5
netikras
31d

Trying to build a 4-5 years old project (starting with Dockerfile builds). Fixing build errors feels like fighting windmills...

wtf. It was working perfectly fine 3 yeas ago!!

All the more motivation to start using nix for project builds.... Docker simply isn't reproducible enough...

Comments
  • 0
    @mostr4am well, the idea IS good. But the language is a pain. IMO even Perl is easier to write/read than nix :D

    I haven't used it for building projects yet, still looking for strong enough motivators to sell it to my clients.
  • 3
    If it's not dns it's dependencies.

    Pin the dependencies all the way down to the base image. Even the package manager. Have the base system frozen and build on top of that layer. Push it to your docker repository so it's not lost
  • 1
    @lungdart versions are pinned. however, gradle fails to fetch them because of tls issues (too old cacerts). upgrade java, you say? incompatible with that gradle ver. + the project has to be built with that older java ver, so that would mean having 2 javas in 1 build container. upgrade gradle? need to rebuild plugins and whatnot. IDK what's waiting after that

    Ofc I could cache the whole .m2 in an OCI image, but

    - it didn't occur to me back then I would have such a problem

    - the build image would be a heeeeeaaavvyyyy one.
  • 1
    Programmed obsolescence but for code
  • 0
    docker doesn't even try to address the problem of dependency versioning. I'm appalled that we decided to install fucking desktop distros in them instead of rounding them out into a proper tool with a purpose built package manager.
  • 0
    @netikras Can't you pass HTTP options to Gradle? Also that timeline is weird, can this problem really emerge in just 5 years? I own a Samsung Galaxy Mini with Android 2 that stopped loading webpages about two years ago because its CA certs were outdated.
  • 0
    @lorentz I see no reason why it couldn't. A cert has to expire someday anyways. And cacerts are never all "fresh" in the certstore...

    ```

    > Could not GET 'https://repo.maven.apache.org/maven...'.

    > The server may not support the client's requested TLS protocol versions: (TLSv1.2, TLSv1.3). You may need to configure the client to allow other protocols to be used. See: https://docs.gradle.org/8.1.1/...

    > PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    ```

    [browser has no problems opening it; gradle 6.7-7.x, openjdk15]
  • 2
    It works on my docker virtual machine /jk
Add Comment