dockerTools: use epoch for layers and mtime #281443
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
roberth
reviewed
Jan 17, 2024
There was a problem hiding this comment.
Seems like a good idea.
TODO:
- document this behavior in the manual
- add a release note in the breaking changes section
- web servers and perhaps other services can be sensitive to mtime
- e.g. when serving a store path, make sure your responses do not have a
Last-Modifiedheader
- e.g. when serving a store path, make sure your responses do not have a
- web servers and perhaps other services can be sensitive to mtime
- test in
nixos/tests/docker-tools.nix - explain why the customization layer mtime is still impure, and/or fix that too (and => when it's configurable)
tomberek
force-pushed
the
tomberek.reuse-docker-layers
branch
from
1905de9
to
13b5437
Compare
The UX improvement of a recent time is primarily for the image itself and seldom used for layers and individual file.
tomberek
force-pushed
the
tomberek.reuse-docker-layers
branch
from
13b5437
to
cb9fe54
Compare
DanielSidhion
requested changes
Jan 24, 2024
| @@ -373,7 +373,7 @@ See [](#ex-dockerTools-buildLayeredImage-hello) to see how to do that. | |||
| # Building a layered Docker image | |||
|
|
|||
| The following package builds a layered Docker image that runs the `hello` executable from the `hello` package. | |||
| The Docker image will have name `hello` and tag `latest`. | |||
| The Docker image will have name `hello` and tag `latest`. The created image can have a current timestamp when setting the `created` parameter to "now" - this will only affect the image, not the individual layers. | |||
There was a problem hiding this comment.
This is not the place to add this information. The buildLayeredImage section is a thin wrapper for the streamLayeredImage section, which is where you should add the extra sentence instead.
Adding this information either in the general area for streamLayeredImage (the content before the "Inputs" subheading) or in the documentation of the created attribute seems fine to me.
Also, when moving the text, please make sure you put one sentence per line to make it easier to review documentation. See https://github.com/NixOS/nixpkgs/blob/master/doc/README.md#documentation-conventions
|
Note for whoever merges this (or for myself after it's merged): please close #255396 since it conflicts with these changes. |
MinerSebas
reviewed
Jan 24, 2024
| @@ -49,6 +49,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m | |||
|
|
|||
| - `himalaya` was updated to v1.0.0-beta, which introduces breaking changes. Check out the [release note](https://github.com/soywod/himalaya/releases/tag/v1.0.0-beta) for details. | |||
|
|
|||
| - `dockerTools.streamLayeredImage` created layers with mtimes using the "now" argument for the `created` parameter. It now uses UNIX time of "1" for the mtime of layers. It will still use "now" for the last customization layer and for setting the creation date of the image itself. This leads to greater re-use of layers between different images. | |||
There was a problem hiding this comment.
Suggested change
| - `dockerTools.streamLayeredImage` created layers with mtimes using the "now" argument for the `created` parameter. It now uses UNIX time of "1" for the mtime of layers. It will still use "now" for the last customization layer and for setting the creation date of the image itself. This leads to greater re-use of layers between different images. | |
| - `dockerTools.streamLayeredImage` previously created layers with mtimes using the "now" argument for the `created` parameter. It now uses UNIX time of "1" for the mtime of layers. It will still use "now" for the last customization layer and for setting the creation date of the image itself. This leads to greater re-use of layers between different images. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The UX improvement of a recent time is primarily for the image itself and seldom used for layers and individual file.
Description of changes
The discussion in #47005 is about the date of an image, but there is far less usage of the time of a layer. This change makes all layers use epoch as mtime and for creation date, but still allows for overriding with "now" for the image itself. The intent is to allow greater re-use of image layers in a container storage subsystem.
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Add a 馃憤 reaction to pull requests you find important.