#1213 Toolbx: Don't leak DISTTAG and FGC into the container
Merged a year ago by humaton. Opened a year ago by rishi.

file modified
+1 -1
@@ -204,7 +204,7 @@ 

              'factory-parameters': {

                  'dockerversion': "1.10.1",

                  'docker_cmd':  '[ "/bin/bash" ]',

-                 'docker_env': '[ "DISTTAG=f40container", "FGC=f40", "container=oci" ]',

+                 'docker_env': '[ "container=oci" ]',

                  'docker_label': '{ "name": "fedora", "license": "MIT", "vendor": "Fedora Project", "version": "40", "com.github.containers.toolbox": "true"}',

              },

          }

file modified
+1 -1
@@ -261,7 +261,7 @@ 

              'factory-parameters': {

                  'dockerversion': "1.10.1",

                  'docker_cmd':  '[ "/bin/bash" ]',

-                 'docker_env': '[ "DISTTAG=f40container", "FGC=f40", "container=oci" ]',

+                 'docker_env': '[ "container=oci" ]',

                  'docker_label': '{ "name": "fedora", "license": "MIT", "vendor": "Fedora Project", "version": "40", "com.github.containers.toolbox": "true"}',

              },

          }

While DISTTAG and FGC are not very common names for environment
variables, they are still not properly namespaced, and hence pollute the
global namespace for environment variables. The less that happens, the
better.

Signed-off-by: Debarshi Ray rishi@fedoraproject.org

rebased onto 40b7008555b89d3f705d4d8cd0ffbdf30db30a68

a year ago

This is NOT meant for Fedora 39. It's purely an exploratory change aimed at Fedora 40.

I think this was used when we pulled base images into OSBS to build layered images?

I can't seem to find much about it though...

I think this was used when we pulled base images into OSBS
to build layered images?

I can't seem to find much about it though...

Yes, the OSBS built fedora-toolbox images had DISTTAG and FGC defined in them, but they didn't come from the Dockerfile. So, I can only assume that it came from the build system.

Maybe we can try to drop them early in the Fedora 40 cycle and see if there's any fallout? What about the other images?

A few scratch builds without DISTTAG and FGC:
https://koji.fedoraproject.org/koji/taskinfo?taskID=108081570
https://koji.fedoraproject.org/koji/taskinfo?taskID=108082734
https://koji.fedoraproject.org/koji/taskinfo?taskID=108089874

The aarch64 have always failed in my attempts to scratch build the fedora-toolbox image using Image Factory, with or without this change. It says:

ApplianceError: Image status is FAILED: Automated install failed or prompted for input. See the screenshot in the task results for more information

rebased onto 7a5c606

a year ago

Pull-Request has been merged by humaton

a year ago
Metadata