Quote:
Originally Posted by Grue
I have spent zero amount of time ****ing around with docker and my life seems better for it.
I really think it's great. For this project, like I said, I had to build installer packages. I actually built deb, rpm and a windows msi. The build "system" is just a dockerfile and a small bash script. Anyone, anywhere in our org, can just say
docker run osquery-build-windows
or
docker run osquery-build-linux
and it'll work perfectly. They don't have to have anything installed on their machine except docker.
Likewise, to test the installer packages, there is a dockerfile/script that goes through the motions of adding our repo to your system, installing the package, running it, and uninstalling it. Same - there are zero dependencies on your system except docker.
Adding these to build system like jenkins or bamboo is trivial, because again, no dependencies. It's a one liner that will take me a minute or two at most.
A really nice thing about it, also, is that whenever you stop and restart a docker container, it reverts to it's base image. Anything you did in the last run is gone, unless you explicitly save it outside the container. This means that I could test installing and uninstalling a package hundreds of times without accidentally contaminating my system. You could do this with a normal VM and a checkpoint, and with some VMs you could probably even automate it, but this is a lot easier, and when I'm done, I don't have to ship someone my VM image for them to be able to do it.
It's not complicated either. There are a few concepts that take a little while to get comfortable with, but after that, making new dockerfiles or docker-compose files is quick and easy.