From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1EDAD438CD; Mon, 15 Jan 2024 10:23:12 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D8991402C6; Mon, 15 Jan 2024 10:23:11 +0100 (CET) Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by mails.dpdk.org (Postfix) with ESMTP id DF0F9402C0 for ; Mon, 15 Jan 2024 10:23:10 +0100 (CET) Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-558fc54e28eso1568046a12.1 for ; Mon, 15 Jan 2024 01:23:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pantheon.tech; s=google; t=1705310590; x=1705915390; darn=dpdk.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Np2WDuIkfjGGGMa0JNyuBieRBpWfD648duAKICn3oPc=; b=khpqbRP7ctRGnmsPBhMGMPrbgaz+hBKtyeTVURcXaNX3PCJA3khEeimPpQG0j0a+sQ aYXJxKIQjqfuhIqqbvGLwXLpMH1V25beFr9nnan6tBpnGIH0pYloc/Z6wMpk7EYQ/y6p eE3Qw6AjadypQtZneORo4f1qErxc8Y/gNAcKdAUzMJThznIPlUCmo/OCZWhtR0rfIw4p PzfDJfG1JfkW6pAdS1r4xB0uV/5gjEk1ygjOSFieoq7aofvvJX8JsJIXXeO8jrTkew5m sdvLcVCQUc/FMfqk1otD3s6Nd2JpO6KwfJkg07K6y8uGcHse4PmlmlraWADOnr4kQsMB 14vg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705310590; x=1705915390; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Np2WDuIkfjGGGMa0JNyuBieRBpWfD648duAKICn3oPc=; b=qkPkA1dcbyj0tF0M7Rk1udAbtF2co2WBO0YXxkQErXPW7SOaQvfIUys6S5PkdvJBFO Y5d3hpZ8vJUAHTT3640snHIp+4CUb4lYvmrbELmtkL+nDrY0OpbjDreO5FpXLB33IqaA LNesqxoSq54j0RKHwRV/ndZuEVqjoY8Z6WMwl7lyq+L1qoJ4Xsy44Re2N5xr3yColO+p OrRzJ8O3GwLKQtoTktq8pfSFSqqnMB/Fn2R42epb5IOfzFJCryoJHdAE2sPtj/rDBkLr riEmfFhcd359nHAJQYPeatLNEfJuY8bLXiAzZskYaORjkD5BfYGrBzP14sUXSiSt/3Z1 UvXA== X-Gm-Message-State: AOJu0YzH91HaL/0yPIITBezjxgQSeGCbo5uXjCJusLNcyAADBhnEFC9n PWAAvfQe09/qSWkF+gNxTxOfsROTqXZ0y5D+0lz89RoQNtIIwQ== X-Google-Smtp-Source: AGHT+IGLSw3WNFx/yGmBD3KRWx5O8k5DCukL8cyFvyZ3s3KA2U75OUDxCGqjM2Di5OPSXfZ6eINPmH5G0QLnyQjExfo= X-Received: by 2002:a17:907:3688:b0:a28:fdac:c985 with SMTP id bi8-20020a170907368800b00a28fdacc985mr2689132ejc.81.1705310590523; Mon, 15 Jan 2024 01:23:10 -0800 (PST) MIME-Version: 1.0 References: <20240111213505.4577-2-jspewock@iol.unh.edu> <20240111222608.13239-1-jspewock@iol.unh.edu> In-Reply-To: From: =?UTF-8?Q?Juraj_Linke=C5=A1?= Date: Mon, 15 Jan 2024 10:22:59 +0100 Message-ID: Subject: Re: [PATCH v3] dts: add Dockerfile To: Jeremy Spewock Cc: Honnappa.Nagarahalli@arm.com, thomas@monjalon.net, wathsala.vithanage@arm.com, probb@iol.unh.edu, paul.szczepanek@arm.com, yoan.picchi@foss.arm.com, dev@dpdk.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Fri, Jan 12, 2024 at 3:59=E2=80=AFPM Jeremy Spewock wrote: > > > > On Fri, Jan 12, 2024 at 5:23=E2=80=AFAM Juraj Linke=C5=A1 wrote: >> >> > diff --git a/dts/.devcontainer/devcontainer.json b/dts/.devcontainer/d= evcontainer.json >> > new file mode 100644 >> > index 0000000000..6313cd3ded >> > --- /dev/null >> > +++ b/dts/.devcontainer/devcontainer.json >> > @@ -0,0 +1,33 @@ >> > +// For format details, see https://aka.ms/devcontainer.json. For conf= ig options, see the README at: >> > +// https://github.com/microsoft/vscode-dev-containers/tree/v0.241.1/c= ontainers/docker-existing-dockerfile >> > +{ >> > + "name": "Existing Dockerfile", >> > + >> > + // Sets the run context to one level up instead of the .devcon= tainer