Stop relying on ReleaseId/DisplayVersion registry keys #191
Conversation
slonopotamus
force-pushed
the
build-number-instead-of-release-display-version
branch
from
f9c6ca6 to
afedf9f
Compare
slonopotamus
force-pushed
the
build-number-instead-of-release-display-version
branch
3 times, most recently
from
0b26b66 to
158975d
Compare
| # The list of Windows Server Core container image releases that are unsupported due to having reached EOL | ||
| _eolReleases = ['1903', '1909'] |
There was a problem hiding this comment.
Windows 10 2004 hits EOL in December, and 20H2 EOLs in May next year. So if we just disappear them entirely, then we lose support for any Windows Client platforms.
I'd keep the EOL support around until we either decide to drop Windows 10 process isolation support once there's no supported base images available, or something changes on the MS side, or some other intervening idea occurs.
Better to say "Yes, we recognise this, it's EOL, are you sure you want to continue" when we can recognise a version.
Also, these two versions are only blacklisted for Docker versions before 19.03.6, so this change actually promotes them from EOL warning with user-override to "supported", i.e. silently accepted.
There was a problem hiding this comment.
The trick is that they're blacklisted as a host and EOL as a target. We silently allow building supported versions on EOL hosts even before this commit.
There was a problem hiding this comment.
Windows 10 2004 hits EOL in December, and 20H2 EOLs in May next year. So if we just disappear them entirely, then we lose support for any Windows Client platforms.
OK, agreed.
There was a problem hiding this comment.
Ah, good point. I'm fine with not complaining about using an EOL host to build a supported target.
I'm ambivalent about complaining when we try to use an EOL target; I'd lean towards keeping the warning around based on the calculated base tag (i.e. after applying the user's specified base tag), but that isn't really comprehensive or reliable (e.g., basetag 1909-KB4574727-amd64 would not be recognised), so I don't mind if we drop it now.
My personal use-cases are 100% process-isolation-based (and Windows Server LTSC-based 95% of the time), so I haven't had any value from the EOL warning myself.
I'd be interested to know if @adamrehn has any concerns about dropping this (or use-cases where it prevents a bad outcome), but if not, then I'm happy to resolve this thread.
There was a problem hiding this comment.
basetag 1909-KB4574727-amd64 would not be recognised
ue4-docker doesn't support building targets that are not hardcoded in valid tags list at all. #166 wanted to change that, but kinda failed.
I thought about 20H2 again. I very doubt that anyone would want to build ue4-docker images for it after it gets EOLed. If they're on a newer host, they would need to use Hyper-V isolation. And if you use Hyper-V isolation, why not just use a supported target version? Alternatively, they still run EOLed 20H2 on their host. Well, if you use EOLed Windows, also use EOLed version of ue4-docker that has 20H2 support, no?
|
I think I broke the logic that checks if host is older than target again (as it attempted to happen in #166). |
Does making This whole test relies heavily on That said, if the user provides a base tag, e.g., they're deliberately building an EOL target container that we no longer know about, the |
In Python, plain
Aaand... That's exactly what I did in #166 :D |
|
And as I hid in my last wall-of-text comment on #166, I think sorting/ordering is fighting a losing battle. We can catch some of the problems, some of the time. We cannot correctly handle unknown things by SAC-style tags (i.e. We can know the host build number, but for base tags, we can only know by either inspecting the manifest (which assumes we have the manifest at the time of running ue4-docker, and we can't assume that), or by knowing that certain images (path + tag) map to certain kernel builds, and that goes out the window as soon as I locally modify ue4-docker to use a local pull-through on-site Artifactory proxy in front of mcr.microsoft.com (or to target Insider builds, or both), or need to target a specific immutable version tag with What if we drop the newer/older/etc. testing, and instead (not in this PR...) actually do a We could try guessing, and perhaps even inspect the image (I think we can get that metadata) but that's a bonus at that point. |
|
So, let's agree that we want to extend current "we only accept things that we know" to "we accept whatever user gave as input" and just disable our checks for unknown tags? |
|
Regarding version ordering, there are really only two scenarios where we actually care about the version relationship between the host and the target:
All of the ordering checks were implemented with DLL copying in mind and they've resulted in a number of limitations, such as awkwardness when using Insider Builds of Windows. With the DLL copying issue resolved, I'm all in favour of eliminating the ordering checks and performing a simple test to verify the ability to run containers as described by @TBBle above. |
I checked in-passing, and We could in-fact auto-switch to Hyper-V isolation and/or reject the image if we first Obviously if we're not going to actually do the build now, we shouldn't be pulling or inspecting stuff, as the host system may not be the final place it's being run anyway. Anyway, it's a future thing to do, but at least it seems feasible. |
slonopotamus
force-pushed
the
build-number-instead-of-release-display-version
branch
from
158975d to
15c08cb
Compare
|
Okay, I think I did it this time. We now:
|
slonopotamus
force-pushed
the
build-number-instead-of-release-display-version
branch
from
15c08cb to
17c48c1
Compare
Instead, we now use Windows build numbers to identify host system. This commit also allows to use any existing Windows Server Core base tag. This is a preparation step to add support for Windows Server 2022 LTSC, whose DisplayVersion (21H2) collides with Windows 10 21H2 and Windows 11 21H2.
slonopotamus
force-pushed
the
build-number-instead-of-release-display-version
branch
from
17c48c1 to
c7e23c3
Compare
|
@TBBle did you have a chance to look at updated changes? |
|
|
||
| @staticmethod | ||
| def isNewerBaseTag(older: str, newer: str) -> bool: | ||
| def isNewerBaseTag(older: str, newer: str) -> Optional[bool]: |
There was a problem hiding this comment.
Non-blocking nit-pick: I'm reasonably unfond of Optional[bool], but don't have a better option, except letting the ValueError bubble up, or throwing a custom exception, and catching that in the caller.
There was a problem hiding this comment.
Dunno, these both look equally ugly to me :D
I'd actually make a enum { Newer, Older, Unknown } but don't think it will improve anything at all given that we're in Python that doesn't even have switch/case. Okay, it got it in 3.10, but that's too much new yet to use.
slonopotamus
deleted the
build-number-instead-of-release-display-version
branch
Instead, we now use Windows build numbers to identify host system.
This is a preparation step to add support for Windows Server 2022 LTSC,
whose DisplayVersion (21H2) collides with Windows 10 21H2 and Windows 11 21H2.
This commit also removes EOLed Windows 1903 and 1909 in order to reduce lookup tables that we have to hardcode.