Skip to content

Commit

Permalink
Containerfile: avoid modifying pycache files
Browse files Browse the repository at this point in the history
A lot of history here, but essentially today the pycache files generated
at compose time are invalid because they're of course created before the
epoch mtime canonicalization ostree does and pyc files include the mtime
in their headers to know if they're out of date.

Since `/usr` is not read-only in the layering flow, Python will happily
regenerate the cache files as Python code gets executed.

This isn't necessarily a big deal and actually would make dnf faster,
but it's also awkward and confusing to have only a subset of Python code
in the OS cached correctly and sloshing that diff around in container
layers when what we really want is having it fixed correctly at base
compose time. So let's just avoid it for consistency and to reduce the
diff with the legacy variants.

We do this by moving the base ones out of the way and then moving them
back in place, possibly overwriting regenerated ones. Note that using
`ENV PYTHONDONTWRITEBYTECODE=1` is not sufficient here; that doesn't
seem to reach RPM scriptlets which use Python.

See also: ostreedev/ostree#1469
  • Loading branch information
jlebon committed Nov 29, 2024
1 parent 0b599aa commit 43e8238
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions Containerfile
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,11 @@

FROM quay.io/openshift-release-dev/ocp-v4.0-art-dev:c9s-coreos
ARG OPENSHIFT_CI=0
# Avoid shipping modified .pyc files. Due to https://github.com/ostreedev/ostree/issues/1469,
# any Python apps that run (e.g. dnf) will cause pyc creation.
RUN --mount=type=bind,target=/run/src \
find /usr -name '*.pyc' -exec mv {} {}.bak \; && \
if [ "${OPENSHIFT_CI}" != 0 ]; then /run/src/ci/get-ocp-repo.sh --ocp-layer /run/src/packages-openshift.yaml; fi && \
/run/src/scripts/apply-manifest /run/src/packages-openshift.yaml && \
find /usr -name '*.pyc.bak' -exec sh -c 'mv $1 ${1%.bak}' _ {} \; && \
ostree container commit

0 comments on commit 43e8238

Please sign in to comment.