Bug 1470942 - Support maven on S3

[JohanLorenzo]

Do not merge yet. This has been untested from an end to another. This is just to let people know this kind of changes are incoming. In my opinion, they aren't too heavy and shouldn't (hopefully) block any ongoing work. Please let me know if that's not the case. All done!

[coveralls]

Pull Request Test Coverage Report for Build 681

• 168 of 168 (100.0%) changed or added relevant lines in 6 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.3%) to 99.071%

---

Totals
Change from base Build 679:	0.3%
Covered Lines:	640
Relevant Lines:	646

---

💛 - Coveralls

[JohanLorenzo]

This was tested end to end in https://tools.taskcluster.net/groups/TJW4b-CNSwGsJukgQCeoUA/tasks/PojKrc74Q5KFqghgPlosCg/runs/1/. The testing bucket lives at https://s3.console.aws.amazon.com/s3/buckets/geckoviewtest/?region=us-east-1&tab=overview . Here's how things work:

1. We only pass 1 target.maven.zip in upstreamArtifacts. This file is flagged with zipExtract
2. We get the manifest (maven_geckoview.yml). This manifest tells us exactly what files are present in the archive (no more no less).
3. We pass target.maven.zip to the new zip.py module. This module verifies the sanity of the archive (file size, file paths, no duplicate) and checks all expected files (from the manifest) are present. This module supports several zip archives, even though we currently expect to pass target.maven.zip alone.
4. The zip module returns the files that were extracted via a dict. We massage the dict to make it understandable by move_beets().
5. We also massage the context to make move_beets() happy.

At the first suspicious behavior detected, we bail out.

To be honest, now that things are implemented I'm not too sure whether beetmover is the right place for such behavior. I feel push_to_maven() cheats a lot to make move_beets() happy. We could create a different kind of workers to deal with zip extraction, but we would still need the boto wrappers done in beetmover. I also enjoy the manifest model, which helps in defining what files are supposedly in the archive. What do you think @MihaiTabara ? I'm fine keeping the behavior in beetmover or moving it elsewhere.

Please let me know if you need more information about what this PR does.

[MihaiTabara]

This overall looks good to me. There are some things I don't understand yet but none of them are blocking I suppose.

Overall comment:
a) once declarative artifacts is in place, we won't be having any manifests templates at all so we could maybe add indeed all these processing in a separate "extractors" or w\e new kind that beetmover depends on.

b) the term "manifest" was used for mapping. Once declarative artifacts is done, this concept will no longer apply, at least not in beetmoverscript terminology. All the mappings will be defined in a separate artifactMap dict in task payload. If we don't end up adding extractors like suggested in a), maybe we can override the term "manifest" to contain validation data or something else?

c) to be honest, I kind of like this new glorious future. I'd much prefer ditching "extractors" as new kinds in-tree as suggested at a) and instead have this logic in beetmoverscript.

Once declarative artifacts is in place, we can see beetmoverscript as something like Geckoview structure.

Beetmoverscript default behavior to wrap the boto calls and talk to S3. It will keep having all these API calls/endpoints (like move_beets or alike) but then we can clean a bit those and make them more generic so that we could cope other behaviors (such as maven one or any other upcoming) to perform various operations (such as zip.py or maybe in the future something else too).

This sounds like we could have: script.py, utils.py, etc in default folder and then "specifics" like "maven" in dedicated subfolders.

... and integration tests to cover them all.
Hm, I can sketch this elsewhere in a separate bug to not derail from your PR which looks good for now, when we still have the "old-way" of doing things.

[MihaiTabara]

++ on the comment. Any reason why we're not moving these two ZIP_* related-constants within the script_config ?

[JohanLorenzo]

Oh good call. I had forgotten about script_config. I added the max file size in mozilla-releng/build-puppet@bcef5fc.

