Docker Update and Continuous Deployment #19
Conversation
|
@JakeChampion, @AlbertoElias, @alicebartlett, @onishiweb, @j-mes, would be good to get your thoughts/feedback on this. We can discuss in-person as a group if it's easier. |
| insert_final_newline = true | ||
| charset = utf-8 | ||
|
|
||
| [**{.js,.scss,.html,.mustache,.md,.yml}] |
There was a problem hiding this comment.
Oops, I got that wrong, and preventing yml from having tabs is the entire reason I added this file 😂
| @@ -1,44 +1,22 @@ | |||
| FROM heroku/cedar:14 | |||
| FROM mhart/alpine-node:4 | |||
There was a problem hiding this comment.
It is not mentioned anywhere in this PR why the change from cedar to alpine was made.
Below is the explanation given in the heroku-docker-node-alpine-example repository
Heroku's Cedar base image is based upon Ubuntu, which was not developed with the idea of being run inside a container, incidentally making the image size rather large. Heroku's Cedar also installs a lot of packages to cover the needs of most Heroku developers' applications.
Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. An Alpine Linux image requires no more than 8 MB.
A smaller base image with fewer dependencies gives benefits such as a faster build/deploy time, smaller artifacts created for each build, and a smaller surface area to check for security vulnerabilities.
There was a problem hiding this comment.
Is alpine likely to continue to be maintained? Is that a concern?
There was a problem hiding this comment.
Not a major concern, the community around Alpine is large.
|
|
||
| To SSH into the web container, you first need to SSH into the Docker VM, and then into the container you want: | ||
| ```sh | ||
| open "http://$(docker-machine ip dev):8080/" |
| production: | ||
| branch: docker | ||
| commands: | ||
| - 'echo "machine api.heroku.com login rowan.manning@ft.com password ${HEROKU_AUTH_TOKEN}" >> ${HOME}/.netrc; chmod 0600 /home/ubuntu/.netrc;' |
There was a problem hiding this comment.
Note: This application will fail to deploy from CI is @rowanmanning ever renews his Heroku authentication token.
There was a problem hiding this comment.
We could maybe do with an Origami Heroku account for this kind of thing? It would also fail if I ever get removed from the Heroku org.
There was a problem hiding this comment.
I believe this is not something the Heroku Working Group within the FT advocate people to do.
There was a problem hiding this comment.
OK, we'll just need to keep an eye on it then
There was a problem hiding this comment.
Yeah, this kind of sucks. I'm using my account for browser tests with nightwatch
There was a problem hiding this comment.
in Next we use my HEROKU_AUTH_TOKEN and push it out to all our CircleCI configs. I can setup origami-build-service with this if you like and then Next can manage this for you ^^
There was a problem hiding this comment.
For the unitiated, what does the machine command do and how is it available in the circle environment?
There was a problem hiding this comment.
@triblondon run this on your mac cat ~/.netrc
There was a problem hiding this comment.
You can create an Origami heroku account by the way, I spoke with the Heroku Working Group and they verified this is a good approach for Origami to take with it's deployments.
|
this is a huge improvement to our deployment process, and this PR explains your changes really well too. |
|
|
||
| [**{.yml}] | ||
| indent_style = space | ||
| indent_size = 2 |
There was a problem hiding this comment.
should me move this stuff into obt?
There was a problem hiding this comment.
We could have a copy in there, yes, but the editorconfig plugins rely on there being a .editorconfig file in the project root.
There was a problem hiding this comment.
Do you mean the IDE plugins? We should probably discuss what's the best way
to use editorconfig
This email was sent by a company owned by Financial Times Group Limited
("FT Group http://aboutus.ft.com/corporate-information/#axzz3rajCSIAt"),
registered office at Number One Southwark Bridge, London SE1 9HL.
Registered in England and Wales with company number 879531. This e-mail may
contain confidential information. If you are not the intended recipient,
please notify the sender immediately, delete all copies and do not
distribute it further. It could also contain personal views which are not
necessarily those of the FT Group. We may monitor outgoing or
incoming emails as permitted by law.
|
Very nice. |
rowanmanning
changed the title
Docker Update and Continuous Deployment
| "build": "touch ./appversion; docker-compose build; rm -f ./appversion" | ||
|
|
||
| "build": "docker build -t registry.heroku.com/origami-buildservice-qa/web .", | ||
| "deploy": "docker push registry.heroku.com/origami-buildservice-qa/web" |
There was a problem hiding this comment.
Just been thinking a bit more about this. It seems like these scripts are a mixture of tasks run inside the container and tasks run outside the container. Maybe we should follow Next and use Make to standardise outside-container-tasks like building the container and deploying it?
There was a problem hiding this comment.
Sure thing, these dont depend on node modules so I see no issue extracting into a makefile.
There was a problem hiding this comment.
I'm definitely up for adding a Makefile
Outline
This PR contains the work required to get the build service continuously deploying, addressing #7. In order to do this we've had to overhaul the way that Docker is used, moving to Heroku's improved Docker support (which is currently in private beta). Here's what's been done:
docker-compose buildanddocker-compose upnpm run buildandnpm run deploymasterbranch will be deployed to QA once the tests have passed. Production is not deployed to through CI (see pipelines).What Needs Doing Before/After Merge
First we need to agree that this is approach to continuous deployment that we'd like to take. I can demo everything to the team and we can have a chat about it.
Code-wise, everything is currently deploying happily to
origami-buildservice-rowan-qaandorigami-buildservice-rowan. We need to do a few things before this is ready to merge:Incircle.yml, change the deployment branch tomaster.Change references inpackage.jsonfromorigami-buildservice-rowan-qatoorigami-buildservice-qa.Merge this PR.Tag a new version on master and push it (wait for the deploy to work).Verify that the new version is on QA and everything works.origami-buildservice-qatoorigami-buildservice-eu.Next Steps
These are things that I'd like to get done after this has been merged, but don't need to be done to get continuous deployment up-and-running:
.envfor development environment variables instead ofdocker-compose.yml#18: using.envinstead ofdocker-compose.ymlfor environment variables