-
-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create multi-stage dockerfile #734
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for tackling this @AlMaVizca! It's funny because just the other day I was thinking about refactoring this to use a multi-stage build.
Can we split this up into multiple atomic commits to make it easier to review and to keep each "intention" separate? I like to try to keep the changes in each commit very focused (even to the point of separating "whitespace" changes out to their own commits).
It seems like the primary changes are:
- Moving PHP configurations to separate files to improve legibility
- Reduce image size with multi-stage build process
- Run container as www-data user
I would also like to refactor the
build-farmOS.sh
script to:
- Install composer packages in another stage to only copy the vendor folder
- Remove git and zip packages from the image, using something similar to PHP_GEOS
Please let me know if it would be ok to add all that on this PR, or you prefer to create another issue for it.
I'm curious what this would look like, but maybe we should keep it separate for now.
I also need to think a little deeper about how all of these changes may affect images that extend this base image.
And lastly, right now the focus is on docker/Dockerfile
, but we also have docker/dev/Dockerfile
, which may also need to be considered to make sure nothing breaks.
Thanks again for diving in and proposing next steps!
7ebd0aa
to
d18ee6f
Compare
It's my pleasure to cooperate, also it's my way to understand the system and see if I can use it :)
About these, I see them interconnected. Thanks for pointing out the dev version, I didn't notice it earlier.
With this template of Dockerfile and without parameters on the build, the prod version image will be created, and using the following on docker-compose.development.yaml will stop the build at that point.
If you consider it, I can handle those changes, not sure what are the other image dependencies, but I'm willing to collaborate to get them working |
d18ee6f
to
d62ae32
Compare
d62ae32
to
f2be6f0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @AlMaVizca! I reviewed in more detail and left some questions and change requests. Most are small nitpick changes. Overall I think this is on the right track!
I'd like to get @Paul12's1 and @symbioquine's thoughts on this before we merge it too.
94a52b1
to
9d1bb34
Compare
9d1bb34
to
f67ee9b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks so much @AlMaVizca! I just noted a few tiny nits. I will trigger the workflow run so we can see if this works, or if it breaks anything downstream of it, like the 2.x-dev
image.
f67ee9b
to
73c1aef
Compare
My pleasure.
Do I need to change anything there? |
Thanks @AlMaVizca! I think this is looking good!
Don't worry about the changlog failure... we have that to remind us to add notes about new features, bug fixes, etc - but I generally don't include internal dev tooling changes like this. We do need to fix the dev image build, however. That is a core part of our It is based on the It looks like the first thing it failed on was the change from
https://github.com/farmOS/farmOS/actions/runs/6505581983/job/17679156363 There may be other failures after that too, but that's what caused the test to abort. We do a funny thing with the Line 18 in 010a895
You'll notice that in the |
Thanks, @mstenta. Later I'll work on other 2 PRs later:
So the workflow could be standard, let's say, call:
I got a little deviated, so you can consider this one or not. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks again @AlMaVizca! I left two small comments on things I noticed in the diffs, and some more thoughts below... I know I'm asking for a lot of changes - and I appreciate all the time you're contributing to this! These are good improvements, and the Dockerfile
s are critical pieces of our development and packaging infrastructure, so it is important to get right. :-)
I'm a proponent of the "don't break HEAD
" rule when creating commits. I like each commit to be a self-contained incremental change, which could be merged by itself (in sequence) without breaking things (not always possible, but a good discipline to try to stick to IMO).
With that in mind, can we split up some of the changes in your last two commits so that they can be merged into relevant previous commits?
For example, the commit labelled "Moving PHP configurations to separate files to improve legibility" can include the config file changes being made to the dev
image as well, I think. So essentially we have one commit that handles splitting out files for both images. And this way, that commit by itself could in theory be merged without breaking tests.
If we can approach each commit this way, that would be great - and also make it easier for me to review them as incremental improvements. I may even be able to merge some of them into 2.x
independently, while others await further review/change requests by other maintainers.