I don't foresee a need to change the compression ratio as much as the max file size. So, I haven't added it. Moreover, I think increasing the ratio can be a bigger risk than just increasing the file size. If one day we realize we need to deal with zip files that are compressed more than 10 times, we probably want to revisit the ratio check within beetmover. That's why, I think we shouldn't expose that value in script_config.

[MihaiTabara]

That makes sense, thanks for clarifying.

[MihaiTabara]

I like this usage from here where we try to read this from script_config and if it fails, default to some value defined in beetmoverscript. And it makes sense if we ever need to amend that + puppet fix, instead of beetmoverscript roll-out.

However, I'm thinking whether this can be slightly confusing for anyone else reading this later on. I'm wondering if we shouldn't simply just read it from puppet and that's it. What do you think?

[JohanLorenzo]

Understood. I see the confusion. How about I rename the constant ZIP_MAX_FILE_SIZE_IN_MB into DEFAULT_ZIP_MAX_FILE_SIZE_IN_MB. This should make the intent of this constant clearer. I made this change in 42ade2a.

Please let me know what you think of it!

[MihaiTabara]

Not blocking but it'd be nice to add docstrings for all these functions. Doesn't have to be too verbose, but at least some sum-up 1-2 lines to define what the function is doing.

[JohanLorenzo]

Okay. I added the doctstring of the only public function in 3c02cc5. I usually prefer to not document private functions in favor of having (long) but explicit names. The reason is: this is an implementation detail to the consumers of the module. Ergo, consumers should not rely on these functions but documenting them can send mixed signals.

I sometimes briefly document private functions (like https://github.com/mozilla-releng/mozilla-version/blob/master/mozilla_version/firefox.py#L245), if the function name cannot capture the intent and the function is too obscure to guess the output.

Please let me know if you still want me to document these private functions.

[MihaiTabara]

Public is perfect; your argument for private ones makes a lot of sense. Now I understand retroactively why you were always suggesting the best of the names when reviewing 😃 👍

[MihaiTabara]

tiny nit: either s/tested/test or s/are/were I think? And I think the second negation is not needed. Something like "we tested no relative paths [...] were used within the archive"

[JohanLorenzo]

Thanks! Done in: b747099

[MihaiTabara]

Makes sense to have the check here 👍

[MihaiTabara]

I was wondering if it's worth moving this context.artifacts_to_beetmove logic + logic from 169-179 in a separate function. Again, no strong feelings, we can leave them as they are, I'm more leaning towards consistency with the other push_to_* operations.

[JohanLorenzo]

Yeah, I was wondering the same. I can't find a name for this function. I get the feeling too many concepts are intertwined. That's why I left it in this function. How would you describe this function?

[MihaiTabara]

Hm, good question. I wonder, how bad it would be if we defined that function within push_to_maven()? Something like:

async def push_to_maven(context):
       def _process_and_validate_artifacts(...)
        ....
        return artifacts
        
        ......
       context.artifacts_to_beetmove = _process_and_validate_artifacts(...)

I know most of the other similar functions are cleaner but if we don't find any better solution, this could be a good compromise. Alternatively, we can leave things be, I don't want to block on this, nor I have strong feelings.

[JohanLorenzo]

Done in 7f5682e. Unit tests are failing because of #176.

Tested e2e in https://tools.taskcluster.net/groups/FN8cz6cTSyiKeVxa8Y0KAg

[MihaiTabara]

Looks great, thanks for making this amendment!

[MihaiTabara]

I'm tempted to see this file renamed to maven_utils.py. Not sure if it's worth it though. What say you?

[JohanLorenzo]

Fine by me. Done in 5cab293

[MihaiTabara]

Why trim locale here?

[JohanLorenzo]

geckoview tasks don't specify a locale to beetmove. That's why I removed it from the required fields. I'm fine putting it back and creating a different schema. What do you think?

