-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker Update and Continuous Deployment #19
Conversation
@JakeChampion, @AlbertoElias, @alicebartlett, @onishiweb, @j-mes, would be good to get your thoughts/feedback on this. We can discuss in-person as a group if it's easier. |
insert_final_newline = true | ||
charset = utf-8 | ||
|
||
[**{.js,.scss,.html,.mustache,.md,.yml}] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.yml
forbids tabs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, I got that wrong, and preventing yml from having tabs is the entire reason I added this file 😂
@@ -1,44 +1,22 @@ | |||
FROM heroku/cedar:14 | |||
FROM mhart/alpine-node:4 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not mentioned anywhere in this PR why the change from cedar to alpine was made.
Below is the explanation given in the heroku-docker-node-alpine-example repository
Heroku's Cedar base image is based upon Ubuntu, which was not developed with the idea of being run inside a container, incidentally making the image size rather large. Heroku's Cedar also installs a lot of packages to cover the needs of most Heroku developers' applications.
Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. An Alpine Linux image requires no more than 8 MB.
A smaller base image with fewer dependencies gives benefits such as a faster build/deploy time, smaller artifacts created for each build, and a smaller surface area to check for security vulnerabilities.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is alpine likely to continue to be maintained? Is that a concern?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a major concern, the community around Alpine is large.
|
||
To SSH into the web container, you first need to SSH into the Docker VM, and then into the container you want: | ||
```sh | ||
open "http://$(docker-machine ip dev):8080/" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove dev
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
production: | ||
branch: docker | ||
commands: | ||
- 'echo "machine api.heroku.com login rowan.manning@ft.com password ${HEROKU_AUTH_TOKEN}" >> ${HOME}/.netrc; chmod 0600 /home/ubuntu/.netrc;' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: This application will fail to deploy from CI is @rowanmanning ever renews his Heroku authentication token.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could maybe do with an Origami Heroku account for this kind of thing? It would also fail if I ever get removed from the Heroku org.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this is not something the Heroku Working Group within the FT advocate people to do.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, we'll just need to keep an eye on it then
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, this kind of sucks. I'm using my account for browser tests with nightwatch
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in Next we use my HEROKU_AUTH_TOKEN
and push it out to all our CircleCI configs. I can setup origami-build-service with this if you like and then Next can manage this for you ^^
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For the unitiated, what does the machine
command do and how is it available in the circle environment?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@triblondon run this on your mac cat ~/.netrc
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can create an Origami heroku account by the way, I spoke with the Heroku Working Group and they verified this is a good approach for Origami to take with it's deployments.
this is a huge improvement to our deployment process, and this PR explains your changes really well too. |
|
||
[**{.yml}] | ||
indent_style = space | ||
indent_size = 2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should me move this stuff into obt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could have a copy in there, yes, but the editorconfig plugins rely on there being a .editorconfig
file in the project root.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mean the IDE plugins? We should probably discuss what's the best way
to use editorconfig
This email was sent by a company owned by Financial Times Group Limited
("FT Group http://aboutus.ft.com/corporate-information/#axzz3rajCSIAt"),
registered office at Number One Southwark Bridge, London SE1 9HL.
Registered in England and Wales with company number 879531. This e-mail may
contain confidential information. If you are not the intended recipient,
please notify the sender immediately, delete all copies and do not
distribute it further. It could also contain personal views which are not
necessarily those of the FT Group. We may monitor outgoing or
incoming emails as permitted by law.
Very nice. |
Docker Update and Continuous Deployment
"build": "touch ./appversion; docker-compose build; rm -f ./appversion" | ||
|
||
"build": "docker build -t registry.heroku.com/origami-buildservice-qa/web .", | ||
"deploy": "docker push registry.heroku.com/origami-buildservice-qa/web" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just been thinking a bit more about this. It seems like these scripts are a mixture of tasks run inside the container and tasks run outside the container. Maybe we should follow Next and use Make to standardise outside-container-tasks like building the container and deploying it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure thing, these dont depend on node modules so I see no issue extracting into a makefile.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm definitely up for adding a Makefile
Outline
This PR contains the work required to get the build service continuously deploying, addressing #7. In order to do this we've had to overhaul the way that Docker is used, moving to Heroku's improved Docker support (which is currently in private beta). Here's what's been done:
docker-compose build
anddocker-compose up
npm run build
andnpm run deploy
master
branch will be deployed to QA once the tests have passed. Production is not deployed to through CI (see pipelines).What Needs Doing Before/After Merge
First we need to agree that this is approach to continuous deployment that we'd like to take. I can demo everything to the team and we can have a chat about it.
Code-wise, everything is currently deploying happily to
origami-buildservice-rowan-qa
andorigami-buildservice-rowan
. We need to do a few things before this is ready to merge:Incircle.yml
, change the deployment branch tomaster
.Change references inpackage.json
fromorigami-buildservice-rowan-qa
toorigami-buildservice-qa
.Merge this PR.Tag a new version on master and push it (wait for the deploy to work).Verify that the new version is on QA and everything works.origami-buildservice-qa
toorigami-buildservice-eu
.Next Steps
These are things that I'd like to get done after this has been merged, but don't need to be done to get continuous deployment up-and-running:
.env
for development environment variables instead ofdocker-compose.yml
#18: using.env
instead ofdocker-compose.yml
for environment variables