-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dockerize fx-crash-sig #20
Conversation
* add Makefile for easier maintenance * add Dockerfile for building a docker image * tweak how requirements are required and add dev requirements * move tests to their own directory outside of the fx_crash_sig module * update .gitignore accordingly
Note that this doesn't run linting in CI--going to do that in a future PR.
This fixes input handling in fx-crash-sig command so that if there's nothing in stdin to slurp, it raises an error rather than hangs. This also changes fx-crash-sig command to return an error exit code when it doesn't work.
orbs: | ||
python: circleci/python@0.2.1 | ||
gcp-gcr: circleci/gcp-gcr@0.7.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I redid the circle configuration to use what play-store-export is using which follows the guidelines in Building and Deploying Containers to GCR.
It's likely it's broken--I'll hone it in this PR.
Also, I commented out sections we'll want to implement in future PRs.
help: | ||
$(info Available rules:) | ||
$(info ) | ||
@fgrep -h "##" Makefile | fgrep -v fgrep | sed 's/\(.*\):.*##/\1:/' | column -t -s '|' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks gross, but it makes this more user-friendly. It allows you to do make
or make help
and get help for the targets in the makefile.
then \ | ||
echo "Creating .env file..."; \ | ||
echo "# USER_ID=\n# GROUP_ID=\n" > .env; \ | ||
fi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When running black in the container on macOS, everything is fine because docker on macOS is "fun" about what user it's running as and permissions to the file system.
On Linux, this fails because the container has a uid/gid of 10001/10001 and that's not the same as my uid/gid, so then when I run black, I just get a lot of permission issues. So I do this thing where it allows for a .env
override of what uid/gid to use to build the user in the container so then I don't get permission issues, but it does it in a way that doesn't affect anyone else and works fine on macOS.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! I knew about that problem but didn't know about that solution
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's the least painful one I've found so far. I'd love to know if there are better ones.
I tossed around tweaking it to auto-detect whether the host is macos or linux and set these accordingly. I'll tinker with that some day.
.PHONY: build | ||
build: .env ## | Build docker image | ||
docker-compose build --build-arg USER_ID=${USER_ID} --build-arg GROUP_ID=${GROUP_ID} app | ||
touch .docker-build |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The .docker-build
is a real file, so then it'll get handled by make and targets that depend on it will build the image if it needs building.
if sys.stdin.isatty(): | ||
print('fx-crash-sig: Failed: pass crash trace using stdin') | ||
sys.exit(1) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This checks to see if something is being piped in via stdin and if not, prints and error and exits. This prevents the case where someone runs fx-crash-sig
and it just hangs which isn't very informative.
If I had my druthers, I'd redo this command to use click and make it more user-friendly. But I'm not sure how much value we get out of that since it's not clear who's using this as installed from PyPI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense. Personally I think we should just stop uploading to pypi until we have a clear use case for it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 Less is more.
@@ -1,43 +0,0 @@ | |||
# This Source Code Form is subject to the terms of the Mozilla Public |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I moved this to tests/test_symbolicator.py
, but that's not obvious from the PR changes.
requests==2.22.0 | ||
siggen<2 | ||
ujson==1.35 | ||
google-cloud-bigquery==1.27.2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because fx-crash-sig is both a library on PyPI and also (now) an etl job, I moved the requirements to be in setup.py
which gets run in both scenarios.
So, I broke CircleCI for reasons I'm unclear on, but I can't get it to run again with this PR because it's all mad. I don't want to close this PR with its comments and start a new PR, so I think I'll fix the Circle CI configuration and whatever else it discovers is broken in a future PR. |
Also, I messed up and the branch this is against is in my fork. I'll do that right next time around. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feel free to ping me when you're ready for a full review!
Yay! I got circle to build the docker image and run the tests in it. I'll do linting and reformatting in another PR. @wlach ^^^ That's ready for a final review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
|
||
RUN apt-get update && \ | ||
apt-get install -y build-essential | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Borrowing from https://github.com/mozilla/missioncontrol-v2/blob/master/Dockerfile:
# clean up apt-get cruft | |
RUN apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll add that. It knocks 18mb off the size of the image.
This adds some scaffolding to make it easier to maintain fx-crash-sig and also to generate a docker image and use it for development things.
What works:
make build
USER_ID
andGROUP_ID
in.env
so thatmake build
builds the docker image using specified uid/gid easing file permission issues on Linuxmake test
What doesn't work:
make lint
andmake reformat
don't work--that'll get covered in another PR since it involves a lot of reformatting changesmake lint
isn't run in CIFixes #19.