Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PoC] Allow to skip ensurepip; make package manager use more flexible #543

Open
wants to merge 3 commits into
base: devel
Choose a base branch
from
Open

[PoC] Allow to skip ensurepip; make package manager use more flexible #543

wants to merge 3 commits into from

Conversation

felixfontein
Copy link
Contributor

@felixfontein felixfontein commented May 21, 2023
edited
Loading

This allows to create a Debian based execution environment:

---
version: 3

build_arg_defaults:
  PKGMGR_CLEAN_ALL_COMMAND: clean
  PKGMGR_CACHE_LOCATION: /var/lib/apt/lists/*
  # I was too lazy to figure out what to put here, so for now don't delete anything
  PKGMGR_CLEANUP_LOCATIONS: ' '
  PKGMGR_INSTALL_COMMAND: install -y --no-install-recommends

options:
  package_manager_path: /usr/bin/apt
  disable_ensurepip: true

dependencies:
  ansible_core:
    package_pip: ansible-core==2.15.0
  ansible_runner:
    package_pip: ansible-runner
  galaxy: requirements.yml

images:
  base_image:
    name: docker.io/library/debian:bullseye

additional_build_steps:
  prepend_base:
    - RUN apt-get update && apt-get install -y --no-install-recommends python3-pip python3-venv python3-wheel python3-cryptography

I've tried this with requirements.yml:

collections:
  - community.crypto
  - community.docker
  - community.general
  - community.sops

and got a nice Debian Bullseye based EE having these three collections. (community.sops installs gnupg via bindep; community.docker installs some Python dependencies; community.crypto installs both Python and binary dependencies.)

@felixfontein
Allow to not run ensurepip.
9ad642e 
On Debian this breaks the build as ensurepip has been actively disabled.
@felixfontein
Allow to configure more aspects of the package manager.
82b8810
@felixfontein felixfontein requested a review from a team as a code owner May 21, 2023 07:57
@felixfontein
Copy link
Contributor Author

I ran this with:

ansible-builder build --tag test-ee --container-runtime docker --verbosity 3
ansible-navigator run -vv --mode stdout --ce docker --eei test-ee:latest test.yml

where test.yml is a minimal playbook.

@felixfontein felixfontein mentioned this pull request May 21, 2023
Closed
49 tasks
@felixfontein
Copy link
Contributor Author

If it's better to split this up into two separate PRs, please tell me.

@nitzmahone
Copy link
Member

Yep, I suspected we weren't too far off, but I'd explicitly avoided trying to make this work because it has a much bigger blast radius than "look ma, Debian base image!" 😆

Captured some stream-of-consciousness ideas for discussion at #553...

@Denney-tech
Copy link

Denney-tech commented Apr 30, 2024
edited
Loading

What's the status on this? ensurepip is one of the reasons I build EE's manually due to latest pip being unable to install/upgrade package requirements that conflict with system installed packages. (pep668)

Edit: I see now that there's an environment variable that can be set and an option to skip ensurepip was added to devel #627, but somehow was not included in 3.0.1 release.

Still, this PR adds a lot of desirable flexibility besides the ensurepip issue.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 26, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@felixfontein @nitzmahone @Denney-tech