You are not logged in.

#1 2021-06-08 15:56:33

Broskev
Member
Registered: 2016-04-05
Posts: 22

Archlinux in Docker Containers? What's the proper way?

Hello,
we are using archlinux in docker containers and we have created a cascade building archlinux images in our CI/CD.
We create applications in using python/node.js/dotnet/kotlin and so on.
We have currently problem mostly with Python that we cannot freeze it anyhow.
I don't know why there are lts packages for older node versions but not for python.
We constantly get in trouble because Python is upgrading and it breaks our requirements(packages) as they need newer version to work with newer Python.
I am not going to install packages from AUR as it's not possible to run it as root user and also not possible to verify upgrade content as we have it automated.

Is there proper way to manage archlinux docker images by freezing python for example? I also tried pyenv but that's also not the best way how to do it...

Thanks!

Offline

#2 2021-06-08 16:03:15

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 25,278

Re: Archlinux in Docker Containers? What's the proper way?

It sounds like your concerns aren't actually related to docker container systems, but just simply to wanting "frozen" or LTS versions of some packages.  This isn't possible (in a safe or reasonable way) in arch linux.

You could potentially use the archlinux archive dated mirrors to get packages from a specific date.  But then you'd miss any security patches that were released since that time.  One of the primary defining features of arch linux is that is a rolling release; if you don't want a rolling release, you really shouldn't be using arch in the first place.  Use a distro more fitting to your goals in your docker containers.

Last edited by Trilby (2021-06-08 16:04:20)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#3 2021-06-09 09:43:48

Broskev
Member
Registered: 2016-04-05
Posts: 22

Re: Archlinux in Docker Containers? What's the proper way?

Well,
it might be, but I want to use mostly bleeding edge software.
When I am using nodejs-lts it's working correctly and I have no issues...
I just don't understand why should I use different distro for python because I cannot install specific version same way as with nodejs....

Offline

#4 2021-06-09 10:53:56

progandy
Member
Registered: 2012-05-17
Posts: 4,329

Re: Archlinux in Docker Containers? What's the proper way?

I am not going to install packages from AUR as it's not possible to run it as root user and also not possible to verify upgrade content as we have it automated.

You can create a separate CI to automatically build packages into a custom repository, then use that in your containers. Use your own copy of the PKGBUILD Then you are independent of the AUR maintainers, but you'll have to either automate version updates or do it manually if you need more trust.

I just don't understand why should I use different distro for python because I cannot install specific version same way as with nodejs....

You want to place maintenance burden on the distro maintainers so you don't have to bear it. Fair enough, but there is no obligation to do that. I have no idea why there are multiple nodejs versions, I think it started because arch packages needed different versions but the current situation is a bit strange.

By the way, this idea is not new, but it does not really fit the arch model. Here is the latest proposal:
https://lists.archlinux.org/pipermail/a … 30193.html

Edit: Maybe you can put together a group of likeminded people that shares the maintenance of such a repository if you can figure out a way to establish trust.
Edit: https://wiki.archlinux.org/title/Unoffi … 0_(python) (seems to be unsigned and missing updates in the last few months)

Last edited by progandy (2021-06-09 11:10:32)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#5 2021-06-09 18:06:59

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 25,278

Re: Archlinux in Docker Containers? What's the proper way?

I got a bit of a laugh reading that mailing list thread then seeing the edit with the unofficial repo link.  The person who was arguing that providing all these packages in the main repos wouldn't be a maintenance burden stopped maintaining them even in their own unofficial repo.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

Board footer

Powered by FluxBB