dockerize fx-crash-sig #20
Conversation
* add Makefile for easier maintenance * add Dockerfile for building a docker image * tweak how requirements are required and add dev requirements * move tests to their own directory outside of the fx_crash_sig module * update .gitignore accordingly
Note that this doesn't run linting in CI--going to do that in a future PR.
This fixes input handling in fx-crash-sig command so that if there's nothing in stdin to slurp, it raises an error rather than hangs. This also changes fx-crash-sig command to return an error exit code when it doesn't work.
| orbs: | ||
| python: circleci/python@0.2.1 | ||
| gcp-gcr: circleci/gcp-gcr@0.7.1 |
There was a problem hiding this comment.
I redid the circle configuration to use what play-store-export is using which follows the guidelines in Building and Deploying Containers to GCR.
It's likely it's broken--I'll hone it in this PR.
Also, I commented out sections we'll want to implement in future PRs.
| help: | ||
| $(info Available rules:) | ||
| $(info ) | ||
| @fgrep -h "##" Makefile | fgrep -v fgrep | sed 's/\(.*\):.*##/\1:/' | column -t -s '|' |
There was a problem hiding this comment.
This looks gross, but it makes this more user-friendly. It allows you to do make or make help and get help for the targets in the makefile.
| then \ | ||
| echo "Creating .env file..."; \ | ||
| echo "# USER_ID=\n# GROUP_ID=\n" > .env; \ | ||
| fi |
There was a problem hiding this comment.
When running black in the container on macOS, everything is fine because docker on macOS is "fun" about what user it's running as and permissions to the file system.
On Linux, this fails because the container has a uid/gid of 10001/10001 and that's not the same as my uid/gid, so then when I run black, I just get a lot of permission issues. So I do this thing where it allows for a .env override of what uid/gid to use to build the user in the container so then I don't get permission issues, but it does it in a way that doesn't affect anyone else and works fine on macOS.
There was a problem hiding this comment.
Nice! I knew about that problem but didn't know about that solution
There was a problem hiding this comment.
It's the least painful one I've found so far. I'd love to know if there are better ones.
I tossed around tweaking it to auto-detect whether the host is macos or linux and set these accordingly. I'll tinker with that some day.
| .PHONY: build | ||
| build: .env ## | Build docker image | ||
| docker-compose build --build-arg USER_ID=${USER_ID} --build-arg GROUP_ID=${GROUP_ID} app | ||
| touch .docker-build |
There was a problem hiding this comment.
The .docker-build is a real file, so then it'll get handled by make and targets that depend on it will build the image if it needs building.
| if sys.stdin.isatty(): | ||
| print('fx-crash-sig: Failed: pass crash trace using stdin') | ||
| sys.exit(1) | ||
|
|
There was a problem hiding this comment.
This checks to see if something is being piped in via stdin and if not, prints and error and exits. This prevents the case where someone runs fx-crash-sig and it just hangs which isn't very informative.
If I had my druthers, I'd redo this command to use click and make it more user-friendly. But I'm not sure how much value we get out of that since it's not clear who's using this as installed from PyPI.
There was a problem hiding this comment.
Makes sense. Personally I think we should just stop uploading to pypi until we have a clear use case for it.
| @@ -1,43 +0,0 @@ | |||
| # This Source Code Form is subject to the terms of the Mozilla Public | |||
There was a problem hiding this comment.
I moved this to tests/test_symbolicator.py, but that's not obvious from the PR changes.
| requests==2.22.0 | ||
| siggen<2 | ||
| ujson==1.35 | ||
| google-cloud-bigquery==1.27.2 |
There was a problem hiding this comment.
Because fx-crash-sig is both a library on PyPI and also (now) an etl job, I moved the requirements to be in setup.py which gets run in both scenarios.
|
So, I broke CircleCI for reasons I'm unclear on, but I can't get it to run again with this PR because it's all mad. I don't want to close this PR with its comments and start a new PR, so I think I'll fix the Circle CI configuration and whatever else it discovers is broken in a future PR. |
|
Also, I messed up and the branch this is against is in my fork. I'll do that right next time around. |
|
Yay! I got circle to build the docker image and run the tests in it. I'll do linting and reformatting in another PR. @wlach ^^^ That's ready for a final review. |
|
|
||
| RUN apt-get update && \ | ||
| apt-get install -y build-essential | ||
|
|
There was a problem hiding this comment.
Borrowing from https://github.com/mozilla/missioncontrol-v2/blob/master/Dockerfile:
| # clean up apt-get cruft | |
| RUN apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* |
There was a problem hiding this comment.
I'll add that. It knocks 18mb off the size of the image.
This adds some scaffolding to make it easier to maintain fx-crash-sig and also to generate a docker image and use it for development things.
What works:
make buildUSER_IDandGROUP_IDin.envso thatmake buildbuilds the docker image using specified uid/gid easing file permission issues on Linuxmake testWhat doesn't work:
make lintandmake reformatdon't work--that'll get covered in another PR since it involves a lot of reformatting changesmake lintisn't run in CIFixes #19.