1. Patchew
  2. Xen
  3. View series

[XEN PATCH] automation: Use --no-install-recommends and -slim base for debian/unstable

Anthony PERARD posted 1 patch 1 year, 1 month ago
Test gitlab-ci passed
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20230303165258.12577-1-anthony.perard@citrix.com
automation/build/debian/unstable-i386.dockerfile | 6 ++++--
automation/build/debian/unstable.dockerfile      | 6 ++++--
2 files changed, 8 insertions(+), 4 deletions(-)
[XEN PATCH] automation: Use --no-install-recommends and -slim base for debian/unstable
Posted by Anthony PERARD 1 year, 1 month ago 
Use "--no-install-recommends" to avoid installing many packages that
aren't needed, many are *-doc packages. Also start using the -slim
base image as they remove a few unused files/directories, like docs/.

Explicitly install "ca-certificates" as it is only recommended for
"wget".
Explicitly install "ocaml-findlib" as it is only recommended for
"libfindlib-ocaml-dev".

Using "--no-install-recommends" saves about 600MB on the uncompress
image. 2.89GB vs 2.3GB (value from `docker image list`).

Switching to -slim save about 130MB.

Overwall, we go from 2.89GB to 2.17GB.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
---

Notes:
    Change to use "-slim" was proposed by Andy. I went futher and added
    --no-install-recommends.
    
    I've tried to find other missing packages by looking at differences
    in  "tools/config.log", "stubdom/config.log", "config/", and
    "xen/.config".
    
    A test is in progress to check that no jobs are broken, but result
    probably not before next week.
        https://gitlab.com/xen-project/people/anthonyper/xen/-/pipelines/795600920
    
    I've only tested gcc debug=n on x86_64 locally.

 automation/build/debian/unstable-i386.dockerfile | 6 ++++--
 automation/build/debian/unstable.dockerfile      | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/automation/build/debian/unstable-i386.dockerfile b/automation/build/debian/unstable-i386.dockerfile
index 1c4928b09e..cc116d32e9 100644
--- a/automation/build/debian/unstable-i386.dockerfile
+++ b/automation/build/debian/unstable-i386.dockerfile
@@ -1,4 +1,4 @@
-FROM i386/debian:unstable
+FROM i386/debian:unstable-slim
 LABEL maintainer.name="The Xen Project" \
       maintainer.email="xen-devel@lists.xenproject.org"
 
@@ -12,7 +12,8 @@ ENTRYPOINT ["linux32"]
 
 # build depends
 RUN apt-get update && \
-    apt-get --quiet --yes install \
+    apt-get --quiet --no-install-recommends --yes install \
+        ca-certificates \
         build-essential \
         zlib1g-dev \
         libncurses5-dev \
@@ -35,6 +36,7 @@ RUN apt-get update && \
         libc6-dev \
         libnl-3-dev \
         ocaml-nox \
+        ocaml-findlib \
         libfindlib-ocaml-dev \
         markdown \
         transfig \
diff --git a/automation/build/debian/unstable.dockerfile b/automation/build/debian/unstable.dockerfile
index 6ef2878200..06ac909a85 100644
--- a/automation/build/debian/unstable.dockerfile
+++ b/automation/build/debian/unstable.dockerfile
@@ -1,4 +1,4 @@
-FROM debian:unstable
+FROM debian:unstable-slim
 LABEL maintainer.name="The Xen Project" \
       maintainer.email="xen-devel@lists.xenproject.org"
 
