Hello, I need to build a new container image using our corporate distro.
I was able to compile from source using Build from source code on AlmaLinux | YugabyteDB Docs but I miss a Dockerfile with the steps to copy and run the generated binaries.
After reviewing the Dockerfiles available in the repo I didn’t find any to replicate the same functionality as published yugabyte’s images.
$ find . -name “Dockerfile” -print
./src/yb/rocksdb/tools/Dockerfile
./src/odyssey/docker/dpkg/Dockerfile
./src/odyssey/docker/dev/Dockerfile
./src/odyssey/docker/Dockerfile
./yugabyted-ui/apiserver/cmd/server/Dockerfile
./managed/devops/pex/Dockerfile
./managed/ui/Dockerfile.
Thanks in advance.
Thanks @dorian_yugabyte for your help, but sorry to say I am still stuck.
It is now clear that creating container images is managed in a separate repo yugabyte/build-infra but, what is the exact procedure to use my compiled binaries in a new container image doing exactly the same that the public ones?, what I need to copy and where?, what dependencies I have to install?
I only need to create an image in my local registry with an updated version of the offending go package that reports an high vulnerabiliy CVE-2022-32149)
Hello @dorian_yugabyte, @mbautin, any news about making public the dockerfile you use in published docker hub images?.
We are evaluating different alternatives and being able to compile and build our own images from source repo is a requirement for us.
Thanks for your help.
-David
I think the image is not built from a Dockerfile, but inspecting the image the follower should build the same. You can adapt with your built release
Hi @FranckPachot, unfortunately that approach doesn’t work for us, our policies dictate we must create our own compilation and use our own base image. The unique thing we need is, using as a reference any of your supported distros (ubuntu, centos, etc…), share what is the process of building the same image you publish in docker hub after compiling it following your instructions at Build from source code on AlmaLinux | YugabyteDB Docs
Although we can do reverse engineer of published Docker images, it doesn’t tell us what you copy nor from where. And on the other hand, what is the purpose of hiding this basic piece of any open-source project?
Thanks in advance.
Ok, I don’t think it is hidden on purpose. It is just that it is built with internal tools for release pipeline.
And for customers with support we want them to use this image. If there are changes to the Dockerfile we can’t support them.
If your goal is using open source, you can compile and build your image. As you can see there’s nothing fancy in the public image layers. If your goal is having support, I can ask the right people to contact you to see how to build an image that compiles with both policies