we should use "latest" to avoid bumping the
>> version every 6 months.
>>
>> fwiw we have different versions:
>>
>> tests/docker/dockerfiles/fedora-cris-cross.docker:FROM fedora:latest
>> tests/docker/dockerfiles/fedora-i386-cross.docker:FROM fedora:29
>> tests/docker/dockerfiles/fedora.docker:FROM fedora:29
>>
>> In 62559b916 "tests: update Fedora i386 cross image to Fedora 29", Daniel
>> said:
>>
>> Using the "latest" tag is not a good idea because this changes what
>> release it points to every 6 months. Together with caching of docker
>> builds this can cause confusion where CI has cached & built with Fedora
>> N, while a developer tries to reproduce a CI problem with Fedora N + 1,
>> or vica-verca.
>>
>> But at the same time, Daniel bumped f28 to f29 in commit 19a9978db1.
>>
>> It's confusing, do we need some stability or follow the latest?
>
> The problem is introduced by local caching. "latest" may point to "29"
> today, but the CI system had cached content meaining its use of "latest"
> still resolved to "28".
>
> Using "29" meant both CI & developers saw the same image, even when
> caching is used.
Should we invert the default NOCACHE value?
See commits c1958e9d & 6fe3ae3f:
commit c1958e9d54c8de85ceda7c96b302b75a2f67b4e1
Author: Fam Zheng <f...@redhat.com>
Date: Fri Nov 3 21:12:29 2017 +0800
docker: Improved image checksum
When a base image locally defined by QEMU, such as in the debian images,
is updated, the dockerfile checksum mechanism in docker.py still skips
updating the derived image, because it only looks at the literal content
of the dockerfile, without considering changes to the base image.
For example we have a recent fix e58c1f9b35e81 that fixed
debian-win64-cross by updating its base image, debian8-mxe, but due to
above "feature" of docker.py the image in question is automatically NOT
rebuilt unless you add NOCACHE=1. It is noticed on Shippable:
https://app.shippable.com/github/qemu/qemu/runs/541/2/console
because after the fix is merged, the error still occurs, and the log
shows the container image is, as explained above, not updated.
This is because at the time docker.py was written, there wasn't any
dependencies between QEMU's docker images.
Now improve this to preprocess any "FROM qemu:*" directives in the
dockerfiles while doing checksum, and inline the base image's dockerfile
content, recursively. This ensures any changes on the depended _QEMU_
images are taken into account.
This means for external images that we expect to retrieve from docker
registries, we still do it as before. It is not perfect, because
registry images can get updated too. Technically we could substitute the
image name with its hex ID as obtained with $(docker images $IMAGE
--format="{{.Id}}"), but --format is not supported by RHEL 7, so leave
it for now.
commit 6fe3ae3f194a675a3b73b6beab3ed5dd35db3be3
Author: Alex Bennée <alex.ben...@linaro.org>
Date: Tue Jul 25 14:34:23 2017 +0100
docker: docker.py make --no-cache skip checksum test
If you invoke with NOCACHE=1 we pass --no-cache in the argv to
docker.py but may still not force a rebuild if the dockerfile checksum
hasn't changed. By testing for its presence we can force builds
without having to manually remove the docker image.
