[PATCH 6 of 6 packaging] dockerdeb: rules to build a debian package using docker

Augie Fackler raf at durin42.com
Fri May 8 13:07:49 CDT 2015


> On May 8, 2015, at 2:04 PM, Gregory Szorc <gregory.szorc at gmail.com> wrote:
> 
> On Fri, May 8, 2015 at 10:10 AM, Augie Fackler <raf at durin42.com> wrote:
> # HG changeset patch
> # User Augie Fackler <augie at google.com>
> # Date 1430932539 14400
> #      Wed May 06 13:15:39 2015 -0400
> # Node ID f7c7e1a155383727d54decd6f31b865b8a52eb8b
> # Parent  eb1672b7b846324d4275b49c09d33373e3cb1920
> dockerdeb: rules to build a debian package using docker
> 
> Currently only supports jessie (current stable), but other version
> should be trivial.
> 
> 

[...]

> +$DOCKER run -u $DBUILDUSER --rm -v $DEBBUILDDIR:$DSHARED -v $PWD:/mnt/hg $CONTAINER \
> +  sh -c "cd /mnt/hg && make PREFIX=$DSHARED/staged/usr install"
> +$DOCKER run -u $DBUILDUSER --rm -v $DEBBUILDDIR:$DSHARED $CONTAINER \
> +  dpkg-deb --build $DSHARED/staged
> +if [ $(uname) = "Darwin" ] ; then
> +    $DOCKER run -u $DBUILDUSER --rm -v $DEBBUILDDIR:$DSHARED -v $PWD:/mnt/hg $CONTAINER \
> +            sh -c "cd /mnt/hg && make clean"
> +fi
> 
> As you alluded to in an earlier patch, uids are fragile. And mounting volumes will almost certainly result in uid/gid badness, especially when host OSs differ.
> 
> When I need to transfer files from my host to Docker, I typically end up going through an intermediate, such as a tar file (with normalized permissions) or even a Mercurial bundle so this mismatch doesn't occur. This patch is probably fine for now. But if my experience is an indication, this approach is brittle and will need to be replaced by something more complicated :/

Yup. This is super breaky, but the way we construct containers is mostly-robust in the face of these problems, which surprises me more than a little. The one patch to make things work with boot2docker feels hopelessly dirty, but on the other hand I was able to build debs and rpms on my Mac reliably, so it seems to be fine for now.

The "good" news is that when we do fix things, we now have a good place to put that icky code.


More information about the Mercurial-devel mailing list