@@ -10,7 +10,8 @@ WORKDIR /build
 
 # build depends
 RUN apt-get update && \
-    apt-get --quiet --yes install \
+    apt-get --quiet --no-install-recommends --yes install \
+        ca-certificates \
         build-essential \
         zlib1g-dev \
         libncurses5-dev \
@@ -34,6 +35,7 @@ RUN apt-get update && \
         libc6-dev-i386 \
         libnl-3-dev \
         ocaml-nox \
+        ocaml-findlib \
         libfindlib-ocaml-dev \
         markdown \
         transfig \
-- 
Anthony PERARD
Re: [XEN PATCH] automation: Use --no-install-recommends and -slim base for debian/unstable
Posted by Stefano Stabellini 1 year, 1 month ago 
On Fri, 3 Mar 2023, Anthony PERARD wrote:
> Use "--no-install-recommends" to avoid installing many packages that
> aren't needed, many are *-doc packages. Also start using the -slim
> base image as they remove a few unused files/directories, like docs/.
> 
> Explicitly install "ca-certificates" as it is only recommended for
> "wget".
> Explicitly install "ocaml-findlib" as it is only recommended for
> "libfindlib-ocaml-dev".
> 
> Using "--no-install-recommends" saves about 600MB on the uncompress
> image. 2.89GB vs 2.3GB (value from `docker image list`).
> 
> Switching to -slim save about 130MB.
> 
> Overwall, we go from 2.89GB to 2.17GB.
> 
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>

Hi Anthony, I like this, thank you for doing this. I hate to be the guy
to ask "could you also..." but could you also do the same for the other
Debian Unstable containers? We have:

unstable-arm64v8-arm32-gcc.dockerfile
unstable-arm64v8.dockerfile
unstable-cppcheck.dockerfile
unstable.dockerfile
unstable-i386.dockerfile

I think it would be a good idea to be consistent and update them all?

Contact me privately if you need a native arm64 environment.



> ---
> 
> Notes:
>     Change to use "-slim" was proposed by Andy. I went futher and added
>     --no-install-recommends.
>     
>     I've tried to find other missing packages by looking at differences
>     in  "tools/config.log", "stubdom/config.log", "config/", and
>     "xen/.config".
>     
>     A test is in progress to check that no jobs are broken, but result
>     probably not before next week.
>         https://gitlab.com/xen-project/people/anthonyper/xen/-/pipelines/795600920
>     
>     I've only tested gcc debug=n on x86_64 locally.
> 
>  automation/build/debian/unstable-i386.dockerfile | 6 ++++--
>  automation/build/debian/unstable.dockerfile      | 6 ++++--
>  2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/automation/build/debian/unstable-i386.dockerfile b/automation/build/debian/unstable-i386.dockerfile
> index 1c4928b09e..cc116d32e9 100644
> --- a/automation/build/debian/unstable-i386.dockerfile
> +++ b/automation/build/debian/unstable-i386.dockerfile
> @@ -1,4 +1,4 @@
> -FROM i386/debian:unstable
> +FROM i386/debian:unstable-slim
>  LABEL maintainer.name="The Xen Project" \
>        maintainer.email="xen-devel@lists.xenproject.org"
>  
> @@ -12,7 +12,8 @@ ENTRYPOINT ["linux32"]
>  
>  # build depends
>  RUN apt-get update && \
> -    apt-get --quiet --yes install \
> +    apt-get --quiet --no-install-recommends --yes install \
> +        ca-certificates \
>          build-essential \
>          zlib1g-dev \
>          libncurses5-dev \
> @@ -35,6 +36,7 @@ RUN apt-get update && \
>          libc6-dev \
>          libnl-3-dev \
>          ocaml-nox \
> +        ocaml-findlib \
>          libfindlib-ocaml-dev \
>          markdown \
>          transfig \
> diff --git a/automation/build/debian/unstable.dockerfile b/automation/build/debian/unstable.dockerfile
> index 6ef2878200..06ac909a85 100644
> --- a/automation/build/debian/unstable.dockerfile
> +++ b/automation/build/debian/unstable.dockerfile
> @@ -1,4 +1,4 @@
> -FROM debian:unstable
> +FROM debian:unstable-slim
>  LABEL maintainer.name="The Xen Project" \
>        maintainer.email="xen-devel@lists.xenproject.org"
>  
> @@ -10,7 +10,8 @@ WORKDIR /build
>  
>  # build depends
>  RUN apt-get update && \
> -    apt-get --quiet --yes install \
> +    apt-get --quiet --no-install-recommends --yes install \
> +        ca-certificates \
>          build-essential \
>          zlib1g-dev \
>          libncurses5-dev \
> @@ -34,6 +35,7 @@ RUN apt-get update && \
>          libc6-dev-i386 \
>          libnl-3-dev \
>          ocaml-nox \
> +        ocaml-findlib \
>          libfindlib-ocaml-dev \
>          markdown \
>          transfig \
> -- 
> Anthony PERARD
>

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.