che
che copied to clipboard
eclipse-che
Rework developers images to make them compatible with Red Hat internal image build tool (aka brew)
Is your enhancement related to a problem? Please describe
Che samples devfiles use the universal developer image. The image is built with 2 Dockerfiles (base, universal) that have invalid instructions for Red Hat CI:
RUN curlinstructions are not possible (what if the dependency gets removed from the website? Brew builds are offline, with no direct internet access to fetch tarballs, zips, go/node/pip dependencies, etc.)- Heredocs in Dockerfiles may not be supported
Describe the solution you'd like
- remove heredocs in Dockerfiles, since current dockerfiles use a mix of both heredoc and
&&syntax already - add a
get-sources.shscript that pre-downloads assets into the local folder and renames them toasset-*- see examples in https://github.com/redhat-developer/codeready-workspaces-images/ - replace
RUN curlwithCOPY asset-*instructions - extract hardcoded versions nested in heredoc scripts to a list of ENVs near the top of the file, so they're easier to keep current
- remove hardcoded
ARCH="linux_amd64",ARCH="x86_64-unknown-linux-musl", andARCH="Linux-x86_64"declarations and compute these fromuname -m(switching between x86_64 and amd64 as appropriate); this will allow multiarch builds in brew maintainershould be an actual person's name + email address (or comma-separated list of more than one), not just a company. See https://github.com/redhat-developer/codeready-workspaces-images/blob/crw-2-rhel-8/codeready-workspaces-idea/Dockerfile#L112 6a) provide a transformation script that can remove registry references fromFROMlines, leaving onlyFROM org/image:tag ...orFROM org/image@digest ...6b) if anything is being installed via RPM from EPEL or Fedora, provide .repo files to enable this installation that can be disabled downstream in Brew (not allowed) via the transformation script
@nickboldt is there something else apart RUN curl instructions that we should avoid in Dockerfiles (there is a separate issue for multi-arch support)? Do you know if brew supports heredocs like the following one in Dockerfiles?
RUN <<EOF
echo "Hello" >> /hello
echo "World!" >> /hello
EOF
@l0rd see https://issues.redhat.com/browse/CRW-2459 for future work to make it easier to consume CRW dockerfiles outside of brew process. That will give you some insights into what differences there are between public online dockerfiles and Brew internal offline dockerfiles.
the other thing we can now do in downstream vs. upstream is to use cachito to manage go, python, and node dependencies. See https://issues.redhat.com/browse/CRW-2444
Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.
Mark the issue as fresh with /remove-lifecycle stale in a new comment.
If this issue is safe to close now please do so.
Moderators: Add lifecycle/frozen label to avoid stale mode.
Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.
Mark the issue as fresh with /remove-lifecycle stale in a new comment.
If this issue is safe to close now please do so.
Moderators: Add lifecycle/frozen label to avoid stale mode.
Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.
Mark the issue as fresh with /remove-lifecycle stale in a new comment.
If this issue is safe to close now please do so.
Moderators: Add lifecycle/frozen label to avoid stale mode.
Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.
Mark the issue as fresh with /remove-lifecycle stale in a new comment.
If this issue is safe to close now please do so.
Moderators: Add lifecycle/frozen label to avoid stale mode.
