Where do I find a list of software packages included (the pre-installed packages) in Gitlab docker CI images?
I usually use the standard ruby:2.5 image, but I cannot seem to find a list of all packages and softwares/executables that are included in the available build images.
Where is a list of packages included? Or do I always have to test an image in a .gitlab-ci.yml file and see if it works?
(Surely there is a list of packages. Forgive a newbie in the world of CI.)
As mentioned in the GitLab docs: https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#what-is-an-image.
The image keyword is the name of the Docker image the Docker executor uses to run CI/CD jobs.
By default, the executor pulls images from Docker Hub.
However, you can configure the registry location in the gitlab-runner/config.toml file. For example, you can set the Docker pull policy to use local images.
So, to see the image content you can go to the Docker Hub image page, for example, Ruby: https://hub.docker.com/_/ruby.
And click on a specific Docker Image Tag to see its layers with the steps and the installed packages: https://hub.docker.com/layers/library/ruby/2.5/images/sha256-dde6be82028418fa39afcc712ac958af05e67dcb31879a3bd76b688453fe4149?context=explore.
Related
It seems like there are two ways to add documentation to a docker image:
You can add a readme.md in the root folder (where your docker file is located) and this is meant to be parsed by the dockerhub automated build system.
The second way is by using the manifest
https://docs.docker.com/docker-hub/publish/publish/#prepare-your-image-manifest-materials
But the documentation doesn't really explain well how to annotate the manifest file for an image. Also it looks like the manifest command is considered experimental.
What is the recommended way of documenting a docker image?
Personally i prefer not having to add documentation when the container is being built, i would much rather a file in the source control. However the md file method seems to have minimal support.
Most modern container registries (like Dockerhub, Quay, Harbor) have a webinterface that can render and display documentation in Markdown format. When you do automatic builds on Dockerhub from a Github repo, the git repo's README.md can get automatically synced to the repo on Docker Hub. If you build your images locally (or via a CI runner) and push them to Docker Hub you could also push the README file using the docker-pushrm tool. It also supports other container registries than Dockerhub.
I would like to publish docker images tagged with both semantic versions (like version 1.0) and also build numbers (like build 3). Operationally this might come about in the following way:
docker build -t my-project:1.0-1
# make minor changes to docker file
docker build -t my-project:1.0-2
# make minor changes to docker file
docker build -t my-project:1.0-3
# release new version of project
docker build -t my-project:1.1-1
I would expect some users to pin to particular build numbers
docker pull my-project:1.0-2
While other users would just ask for "the lastest of version 1.0"
docker pull my-project:1.0
Does this work? Is there a better way to accomplish this goal?
Yes, this works. A tag is just a friendly name attached to an image ID. Any given image can have as many tags as you would realistically want.
docker tag myproject my-project:1.0-2
docker tag myproject my-project:1.0
Then, if you docker images and find these tags, you'll see that the IMAGE ID for both tags is the same. Keep in mind you'd want to push both tagged images to your repository.
Looking at a couple of popular Docker Hub repos for inspiration:
ruby, python, postgres
I have dockerized a nodejs app on github. My Dockerfile is based on the offical nodejs images. The offical node-repo supports multiple architectures (x86, amd64, arm) seamlessly. This means I can build the exact same Dockerfile on different machines resulting in different images for the respective architecture.
So I am trying to offer the same architectures seamlessly for my app, too. But how?
My goal is automate it as much as possible.
I know I need in theory to create a docker-manifest, which acts as a docker-repo and redirects the end-users-docker-clients to their suitable images.
Docker-Hub itself can monitor a github repo and kick off an automated build. Thats would take care of the amd64 image. But what about the remaining architectures?
There is also the service called 'TravisCI' which I guess could take care of the arm-build with the help of qemu.
Then I think both repos could then be referenced statically by the manifest-repo. But this still leaves a couple architectures unfulfilled.
But using multiple services/ways of building the same app feels wrong. Does anyone know a better and more complete solution to this problem?
It's basically running the same dockerfile through a couple machines and recording them in a manifest.
Starting with Docker 18.02 CLI you can create multi-arch manifests and push them to the docker registries if you enabled client-side experimental features. I was able to use VSTS and create a custom build task for multi-arch tags after the build. I followed this pattern.
docker manifest create --amend {multi-arch-tag} {os-specific-tag-1} {os-specific-tag-2}
docker manifest annotate {multi-arch-tag} {os-specific-tag-1} --os {os-1} --arch {arch-1}
docker manifest annotate {multi-arch-tag} {os-specific-tag-2} --os {os-2} --arch {arch-2}
docker manifest push --purge {multi-arch-tag}
On a side note, I packaged the 18.02 docker CLI for Windows and Linux in my custom VSTS task so no install of docker was required. The manifest command does not appear to need the docker daemon to function correctly.
I have been playing around with docker for about a month and now I have a few images.
Recently, I want to share one of them to some other guy,
and I push that image X to my DockerHub, so that he can pull it from my repository.
However, this seems kind of a waste of time.
The total time spent here is the time I do docker push and the time he do docker pull.
If I just sent him the Dockerfile needed to build that image X, then the cost would be
the time I write a Dockerfile, the time to pass a text file, and the time he do docker build,
which is less than previous way since I maintain my Dockerfiles well.
So, that is my question: what are the pros/cons of these two approach?
Why Docker Inc. chose to launch a DockerHub service rather than a DockerfileHub service?
Any suggestions or answers would be appreciated.
Thanks a lot!
Let's assume you build an image from a Dockerfile and push that image to Docker Hub. During the build you download some sources and build a program. But when the build is done the sources become unavailable. Now the Dockerfile can't be used anymore but the image on Docker Hub is still working. That's a pro for Docker Hub.
But it can be a con too. For example if the sourcecode contains a terrible bug like Heartbleed or Shellshock. Then the sources get patched but the image on Docker Hub does not get updated.
In fact, the time you push image and the time you build image depend on your environment.
For example, you may prebuild a image for embedded system, but you won't want to build it on embedded system.
Docker Hub had provided an Automated Builds feature which will fetch Dockerfile from GitHub, and build image. So you can get the Dockerfile of image from GitHub, it's not necessary to have a service for sharing Dockerfile.
I'm new to docker and I wonder why there is no command to fetch AUTOMATED BUILD-repo's Dockerfile to build image locally from it (can be convenient some times I guess, instead of opening browser, peeking for github reference on repo's page and then using git to clone)
I have created dockerfileview to fetch Dockerfile from Docker Hub.
https://github.com/remore/dockerfileview
The automated build normally has a githubrepo behind it and links to the original repository in the build details section under the Source Repository heading. Which automated build are you looking for the source file for?
If you would like to search for images from the command line you can run docker search TERM to find images (but not their docker files). You can also use docker history to give a rough approximation of the commands that went in the docker file.
e.g.