From 346707c5ea41639dfd43f863cc6fbb37364ff44c Mon Sep 17 00:00:00 2001
From: vincent pollet <vincent.pollet@lapp.in2p3.fr>
Date: Thu, 14 Nov 2024 15:39:52 +0100
Subject: [PATCH] Use debian slim micromamba image, because alpine images crash
 apptainer on alma9 hosts

---
 .gitlab-ci.yml         | 42 ++++++++++++++++++++++++------------------
 docker/base/Dockerfile |  4 ++--
 docker/dev/Dockerfile  |  4 ++--
 docker/test/Dockerfile |  4 ++--
 4 files changed, 30 insertions(+), 24 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a3ca326..99edba4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -44,7 +44,15 @@ variables:
         - docker/*
         - docker/**/*
     - if: $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web"  # images are rebuild for scheduled or manually triggered pipelines
-    
+
+
+# kaniko needs some configuration, which is the same for all container building jobs
+.kaniko_write_config:
+  before_script:
+    - uname -a
+    - mkdir -p /kaniko/.docker
+    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
+
 
 # We use another stage to produce the pinned dependencies files instead of using a multistage 
 # dockerfile to build a base image because 
@@ -54,9 +62,10 @@ variables:
 #   (not sure about 2, but somehow dependencies are found yet missing if test build follows dev in same stage)
 generate_pinned_env_files:
   stage: GeneratePinnedEnvFiles
-  extends: .build_dev_test_base_images
+  extends: 
+    - .build_dev_test_base_images
   image:
-    name: mambaorg/micromamba:alpine
+    name: mambaorg/micromamba:debian-slim
   script:
     - uname -a
     - eval "$(micromamba shell hook --shell bash)"
@@ -82,14 +91,13 @@ generate_pinned_env_files:
 
 build_docker_dev_image:
   stage: DockerBuildDevTestBaseImages
-  extends: .build_dev_test_base_images
+  extends: 
+    - .build_dev_test_base_images
+    - .kaniko_write_config
   image:
     name: gcr.io/kaniko-project/executor:debug
     entrypoint: [""]  # overwrite image entrypoint
   script:
-    - uname -a
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
     - >-
       /kaniko/executor
       --context "${CI_PROJECT_DIR}"
@@ -100,14 +108,13 @@ build_docker_dev_image:
 
 build_docker_test_images:
   stage: DockerBuildDevTestBaseImages
-  extends: .build_dev_test_base_images
+  extends: 
+    - .build_dev_test_base_images
+    - .kaniko_write_config
   image:
     name: gcr.io/kaniko-project/executor:debug
     entrypoint: [""]  # overwrite image entrypoint
   script:
-    - uname -a
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
     - >-
       /kaniko/executor
       --context "${CI_PROJECT_DIR}"
@@ -118,14 +125,13 @@ build_docker_test_images:
 
 build_docker_base_images:
   stage: DockerBuildDevTestBaseImages
-  extends: .build_dev_test_base_images
+  extends: 
+    - .build_dev_test_base_images
+    - .kaniko_write_config
   image:
     name: gcr.io/kaniko-project/executor:debug
     entrypoint: [""]  # overwrite image entrypoint
   script:
-    - uname -a
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
     - >-
       /kaniko/executor
       --context "${CI_PROJECT_DIR}"
@@ -167,6 +173,7 @@ unit_test:
     - pytest
       tests/
       --cov=rta_reconstruction
+      --cov-branch
       --cov-report html:htmlcov
       --cov-report xml:coverage.xml
       --cov-report term-missing:skip-covered
@@ -248,13 +255,12 @@ build_docker_image_latest:
         BUILD_DESTINATION: ${DEFAULT_BRANCH_PROD_IMAGE_PERMANENT_LOCATION}
         BASE_IMAGE_LOCATION: "${DEFAULT_BRANCH_BASE_IMAGE_PERMANENT_LOCATION}"
     - if: $CI_PIPELINE_SOURCE != "merge_request_event" # Run in all other cases, avoiding merge request pipelines
+  extends: 
+    - .kaniko_write_config
   image:
     name: gcr.io/kaniko-project/executor:debug
     entrypoint: [""]  # overwrite image entrypoint
   script:
-    - uname -a
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
     - >-
       /kaniko/executor
       --context "${CI_PROJECT_DIR}"
diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile
index 4dc5787..c265eb2 100644
--- a/docker/base/Dockerfile
+++ b/docker/base/Dockerfile
@@ -1,4 +1,4 @@
-FROM mambaorg/micromamba:alpine
+FROM mambaorg/micromamba:debian-slim
 
 # micromamba dockerfile makes use of SHELL. If it is overwritten
 # the auto-activate might not work
@@ -10,7 +10,7 @@ FROM mambaorg/micromamba:alpine
 
 # We need git for setuptools scm to automatically detect version
 USER root
-RUN apk update && apk upgrade --no-cache && apk add git git-lfs
+RUN apt update && apt upgrade -y && apt install -y git git-lfs && apt clean && apt autoremove
 USER $MAMBA_USER
 
 # Copy the pinned dependencies file. It is generated in the first CI stage and made an artifact
diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile
index 68834dd..f1b67b0 100644
--- a/docker/dev/Dockerfile
+++ b/docker/dev/Dockerfile
@@ -1,4 +1,4 @@
-FROM mambaorg/micromamba:alpine
+FROM mambaorg/micromamba:debian-slim
 
 # micromamba dockerfile makes use of SHELL. If it is overwritten
 # the auto-activate might not work
@@ -10,7 +10,7 @@ FROM mambaorg/micromamba:alpine
 
 # We need git for setuptools scm to automatically detect version
 USER root
-RUN apk update && apk upgrade --no-cache && apk add git git-lfs
+RUN apt update && apt upgrade -y && apt install -y git git-lfs && apt clean && apt autoremove
 # We need to change the permissions on /opt/conda so that other users will be able to modify the environment
 # this is required to let the developers entering the container with their own "uid" to be able to install/modify
 # dependencies. 
diff --git a/docker/test/Dockerfile b/docker/test/Dockerfile
index 11f0bfd..36610bb 100644
--- a/docker/test/Dockerfile
+++ b/docker/test/Dockerfile
@@ -1,4 +1,4 @@
-FROM mambaorg/micromamba:alpine
+FROM mambaorg/micromamba:debian-slim
 
 # micromamba dockerfile makes use of SHELL. If it is overwritten
 # the auto-activate might not work
@@ -10,7 +10,7 @@ FROM mambaorg/micromamba:alpine
 
 # We need git for setuptools scm to automatically detect version
 USER root
-RUN apk update && apk upgrade --no-cache && apk add git git-lfs
+RUN apt update && apt upgrade -y && apt install -y git git-lfs && apt clean && apt autoremove
 # We need to change the permissions on /opt/conda so that other users will be able to modify the environment
 # this is required to let the developers entering the container with their own "uid" to be able to install/modify
 # dependencies. 
-- 
GitLab