folder. >> > + "context": "..", >> > + >> > + // Update the 'dockerFile' property if you aren't using the st= andard 'Dockerfile' filename. >> > + "dockerFile": "../Dockerfile", >> > + >> > + // Use 'forwardPorts' to make a list of ports inside the conta= iner available locally. >> > + // "forwardPorts": [], >> > + >> > + // Uncomment the next line to run commands after the container= is created - for example installing curl. >> >> The next line is uncommented, we should update or remove the comment. > > > Good catch, I'll change this. > >> >> >> > + "postCreateCommand": "poetry install --no-root", >> > + >> > + "extensions": [ >> > + "ms-python.vscode-pylance", >> > + ] >> > + >> > + // Uncomment when using a ptrace-based debugger like C++, Go, = and Rust >> > + // "runArgs": [ "--cap-add=3DSYS_PTRACE", "--security-opt", "s= eccomp=3Dunconfined" ], >> > + >> > + // Uncomment to use the Docker CLI from inside the container. = See https://aka.ms/vscode-remote/samples/docker-from-docker. >> > + // "mounts": [ "source=3D/var/run/docker.sock,target=3D/var/ru= n/docker.sock,type=3Dbind" ], >> > + >> > + // Uncomment to mount your SSH keys into the devcontainer used= by vscode. >> > + // "mounts": ["source=3D${localEnv:HOME}/.ssh,destination=3D/r= oot/.ssh,type=3Dbind,readonly"] >> >> Should this SSH key correspond to the user below? > > > On one hand I agree it would be better to unify the two options, but on t= he other we don't make a remote user in the docker image so the option belo= w can't be used anyway. I would be more in favor of just removing the remot= eUser option and leaving this the way it is as that would line up better wi= th what you can actually do with the container image we provide. > > Leaving it as a stub for something that could be done isn't a bad either = though, or I could also add the remote user to the container, but I don't r= eally see the need for a non-root user for running DTS currently. > Thanks for the explanation. As there is no need for it and adding things that could be done (in other tools) seems out of scope to me, let's remove it. >> >> >> > + >> > + // Uncomment to connect as a non-root user if you've added one= . See https://aka.ms/vscode-remote/containers/non-root. >> > + // "remoteUser": "vscode" >> > +} >> >> >> >> > diff --git a/dts/README.md b/dts/README.md >> > new file mode 100644 >> > index 0000000000..dc88ec585e >> > --- /dev/null >> > +++ b/dts/README.md >> > @@ -0,0 +1,70 @@ >> >> > +#### Start docker container with SSH keys >> > + >> > +```shell >> > +docker build --target dev -t dpdk-dts . >> > +docker run -v $(pwd)/..:/dpdk -v /home/dtsuser/.ssh:/root/.ssh:ro -it= dpdk-dts bash >> >> We talked about possibly baking the key into the image, but this seems >> safer and pretty easy to use. >> I understand this is tailored to the lab and I'm thinking about other >> possible use cases, but it seems there would only be convoluted ones >> (possibly with some extra security considerations, which is generally >> not needed for testing purposes) where this doesn't do what we want it >> to. I'd say this is good enough. >> >> >> > +$ poetry install >> > +$ poetry shell >> > +``` >> > +