-
Notifications
You must be signed in to change notification settings - Fork 10.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Dockerfiles for python artifacts to use latest git version #14588
Conversation
Due to a recent change (Feb 2018) in Github's policy to discontinue support for weak cryptographic standards, older git versions stopped working with Github repositories. The Dockerfiles for building python artifacts currently uses git 2.0.5, that fails with an error `tlsv1 alert protocol version`. The CentOS image by the latest source Dockerfile, `manylinux` comes with the latest version of git as well, removing the need to manually build git from source.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM (pending tests).
|
|
|
I'm not sure if
Our |
@jtattermusch @matt-kwong Thanks a lot for the review. But weirdly enough, when I tried running the
I've tried doing it after a Docker purge as well and seeing the same result.
Could it be because you're seeing a cached interim container on your side? You're right about the If you insist, I can push a patch which builds the latest OpenSSL + curl first (this was actually what I tried first before noticing the latest git version on yum. So I still have the diff with me). But I don't think it's necessary. I personally don't think I can access your pre-built images either (which I noticed in the CI failures. Correct me if I'm wrong). Is there something else I can try? This is a roadblock for me, so I could use your guidance. |
Also, if you don't mind, may I ask what the current procedure is for building python artifacts, if not this? I see python packages updated on PyPI last week, so there should be another way (or I'm on a tangent and looking at the wrong place). I was attempting #14294 when I noticed this. |
That's strange. I just ran
Maybe these steps don't stop docker from using a cached image of I didn't realize Git shipped with OpenSSL; I thought it would rely on the system's provided OpenSSL. If this works, I'm glad to go with this and don't think downloading git is necessary. I'll fix the issues on my side to upload the image to our DockerHub repo, then we can merge this. We do use this Dockerfile for building Python artifacts. We just happen to use prebuilt image from before it was broken by GitHub's changes. |
############################################################# | ||
# Update Git to allow cloning submodules with --reference arg | ||
RUN yum remove -y git | ||
RUN yum install -y curl-devel expat-devel gettext-devel linux-headers openssl-devel zlib-devel gcc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This line shouldn't be deleted.
############################################################# | ||
# Update Git to allow cloning submodules with --reference arg | ||
RUN yum remove -y git | ||
RUN yum install -y curl-devel expat-devel gettext-devel linux-headers openssl-devel zlib-devel gcc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here.
I got it to work. I had to run It looks like it's building correctly, and I'm uploading the Docker images now. Could you revert the line deletions I mentioned above, and we can retest/merge? Thanks! |
89ce16b removed a few package installations from the dockerfiles for building python artifacts. Revert them. Revert certain package install removal from python artifact dockerfiles
I've made the changes. Thanks for clarifying the build process! |
|
|
|
Tests are all passing except for Bazel builds which are still experimental. Thanks for the pull request! |
Due to a recent change (Feb 2018) in Github's policy to discontinue support for weak cryptographic standards, older git versions stopped working with Github repositories. The Dockerfiles for building python artifacts currently uses git 2.0.5, that fails with an error
tlsv1 alert protocol version
.The CentOS image by the latest source Dockerfile,
manylinux
comes with the latest version of git as well, removing the need to manually build git from source.