fix: enforce minimum version of docker/podman #1961
Conversation
mayeut
force-pushed
the
docker-platform
branch
2 times, most recently
from
a60a00c to
0569010
Compare
|
gitlab might or might not fail if this goes in. Travis-CI is failing (despite result being OK). |
mayeut
force-pushed
the
docker-platform
branch
3 times, most recently
from
b102b9c to
5ee397b
Compare
|
So far, the only CI that exhibited issues is Travis CI on graviton2 VM (still missing gitlab tests & Travis CI ppc64le/s390x). We can either allow docker 19.03 but print a warning or require TravisCI graviton2 VM users to update docker. |
mayeut
force-pushed
the
docker-platform
branch
from
5ee397b to
d06bd6d
Compare
|
AppVeyor build can be seen successful on my fork: https://ci.appveyor.com/project/mayeut/cibuildwheel/builds/50422602 |
mayeut
force-pushed
the
docker-platform
branch
from
d06bd6d to
1fac3b2
Compare
That sounds fine to me. I assume this is the incantation to upgrade docker on that platform?
addons:
apt:
sources:
- sourceline: 'deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable'
packages:
- docker-ce docker-ce-cli containerd.io |
This allows to always pass `--platform` to the OCI engine thus fixing issues with multiarch images.
mayeut
force-pushed
the
docker-platform
branch
from
1fac3b2 to
6cf264c
Compare
|
There's an issue with s390x & ppc64le on Travis CI so this requires a bit more work... |
|
It seems the installation of QEMU is failing on s390x & ppc64le which leads to the oci_container_test timeouts. |
|
Converting to draft until the remaining (weird) issue on s390x gets solved. |
|
The weird issue is that diff --git a/unit_test/oci_container_test.py b/unit_test/oci_container_test.py
index e913c203..803b09bd 100644
--- a/unit_test/oci_container_test.py
+++ b/unit_test/oci_container_test.py
@@ -8,6 +8,7 @@
import subprocess
import sys
import textwrap
+import time
from pathlib import Path, PurePath, PurePosixPath
import pytest
@@ -134,16 +135,23 @@ def test_container_removed(container_engine):
with OCIContainer(
engine=container_engine, image=DEFAULT_IMAGE, oci_platform=DEFAULT_OCI_PLATFORM
) as container:
- docker_containers_listing = subprocess.run(
- f"{container.engine.name} container ls",
- shell=True,
- check=True,
- stdout=subprocess.PIPE,
- text=True,
- ).stdout
assert container.name is not None
- assert container.name in docker_containers_listing
old_container_name = container.name
+ retry_count = 3
+ while retry_count > 0:
+ retry_count -= 1
+ docker_containers_listing = subprocess.run(
+ f"{container.engine.name} container ls",
+ shell=True,
+ check=True,
+ stdout=subprocess.PIPE,
+ text=True,
+ ).stdout
+ if container.name in docker_containers_listing:
+ break
+ if retry_count == 0:
+ pytest.xfail("s390x travis...")
+ time.sleep(0.5)
docker_containers_listing = subprocess.run(
f"{container.engine.name} container ls",I will let the debug run finish before pushing again to this branch skipping this test on Travis CI s390x... |
|
Skipping the flaky test on s390x allowed to run all tests successfully. |
|
FYI This change causes a build failure for mypy on For the build, the mypy repo is first cloned in a previous step and cibuildwheel subsequently run with The error -- The link to the PR: mypyc/mypy_mypyc-wheels#82 |
This was caused by a mistake during initial migration from docker to podman in ansible#181. The original command looked like `docker buildx build --platform linux/arm64` but the `redhat-actions/buildah-build` action has an input called `arch:` that we started using. And we've prefixed the passed value with `linux/`. It would've been fine if we used the `platform:` input but we didn't. The consequence was that the images we were making were tagged with an additional leading `linux/` prefix in the platform metadata which made it look like `linux/linux/arm64`. The issue became evident in ansible#648 that attempted to bump the version of `cibuildwheel`. And the container interaction started failing loudly as this tool started using the `--platform` option when working with OCI images in v2.21 [[1]]. [1]: pypa/cibuildwheel#1961
This was caused by a mistake during the initial migration from docker to podman in ansible#181. The original command looked like `docker buildx build --platform linux/arm64` but the `redhat-actions/buildah-build` action has an input called `arch:` that we started using. And we've prefixed the passed value with `linux/`. It would've been fine if we used the `platform:` input but we didn't. The consequence was that the images we were making were tagged with an additional leading `linux/` prefix in the platform metadata which made it look like `linux/linux/arm64`. The issue became evident in ansible#648 that attempted to bump the version of `cibuildwheel`. And the container interaction started failing loudly as this tool started using the `--platform` option when working with OCI images in v2.21 [[1]]. [1]: pypa/cibuildwheel#1961
|
Happy to report that this change exposed a bug in our automation, revealing a mistake I made 4 years ago and never noticed: ansible/pylibssh#692. The problem looks as follows: e897bff8bb4b: Pull complete
Digest: sha256:d1a2a5447db38774458dc669abadcff717eaa2f6ee5d9797144c659a3f4ae60d
Status: Downloaded newer image for ghcr.io/ansible/pylibssh-manylinux_2_28_x86_64:libssh-v0.9.6
image with reference ghcr.io/ansible/pylibssh-manylinux_2_28_x86_64:libssh-v0.9.6 was found but does not match the specified platform: wanted linux/amd64, actual: linux/linux/amd64I figured I'd document it because it was a pain to google the thing and I never got a hit with somebody else seeing this output with a double prefix. |
This allows to always pass
--platformto the OCI engine thus fixing issues with multiarch images.It also allows to use
docker cpinstead of system tar workaround.fix #1771
fix #1957
fix #1962
close #1968
Last time this was attempted, it failed on some CI (c.f. #1773), let's check the status now.