[Bug 1926732] Re: Add ubuntu-oci project for building OCI-ready tarballs with livecd-rootfs

Wed May 12 15:26:21 UTC 2021

Hello Thomas, or anyone else affected,

Accepted livecd-rootfs into bionic-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/livecd-
rootfs/2.525.53 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Tags added: verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1926732

Title:
  Add ubuntu-oci project for building OCI-ready tarballs with livecd-
  rootfs

Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in livecd-rootfs source package in Bionic:
  Fix Committed
Status in livecd-rootfs source package in Focal:
  Fix Committed
Status in livecd-rootfs source package in Groovy:
  Fix Committed
Status in livecd-rootfs source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Currently the ubuntu-base livecd-rootfs project is used to build tarballs that are the base for building docker/OCI images.
  The tarballs produced with the ubuntu-base project are modified externally (see https://github.com/tianon/docker-brew-ubuntu-core/blob/master/update.sh ) to create the "official" ubuntu images on dockerhub.

  When including the ubuntu-oci project into livecd-rootfs, we can build
  tarballs that already contain the changes that are currently done
  externally. This has multiple advantages:

  1) a Dockerfile using that tarball would no longer have to modify anything (means less layers)
  2) publishing new OCI images no longer depends on the external dockerhub image creation. Currently eg. the AWS ECR ubuntu containers depend on the containers from dockerhub. That would be no longer the case with this change
  3) Possible faster reaction on CVEs. no longer depending on external processes.

  [Test Plan]

  1) build ubuntu-oci project
  a) Build a test ubuntu-oci tarball with ubuntu-old-fashioned:

  ./scripts/ubuntu-bartender/ubuntu-bartender --no-cleanup --  --series
  impish --image-format plain --project ubuntu-oci --subproject
  minimized

  b) create a Dockerfile using the tarball created in step 1):

  cat << EOF > Dockerfile
  FROM scratch
  ADD ubuntu-impish-oci-cloudimg-amd64-root.tar.gz /
  CMD ["/bin/bash"]
  EOF

  c) build the container

  docker build .

  d) run something in the container:

  docker run -it $container-id uname -a

  e) check the size of the docker image and compare with the image for
  the same series available on dockerhub

  2) build another project (ubuntu-base minimized)
  a) Build a test ubuntu-base minimized project with ubuntu-old-fashioned to make sure the build does not break

  [Where problems could occur]

  This change could break other livecd-rootfs projects which might lead
  to failed builds. But beside that, there is nothing I can think of
  that would be affected by this change.

  [Other Info]

  When this is accepted, there will be livefs builds available at
  https://launchpad.net/~cloud-images-release-
  managers/+livefs/ubuntu/$SERIES/ubuntu-oci

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1926732/+subscriptions