docker
docker copied to clipboard
ros-industrial
Automated build don't get run automatically
The Docker images are way older than the Dockerfiles. It looks like to hook is missing that notifies Docker Hub on pushes.
PS: I will trigger the CI image build manually.
good catch. I intended to for dockerhub to trigger new builds whenever this repo was pushed.
I tested this functionality, i am not sure why its not working now.
Can I offer to take a look at this? Just more eyes and hands, it's not that I'm an expert for Docker Hub though.
I see at least https://hub.docker.com/r/rosindustrial/ci/builds/ seems to be triggered to build very frequently (unless someone's been manually doing that).
My hub id: d130s
Can I offer to take a look at this? Just more eyes and hands, it's not that I'm an expert for Docker Hub though.
Sure, you're more than welcome! What's your Docker username?
I see at least https://hub.docker.com/r/rosindustrial/ci/builds/ seems to be triggered to build very frequently (unless someone's been manually doing that).
At some point I configured the ci build to depend on the ros images, so it looks like it's working now.
I noticed today that I have an access to settings on https://hub.docker.com/r/rosindustrial/, so thanks.
At some point I configured the
cibuild to depend on therosimages, so it looks like it's working now.
I manually triggered build on core (which was built 8 months ago the last time) but errored. After that I added ros to core too. Let's see.
I saw core built a day ago, so I think the build is automated unless someone manually triggered.
It just needed to add ros in the linked repos as in this image:
It just needed to add ros in the linked repos as in this image:
The ci images have been built as well.
We should check if something changes after the next merge of a Dockerfile.
We just merged a Dockerfile in the ci repo and the builds didn't automatically trigger, i am not sure why at this point: https://hub.docker.com/r/rosindustrial/ci/builds/
#18
@AustinDeric: please review the repostory settings and check the integration/service.
For now you can add Docker service (if possible), not sure how it works with apps.
-
Thanks @ipa-mdl that may be the issue, but my permission level doesn't allow me to access any of that.
-
@Levi-Armstrong or @JeremyZoss can you give me the settings tab back for this repo?
-
Worst case scenario, it looks like we can manually add webhooks for each build:
GitHub Service hook allows GitHub to notify the Docker Hub when something has been committed to a given git repository.
When you create an Automated Build from a GitHub user that has full “Public and Private” linking, a Service Hook should get automatically added to your GitHub repository.
If your GitHub account link to the Docker Hub is “Limited Access”, then you need to add the Service Hook manually.
To add, confirm, or modify the service hook, log in to GitHub, then navigate to the repository, click “Settings” (the gear), then select “Webhooks & Services”. You must have Administrator privileges on the repository to view or modify this setting.
The image below shows the “Docker” Service Hook.
That is not on the repository level, but at the organization level.
I just checked and there are no third-party applications listed on that panel for ros-industrial.
But there are also no restrictions configured. Not sure how that influences things.
You are still a member of the docker-admins team btw, so you should have access to ros-industrial/docker/settings.
-
Nope no access to https://github.com/ros-industrial/docker/settings
-
I am also not able to link the ros-industrial organization's repo to auto-build:
Seems docker admins only had Write access. I just changed that (back?) to Admin.
This could have happened when we were cleaning up access privileges: as you are no longer an SwRI employee this got reset.
Settings tab is there now! Thanks!
However i still cannot link the ros-industrial organization's repo as shown in my post above.
You're only admin on this specific repository, and are not an owner (of the org). I don't know whether that would be required.
Looking at the third party applications settings panel, I see this:
As members request access for specific applications, those requests will be listed here for your approval. You can start by browsing your own authorized applications.
I don't believe i am able to request access. ros-industrial is not listed in link you posted (https://github.com/settings/applications#authorized). Also, in the last image i posted above, ros-industrial is not listed.
@AustinDeric wrote:
ros-industrial is not listed in link you posted (https://github.com/settings/applications#authorized).
I don't believe it should be. Docker Hub should be listed there, if I understand things correctly.
From your screenshot, it looks like you have the desired access on ros-industrial-consortium and ros-industrial-release organizations. It might be worth comparing the settings for those organizations with ros-industrial to see if anything jumps out.
I only have access to ros-industrial-release and ros-industrial. The only relevant difference I see in the Settings pages is under "Third-Party Access". ros-industrial shows "Access Restricted", and ros-industrial-release shows "No restrictions".
This page suggests that one process might be to add Docker Hub to your personal GitHub account, and then Request Access for the app to the ros-industrial organization. Then it seems like it'll show up in the proper ros-industrial settings page for Gijs or I to approve. Just a shot in the dark, since I don't have much experience with Docker or GitHub apps...
@JeremyZoss wrote:
I only have access to
ros-industrial-releaseandros-industrial. The only relevant difference I see in the Settings pages is under "Third-Party Access".ros-industrialshows "Access Restricted", andros-industrial-releaseshows "No restrictions".
yeah, I set the restrictions. Not to be difficult, but to see whether something that @AustinDeric did would make the auth request show up.
This page suggests that one process might be to add Docker Hub to your personal GitHub account, and then Request Access for the app to the ros-industrial organization. Then it seems like it'll show up in the proper ros-industrial settings page for Gijs or I to approve. Just a shot in the dark, since I don't have much experience with Docker or GitHub apps...
That did the trick, apparently you had to click on the app and from there you can request access. Thanks guys!
Now I see something appearing.
Just curious: before I click Grant access, can you see what Docker can currently do without granting access to our 'private data'?
can you see what Docker can currently do without granting access to our 'private data'?
Please clarify if i misunderstand your Question. I interpret this as, how can we accomplish automated builds without authorizing this Oauth app. If so, the answer is to manually create webhooks with which github notifies docker hub via a POST message. https://docs.docker.com/docker-hub/github/#github-private-submodules (scroll down to "GitHub service hooks"). Its not as elegant as the integration I am proposing which is identical to travis.
I'm not suggesting that at all.
I'm just curious what granting access changes.
The message I received stated:
Until it is approved, this application will have no access to private resources and will have read-only access to public resources belonging to your organization.
So there should already be some access. It's just not clear how much.
I'm perfectly ok with granting this, but from the documentation (both on Github as well as on the Docker site), it looks like manually adding the webhook would enable Travis-like integration just as well.
When enabled this will let the Docker Hub know when you have made changes to your repository. The Docker Hub will then pull down your repository and build your Dockerfile to create a Docker repository and push it onto the Docker Hub so that it is available for others to download. When you commit changes to your git Repo the Docker Hub will keep the Docker Repository up to date.
What I can't find though is whether 'cron' builds on Docker are supported that way.
You should have access to this as well btw: https://github.com/ros-industrial/docker/settings/installations.
Edit: from the Docker hub docs you linked earlier:
If you selected to link your GitHub account with only a “Limited Access” link, then after creating your automated build, you need to either manually trigger a Docker Hub build using the “Start a Build” button, or add the GitHub webhook manually
So adding the webhook should work?
Ok, so I get the impression from the Docker docs -- which are far from clear tbh -- that it's impossible to configure automated builds for repositories -- even public ones -- on organizations without granting access to 'everything'.
I'm actually not too much of a fan of this, but I see the appeal of automated builds for these Docker images.
I'd like to see a +1 from one other owner here on ros-industrial before I click the button. I realise Docker promises 'nothing else will be touched', and they're probably OK, but still.
@JeremyZoss, @Levi-Armstrong