[MihaiTabara]

This is my fault from the very beginnings of beetmoverscript. In shipitscript and bouncerscript we have task schemas for each of the possible tasks and full integration tests as we should have! For beetmover unfortunately it is what it is. So to answer your question, ideally, we add a new schema so that we don't touch existing ones (like trimming the locale or hashType or platform to fit new maven tasks). Old beetmover jobs still have those, hence be tested against those correctly.

Again, this is not blocking so we can definitely follow-up in a separate PR. I have a backlog task to take over (hopefully) within declarative artifacts, to rewrite all the tasks to have integration tests for all possible beetmover jobs so this work will be undertaken anyway at some point this quarter so not sure it's worth time investing now. If it's easy for you to tweak tasks to fit to a new schema and not touch existing, that's be ideal, but again, we're going to do that sooner or later anyway for all tasks. Up to you, am fine either way 👍

[JohanLorenzo]

Got! I'd prefer to make it in a follow up. I think we're safe for now because beetmoverscript relies on locale being defined. So if a task def misses one, a KeyError will be raised somewhere

[MihaiTabara]

👍

[MihaiTabara]

Note to self: in the near future, in my backlog, I have a task to add integration tests for beetmover in such a way that we have beetmover schema for all possible beetmover jobs + actual tests against them. Like we currently have in bouncerscript or shipitscript. Right now we are reusing these two possible tasks but it's not enough.

[MihaiTabara]

I presume you remove 'locale' to fit the maven jobs right? The old beetmover jobs are still having the locale. Maybe it'd be worth adding it as optional.

[JohanLorenzo]

Yup, that's what this change is about. locale is now optional

[MihaiTabara]

👍

[JohanLorenzo]

Addressed comments were tested in https://tools.taskcluster.net/groups/NaetTOqNQqOLoI0cGDH2_Q/tasks/JDuBbPHpRaqAvOH4mR2JXA/runs/0/logs/public%2Flogs%2Flive_backing.log#L71

[MihaiTabara]

[MihaiTabara]

That makes sense, thanks for clarifying.

[MihaiTabara]

👍

[MihaiTabara]

This is my fault from the very beginnings of beetmoverscript. In shipitscript and bouncerscript we have task schemas for each of the possible tasks and full integration tests as we should have! For beetmover unfortunately it is what it is. So to answer your question, ideally, we add a new schema so that we don't touch existing ones (like trimming the locale or hashType or platform to fit new maven tasks). Old beetmover jobs still have those, hence be tested against those correctly.

Again, this is not blocking so we can definitely follow-up in a separate PR. I have a backlog task to take over (hopefully) within declarative artifacts, to rewrite all the tasks to have integration tests for all possible beetmover jobs so this work will be undertaken anyway at some point this quarter so not sure it's worth time investing now. If it's easy for you to tweak tasks to fit to a new schema and not touch existing, that's be ideal, but again, we're going to do that sooner or later anyway for all tasks. Up to you, am fine either way 👍

[MihaiTabara]

Hm, good question. I wonder, how bad it would be if we defined that function within push_to_maven()? Something like:

async def push_to_maven(context):
       def _process_and_validate_artifacts(...)
        ....
        return artifacts
        
        ......
       context.artifacts_to_beetmove = _process_and_validate_artifacts(...)

I know most of the other similar functions are cleaner but if we don't find any better solution, this could be a good compromise. Alternatively, we can leave things be, I don't want to block on this, nor I have strong feelings.

[MihaiTabara]

No, absolutely no worries, this is super nice! 👍

[MihaiTabara]

Public is perfect; your argument for private ones makes a lot of sense. Now I understand retroactively why you were always suggesting the best of the names when reviewing 😃 👍

[MihaiTabara]

Holy smokes, this is docs for realz 😮

[MihaiTabara]

👍

[MihaiTabara]

\o/

[MihaiTabara]

Sounds good to me, thanks for adding all these checks. Makes me feel so much safer having all of them. GG again for all the validations!