Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change the way "inherited" workspaces retrieve the base workspace code #4162

Open
jonnyry opened this issue Dec 3, 2024 · 2 comments
Open
Labels

Comments

@jonnyry
Copy link
Collaborator

jonnyry commented Dec 3, 2024

Problem

"Inherited" workspaces - airlock-import-review, unrestricted workspaces and our own custom workspaces - are built on top of the base workspace's code, to reduce duplication.

The base workspace code is pulled in in the inherited workspace's Dockerfile.tmpl file:

# Copy all files from base workspace (note: some of them will be overwritten with the following COPY command)
RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/refs/tags/v${AZURE_TRE_VERSION}.tar.gz" \
&& tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspaces/base" --strip-components=4 --skip-old-files \
&& rm -rf azuretre.tar.gz

The code is downloaded from a tagged version of the Azure TRE on GitHub, rather than by referencing the local copy of the base workspace, as the Docker build context does not allow access outside of the current working directory (the docker "build context").

This is unsatisfactory as every time the base workspace changes, for the change to be propagated to inherited workspaces, a versioned release of the Azure TRE is required, and then a subsequent commit is required to update this version number in inherited workspaces. Consequently inherited workspaces typically lag behind the base workspace by several versions as this step is often missed.

Proposed solution

Rather than pulling the base workspace code from a tagged release on GitHub, use the local base workspace code in the ../base workspace directory.

docker build now allows a --build-context parameter to be passed to containing additional named build contexts, which allows the referencing of files outside of the current build context.

https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-additional-build-contexts---build-context

This would then allow the COPY command to be used as follows:

COPY --from=my-build-context base/terraform/storage.tf .

In order for the above to be used a change to porter would be required to allow the passing of the --build-context parameter to the docker build command.

@jonnyry jonnyry added the feature label Dec 3, 2024
@jonnyry jonnyry changed the title Change the way workspaces that inherit from the base workspace pull the base workspace code Change the way "inherited" workspaces retrieve the base workspace code Dec 3, 2024
@marrobi
Copy link
Member

marrobi commented Dec 3, 2024

@jonnyry completely agree, didn't realise could have multiple build contexts. When did this happen? As you say I think a PR to porter would be required to enable this.

@jonnyry
Copy link
Collaborator Author

jonnyry commented Dec 3, 2024

Looks like it was sometime in 2022 with the release of Dockerfile 1.4:

https://www.docker.com/blog/dockerfiles-now-support-multiple-build-contexts/

I've opened a PR with Porter to support the --build-context parameter:

getporter/porter#3273

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants