diff options
| author | Ivan Gabaldon <igabaldon@inetol.net> | 2025-09-20 11:33:23 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-09-20 11:33:23 +0200 |
| commit | b7ecc1c240f92252f061745d287accc886f3a742 (patch) | |
| tree | e1f531fe23f55f2ec078462c90cddb04ad3e49dd /utils | |
| parent | 164167dea0a0823845de42188818e7f80262aa71 (diff) | |
[enh] container: reproducible layers (#5222)
* [enh] container: reproducible layers
We are not aiming for reproducibility compliance, but we look to make most
builder layers reproducible without caching at least for a short period of time
(until the builder's base image changes or the child dependencies of a
requirements.txt package are updated).
This feature is only available on Podman.
This targets https://github.com/searxng/searxng/pull/5086 main goal.
* [fix] misc: apply suggestions
Suggested: https://github.com/searxng/searxng/pull/5222#discussion_r2364630496
Suggested: https://github.com/searxng/searxng/pull/5222#discussion_r2364630511
* [enh] container: prevent useless layer
Diffstat (limited to 'utils')
| -rw-r--r-- | utils/lib_sxng_container.sh | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/utils/lib_sxng_container.sh b/utils/lib_sxng_container.sh index 73947bdba..27d6c5414 100644 --- a/utils/lib_sxng_container.sh +++ b/utils/lib_sxng_container.sh @@ -85,9 +85,20 @@ container.build() { info_msg "Set \$DOCKER_TAG: $DOCKER_TAG" info_msg "Set \$GIT_URL: $GIT_URL" + # change cmp to lockfile when available + timestamp_requirements_main=$(git log -1 --format='%ct' ./requirements.txt) + timestamp_requirements_server=$(git log -1 --format='%ct' ./requirements-server.txt) + if [[ "$timestamp_requirements_main" -ge "$timestamp_requirements_server" ]]; then + timestamp_venv="$timestamp_requirements_main" + else + timestamp_venv="$timestamp_requirements_server" + fi + + timestamp_searx_settings=$(git log -1 --format='%ct' ./searx/settings.yml) + if [ "$container_engine" = "podman" ]; then - params_build_builder="build --format=oci --platform=$platform --layers --identity-label=false" - params_build=$params_build_builder + params_build_builder="build --format=oci --platform=$platform --layers --identity-label=false --timestamp=$timestamp_venv" + params_build="build --format=oci --platform=$platform --layers --identity-label=false" else params_build_builder="build --platform=$platform" params_build=$params_build_builder @@ -102,8 +113,8 @@ container.build() { # shellcheck disable=SC2086 "$container_engine" $params_build_builder \ - --build-arg="TIMESTAMP=$(git log -1 --date=format:'%Y%m%d%H%M.%S' --format='%ad')" \ - --build-arg="TIMESTAMP_SETTINGS=$(git log -1 --date=format:'%Y%m%d%H%M.%S' --format='%ad' ./searx/settings.yml)" \ + --build-arg="TIMESTAMP_VENV=$timestamp_venv" \ + --build-arg="TIMESTAMP_SETTINGS=$timestamp_searx_settings" \ --tag="localhost/$CONTAINER_IMAGE_ORGANIZATION/$CONTAINER_IMAGE_NAME:builder" \ --file="./container/builder.dockerfile" \ . |