All, I'd like to see "official" Guix container images, and would like to explore what the process towards that would be. I maintain a set of container images at https://gitlab.com/debdistutils/guix/container but that is just one third-party contribution, and probably not directly suitable to bless as official images (but I could be wrong).
Some steps:
1) Is there agreement that the Guix project should publish official
container images at all? Any objections? Assuming we can decide on all
the details, of course.
2) I'm not that familiar with the Guix project build system, but I
suppose the images should be built by centralized by it? Is this
feasible? What would be involved in making that happen?
3) Agreement that images should be generated by 'guix pack -f docker'.
Any alternative?
4) Decide on the set of variants to support. As a strawman my images
are built using:
guix pack $GUIX_PACKS --save-provenance -S /bin=bin -S /share=share -f docker
--image-tag=guix --max-layers=8 ${GUIX_PACK_EXTRA:-}
for the following package sets:
GUIX_PACKS_SLIM: guix bash-minimal coreutils-minimal net-base
GUIX_PACKS_GASH: guix gash gash-utils
GUIX_PACKS_LATEST: $GUIX_PACKS_SLIM git-minimal findutils diffutils
gcc-toolchain make automake autoconf tar grep sed gawk m4 gzip xz bzip2
iproute2 inetutils libcap shadow wget lndir nss-certs
GUIX_PACKS_EXTRA: $GUIX_PACKS_LATEST wget python patch perl gperf gengetopt
libtool gettext help2man texinfo libabigail indent pkg-config gtk-doc bison
readline gnupg pkgconf python-codespell fig2dev graphviz skopeo perl-digest-sha3
This is quite arbitrary, but some discussion about this would be useful.
One could also imagine variants that are built with other parameters,
like -S /etc=etc or --entry-point=/entry-point.sh.
5) Decide if images should have non-/bin/sh entrypoint like MetaCall
Guix Containers which sets up guix-daemon.sh etc. Sometimes you would
want this, I guess, and sometimes you wouldn't, I guess. Maybe there is
some idiom (environment variables?) to use for deciding? There could be
different container names for different setups.
6) It would be useful to publish images for a recent 'master' commit but
also for the Guix v1.5.0 release commit -- which ought to be forever
bit-by-bit identical once prepared (or?) -- and for future releases.
7) How are they distributed? I suppose the images could be published on
gnu.org/gnu/guix/ but the container-way is via some public container
registry. Docker Hub is well-known, but there are many other. I'm not
sure if Codeberg offers one. What are the concerns here?
What do you think? Other concerns?
/Simon
signature.asc
Description: PGP signature
