Skip to content

Refactor Docker startup scripts #1893

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
williamjallen merged 7 commits into from
Jan 2, 2024
Merged

Refactor Docker startup scripts #1893

williamjallen merged 7 commits into from
Jan 2, 2024

Conversation

@williamjallen
Copy link
Collaborator

@williamjallen williamjallen commented Dec 17, 2023

Our Docker installation process was originally designed for testing and development purposes. With Kubernetes and other container-based deployment mechanisms becoming widespread, our Docker setup scripts are in need of a refactor to make them deployment-quality.

Amongst a slew of general refactoring work, I made the following notable changes:

  • Apache is run under the current user by default, in case that user is not www-data. This is particularly useful for Kubernetes deployments, where the container is run under a random user.
  • The Dockerfile has been moved to the root level of the repository and renamed to Dockerfile in accordance with traditional Docker naming conventions.
  • APP_KEY is no longer generated by default. Users must specify it manually, and the container with fail to start with a message showing a random key if the APP_KEY environment variable is not set. Automatically generating keys as was done before is a bad idea, because the key (and thus, any data encrypted with it), will be lost if the container is restarted for any reason.
  • A root user is no longer created by default. This is particularly useful for systems using OAuth or SAML, which should have all users provided via the 3rd party authentication provider.
  • Legacy configurations will no longer be migrated automatically, since the migration will be lost if the container is restarted. If CDash administrators wish to run the migration manually, they may do so by running php artisan config:migrate.

I plan to make another PR to overhaul the Dockerfile and switch to php-fpm sometime soon.

bstrdsmkr
bstrdsmkr reviewed Dec 18, 2023
View reviewed changes
Copy link
Contributor

@bstrdsmkr bstrdsmkr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@williamjallen we recently deployed CDash in k8s and this would have made our lives easier, so thanks for the work!

I wanted to share a couple of other comments from our experience that could make things even easier

@josephsnyder
Copy link
Member

josephsnyder commented Dec 21, 2023
edited
Loading

@williamjallen, I'm having some trouble wrapping my mind around stopping the admin user creation. If a development environment runs the install step for us, we don't see the install page to set an account as an admin. One can get all the way to the login, and register a normal user, but then cannot create any projects.

Can we update the docker documentation to point out the user:save command that is available with exec cdash bash to create the admin account?

@williamjallen
Copy link
Collaborator Author

williamjallen commented Dec 21, 2023

Good idea. I'll add a note to the docs.

The install page is of limited use for bare-metal systems, and is almost entirely useless for container-based systems. Using environment variables is by far the preferred way to go about setting configuration settings. I'll add a note to the docs in case anyone happens to be interested in manually creating a user for whatever reason.

josephsnyder
josephsnyder approved these changes Jan 2, 2024
View reviewed changes
Copy link
Member

@josephsnyder josephsnyder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs a rebase for a conflict but otherwise LGTM!

@williamjallen williamjallen force-pushed the docker-startup-refactor branch from 2bc7024 to 8da3737 Compare January 2, 2024 14:06
@williamjallen williamjallen force-pushed the docker-startup-refactor branch from 8da3737 to 384929b Compare January 2, 2024 14:06
@williamjallen williamjallen added this pull request to the merge queue Jan 2, 2024
Merged via the queue into Kitware:master with commit 342fbc5 Jan 2, 2024
@williamjallen williamjallen deleted the docker-startup-refactor branch January 2, 2024 15:28
This was referenced Jan 15, 2024
Closed
Merged
github-merge-queue bot pushed a commit that referenced this pull request Jan 22, 2024
@williamjallen
Add production/development flag to cdash_install (#1953)
b0474c9 
#1893 accidentally started installing dev dependencies in production
containers via the `cdash_install` command. This PR adds a `--dev` flag
to `cdash_install` to control whether dev dependencies are installed or
not.

Fixes #1951
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@josephsnyder josephsnyder josephsnyder approved these changes

+1 more reviewer

@bstrdsmkr bstrdsmkr bstrdsmkr left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

release notes: administration

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@williamjallen @josephsnyder @bstrdsmkr