Person: he can now take these two files anywhere and rebuild the exact See the "Replicating Guix" section in the manual.Īwesome, isn't it? These last two outputs are equivalent to Alice's capture the channels being used, as returned by "guix describe". To reproduce the exact same profile, you also need to This "manifest" file can be passed to 'guix package -m' to reproduce $ guix package -p gnu/store/ia1sxr3qf3w9dj7y48rwvwyx289vpfgi-profile -export-manifest
'guix time-machine -C' to obtain the Guix revision that was This channel file can be passed to 'guix pull -C' or to Manifest: $ guix package -p gnu/store/ia1sxr3qf3w9dj7y48rwvwyx289vpfgi-profile -export-channels Guix to export that metadata in the form of a list of channels and a Wow! Is it really a regular profile? Yes, it is! Because that profileĬontains provenance metadata (thanks to -save-provenance), we can ask └── ia1sxr3qf3w9dj7y48rwvwyx289vpfgi-profile $ tar -xf /tmp/re-pack.tar $(tar -tf /tmp/re-pack.tar | grep 'profile/manifest') $ docker export -o /tmp/re-pack.tar $(docker ps -a -format ""| head -n1) Let’s get back the recipe of this smoothie.įirst, let’s start the container, which makes it easier to export as a
But overall, it’s safe to assume that a regular Dockerfileĭoes not describe a reproducible build process.įortunately, Bob remembers this Docker image had been produced with Guix Recreate the image, assuming everything in the image was taken fromĭebian. Ways to mitigate it, for instance by resorting to The resources it refers to have vanished from the Internet. Running apt-get update), or it may simply fail because some of Running docker build on that Dockerfile would probably give aĭifferent result than back then (for instance because it starts by Produced with a Dockerfile, the game would most likely be over: The files manifest.scm and channels.scm sadly disappeared a long time ago, Or maybe he wants to studyĪ specific aspect to better understand a specific result. Obtained with this Docker image are correct or not.
Produced, because maybe he found a bug and wants to know if all the results Or he needs to scrutinize how all the binaries in this stack are Versions on another machine using plain relocatable tarballs, forĮxample.
#Docker run image at revision code#
Bob retrieves and runs code from Alice’s imageīob works with Alice's Docker image. Singularity image (other container format) To guix pack,ĭocker images are one container format among others for instance guix pack -f squashfs -save-provenance -m manifest.scm generates a The Docker image itself - no Dockerfile involved. Guix manages everything, from the binary packages and all the requirements to On a side note, the Docker image is produced directly by Guix. Tarball using Docker tools, like so: $ docker load > import numpy as np Scientific stack with this command: guix pack -f docker -save-provenance -m manifest.scmįor the next step, one option is to locally load the generated Not running Guix but instead running Docker, she just Because Alice needs to run this stack on some infrastructure Which returns this: ( list ( channel ( name 'guix ) ( url "" ) ( commit "fb32a38db1d3a6d9bc970e14df5be95e59a8ab02" ) ( introduction ( make-channel-introduction "9edb3f66fd807b096b48283debdcddccfea34bad" ( openpgp-fingerprint "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" ) ) ) ) ) The exact same computational environment.Ĭoncretely, manifest.scm reads: ( specifications->manifest ( list "python" "python-numpy" ) )Īlice produces the channels.scm file by running guix describe -f channels, With these two files, one can redeploy using Package set and channels.scm containing the state of Guix (in other words, She stores along her project the files manifest.scm containing the Alice generates a Docker imageĪlice is working on a standard scientific stack using Python. Verifiable Docker images built by guix pack. The scenario below illustrates how one can ship reproducible and Reproducibility is: where do binaries come from, and using which tool? Instead the concrete question when talking about The aim of this post is to demonstrate that the issue is not Docker Things, the core question is how these things are produced. Although containers are an efficient way to ship You can immediately tell whether it’s your liking, but you can hardly We like to say that Docker images are like