Xen project Mailing List

Re: [XEN PATCH v3 0/4] automation: Update containers to allow HTTPS access to xenbits

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

From: Anthony PERARD <anthony.perard@xxxxxxxxxx>

Date: Fri, 24 Feb 2023 18:12:28 +0000

Authentication-results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none

Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>

Delivery-date: Fri, 24 Feb 2023 18:13:08 +0000

Ironport-data: A9a23:GI8Ci6M27b3yrM3vrR2Ql8FynXyQoLVcMsEvi/4bfWQNrUp2hjdRy DAbXDqDP6yKZDD3L4p0YY++9UpUvZbVmIc3GQto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQAOKnUoYoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGj9Suv3rRC9H5qyo42tC5ABmPpingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0sQwBD5Hz u4gEi4qXh3YpPmH7Z2FQ8A506zPLOGzVG8eknRpzDWfBvc6W5HTBa7N4Le03h9p2JoIR6yHI ZNEN3w2Nk+ojx5nYz/7DLo3mvuogX/uNSVVsluPqYI84nTJzRw327/oWDbQUo3VFZ4LxBnCz o7A12WoRSo+LPqB8DeiyGqdiMPggQDqBo1HQdVU8dY12QbOlwT/EiY+RVa95PW0lEO6c9ZeM FAPvDojq7Ao806mRcW7WAe3yFaPtwQQXNd4GOQg5AaAjKHT5m6xHXMYRzRMbNgnss4eRjEw0 FKN2dTzClRHuaWYU3uH+p+IrDm5Pm4eKmpqWMMfZVJbuZ+5+th110+RCI85S8ZZk+EZBxnSh DXVpRMsv48Nqv4GjIagzH3ovTuF882hohEO2i3bWWes7wVcbYGjZpC15VWz0cusPLp1XXHa4 iFaxpH2APQmSMjUyXfTGLll8KSBva7tDdHKvbJ483DNHRyJ8mXrQ41f6SoWyKxBYpddIm+Bj KM+VGpsCH5v0JmCN/Ifj2GZUZ5CIU3c+TPNB5jpgiJmOMQZSeN+1HgGibSs927silMwtqo0J I2Wd82hZV5DV/s4lWXpHbhAgO96rszb+Y80bcqmpylLLJLEPCLFIVv7GAbmgh8FAFOs/1yOr oc32zqiwBRDSuzuChQ7AqZKRW3m2UMTXMisw+QOL77rH+aTMD15YxMn6e97KtMNcmU8vrugw 0xRrWcElwak2CWfdFzih7IKQOqHYKuTZEkTZUQEVWtEEVB+CWpzxM/zr6cKQIQ=

Ironport-hdrordr: A9a23:EK+1K6BQGnN4NpnlHemU55DYdb4zR+YMi2TDsHoddfU1SKClfq WV9sjzuiWUtN98YgBDpTmrAtjnfZqkz+8T3WBzB9eftWvd1ldARbsKhbcKpQeQeBEWndQtsJ uIHZIQNDShNzNHZcGW2njdL+od

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, Feb 24, 2023 at 05:37:44PM +0000, Andrew Cooper wrote: > On 24/02/2023 5:29 pm, Anthony PERARD wrote: > > Patch series available in this git branch: > > https://xenbits.xen.org/git-http/people/aperard/xen-unstable.git > > br.gitlab-containers-update-v3 > > > > v3: > > - new patch which remove non-debug x86_32 builds > > - don't fix root certificates in jessie containers as those won't be used > > anymore on the main branch. > > > > v2: > > - Remove CentOS 7.2 > > - Remove Debian Jessie test, but update container recipe for the benefit of > > older branches. > > - Fix CentOS 7 containner recipe to update all packages. (Fix missing > > update of > > HTTPS root certificates) > > > > There is work in progress [1] to update urls in our repo to use https, but > > those https urls to xenbits don't work in our containers, due to an expired > > root certificate. So we need to update those containers. > > > > This series update the dockerfile where just rebuilding the container isn't > > enough. > > LGTM. > > Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > > I'll add this to my commit sweep, and rebuild the remaining containers. > > But on that note, I noticed that the debian unstable container was 2.3G > when I last rebuilt it. Which I think is obscenely large for what we're > doing. > > Can we see about switching to slim/tiny container bases? I don't think that would help much, the non-slim container is only 116MB vs 74.6MB for the slim (amd64 containers). But maybe we could try to use "--no-install-recommends", that might save a few bytes in our containers. Cheers, -- Anthony PERARD

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.