Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Embed build info into the docker image instead of relying on runtime variables. #22930

Merged
merged 1 commit into from
Dec 16, 2024
Merged

Embed build info into the docker image instead of relying on runtime variables. #22930

merged 1 commit into from
Dec 16, 2024

Conversation

KevinMind
Copy link
Contributor

Fixes: mozilla/addons#15230

Description

  • Modified Dockerfile to expose build arguments and create a static build info file, ensuring that build variables are hard-coded and not overridden at runtime.
  • Refactored get_version_json function in utils.py to read build information from the newly created static file, ensuring required keys are validated.
  • Updated tests in test_apps.py and test_utils.py to check for required version keys and validate the build info retrieval process.

Context

Previously relying on runtime environment variables led to less consistent checks because runtime variables can change, where the underlying image cannot. Since we are mostly checking the underlying image, we should not rely on the runtime variables but instead the image itself.

Testing

  1. verify the image contains the /build-info file with the correct information. Set values for all the variables to verify they can be configured appropriately
  2. Modifying one of the variables after the build should not invalidate most caches.

Checklist

  • Add #ISSUENUM at the top of your PR to an existing open issue in the mozilla/addons repository.
  • Successfully verified the change locally.
  • The change is covered by automated tests, or otherwise indicated why doing so is unnecessary/impossible.
  • Add before and after screenshots (Only for changes that impact the UI).
  • Add or update relevant docs reflecting the changes made.

@KevinMind KevinMind force-pushed the addons-15066-build-info branch from ea0dc7b to 68156b4 Compare December 9, 2024 22:29
@KevinMind KevinMind force-pushed the addons-15066-build-info branch 2 times, most recently from 1bd77b3 to 96337d4 Compare December 10, 2024 19:59
Base automatically changed from addons-15066-tests to master December 10, 2024 20:53
@KevinMind KevinMind force-pushed the addons-15066-build-info branch from 96337d4 to 2da734e Compare December 10, 2024 21:44
@KevinMind KevinMind changed the title Addons-15066-build-info Embed build info into the docker image instead of relying on runtime variables. Dec 10, 2024
@KevinMind KevinMind force-pushed the addons-15066-build-info branch 18 times, most recently from 6fd59d5 to cff36e2 Compare December 13, 2024 11:41
@KevinMind KevinMind requested review from a team and eviljeff and removed request for a team December 13, 2024 11:53
eviljeff
eviljeff reviewed Dec 13, 2024
View reviewed changes
Makefile-os Outdated
Comment on lines 10 to 13
# Values that are not saved to .env
# but should be set in the docker image
# default to static values to prevent
# invalidating docker build cache
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this written as a haiku? 😄

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not intended, but now it is an actual haiku 👍

src/olympia/core/apps.py Outdated Show resolved Hide resolved
src/olympia/core/utils.py Outdated Show resolved Hide resolved
src/olympia/core/utils.py Outdated Show resolved Hide resolved
@KevinMind KevinMind force-pushed the addons-15066-build-info branch from cff36e2 to 3649368 Compare December 13, 2024 15:54
@KevinMind KevinMind force-pushed the addons-15066-build-info branch from 3649368 to b64d766 Compare December 13, 2024 16:15
@KevinMind KevinMind requested a review from eviljeff December 13, 2024 16:15
eviljeff
eviljeff approved these changes Dec 13, 2024
View reviewed changes
src/olympia/core/utils.py Outdated Show resolved Hide resolved
tests/make/make.spec.js
'DOCKER_VERSION',
'DOCKER_BUILD',
];
it('.services.(web|worker).environment excludes build info variables', () => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I forgot to add this last time: I'm not clear what this is testing, exactly. What aren't we including in the web/worker envs, and why?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We exclude variables that could be interpreted as build info such as the DOCKER_COMMIT, DOCKER_VERSION and (eventually) DOCKER_TARGET. You don't want to live in a world where you build with one commit/version and then run the container with another value set (arbitrarily) and then your container thinks it is a different image.. This test confirms that the variables that are used in the build info file are NOT available on the environment of the container.

@KevinMind KevinMind force-pushed the addons-15066-build-info branch from e0c4c07 to f988d74 Compare December 13, 2024 18:16
@KevinMind @eviljeff
Include DOCKER_* build info statically in image:
a094ce2 
- Updated Dockerfile to create a build info file containing static build variables (commit, version, build, target) that are now read-only at runtime.
- Modified get_version_json function to read build information from the newly created build info file instead of relying on environment variables.
- Introduced REQUIRED_VERSION_KEYS to ensure all necessary keys are present in version.json during checks.
- Enhanced tests to validate the presence of required version keys and ensure proper functionality of the get_version_json method.
- Updated docker-bake.hcl to maintain consistency in build arguments.

TMP: use json instead

Update src/olympia/core/utils.py

Co-authored-by: Andrew Williamson <[email protected]>
@KevinMind KevinMind force-pushed the addons-15066-build-info branch from f988d74 to a094ce2 Compare December 16, 2024 08:25
@KevinMind KevinMind merged commit 86f6d25 into master Dec 16, 2024
36 checks passed
@KevinMind KevinMind deleted the addons-15066-build-info branch December 16, 2024 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eviljeff eviljeff eviljeff approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Include static build info in docker image
2 participants
@KevinMind @eviljeff