Right now it's a bit hard for me to juggle the latest two commits in my head because they both make changes to the way USER
is handled in the image. It seems like the first commit breaks things, and the second commit intends to fix them. If we can rearrange things a bit to make the steps more clear-cut that would be easier to wrap my head around.
Lastly, I think it makes sense to split out phpcs.xml
and phpstan.neon
, but I'm not sure we should deviate from the current approach of using sed
for the phpunit.xml
file specifically. Currently we are not maintaining that entire file in our codebase. We are simply copying from the Drupal core phpunit.xml.dist
file, and overriding specific bits. If we move to maintaining the whole file we lose the benefit of inheriting changes that may be introduced in upstream Drupal core. So even though it is a bit ugly in our Dockerfile
, I think it is better to leave that one for now.
d3dbbb1
to
a7d2f5a
Compare
a7d2f5a
to
c0f9ead
Compare
c0f9ead
to
3eb94de
Compare
Thanks @AlMaVizca - looking good! I pulled your branch down locally and made a few small changes myself. Mostly small adjustments and moving some things around (the commits themselves and some changes moved/split out). My goal was to make the commit messages "tell the story" of the changes and make each commit simple and focused. Not much different from what you had originally, so hopefully it makes sense! I left your commit author credit on all of them. Please take a moment to review and let me know if you see anything wrong or confusing. I moved the three "small" changes to the front, and put the three bigger ones (config files + multi-step + The only notable deviation from your commits is that I tried to simplify the changes for the Let me know what you think! I'll start the tests running to see if anything fails. I tested building both images locally and they worked. |
Docker image size differences: farmos/farmos:2.x: Before: 1,023,905,894 bytes farmos/farmos:2.x-dev: Before: 1,446,640,084 bytes So we're saving about 18 mb in size, with the multi-step build process (which now only splits out the GEOS build). So not quite as big of an improvement as @AlMaVizca's original PR, but still a bit slimmer. :-) |
While we are thinking about this: maybe it would be worth splitting this PR into two new ones:
I think all of the commits leading up the last one are ready for final review. It's just this last one that may become a bit more hairy. |
Just wanted to respond to this as well... None of this really matters, because the problem runs deeper. It happens if you try to run the normal (non-dev) container as well, even without
So this is a core incompatibility with our current |
This is the core issue. If the We could potentially work around this by modifying our But we would also have to update our docs to tell end-users who are setting up their development/production environments to do that manually as well. I think that would work, but it's a bummer because it adds manual steps to the setup (always prefer removing steps to adding them). And we need to consider whether or not this will affect existing installs. All-in-all, this is feeling like a more complicated change than I originally anticipated. Which means it will need a lot more community review and discussion before we can merge it regardless. All the more reason to split it out to its own PR, IMO. |
This would only address the CI/CD pipeline failures. But it would not help end-users. They would still need to manually create their bind-mount directory(ies) manually and set the ownership. See the instructions we provide here, for example: https://farmos.org/hosting/install/#farmos-in-docker And here: https://farmos.org/hosting/composer/ (which reminds me... that page would need to be updated with this PR too). |
As a summary, I'm removing the last two commits, and adding a small change to build
Not sure which part are you refering too, in case it's the docker section, I think it is still valid, since it's a reference for extending the image. |
dbdf66b
to
baf327a
Compare
Thanks @AlMaVizca! I'll take a look soon.
Yes I meant we'll need to remember to test/update that in the |
Tests are passing! I think we can flag this for final review now. |
Just a question in case, it will reduce the amount of effort on your side. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This LGTM! I'm not entirely sure but think there are now a few 3.x changes we need to incorporate into this PR too?
Really really like that configuration is getting split out into separate files. Appreciate all the work on this @AlMaVizca @mstenta !
# Configure PHPUnit. | ||
RUN cp -p /var/farmOS/web/core/phpunit.xml.dist /var/farmOS/phpunit.xml \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we move the PHPunit config to a separate file in files/phpunit.xml
? I know we're copying this over from the Drupal core phpunit.xml.dist
but I wonder how often this changes. We haven't needed to modify our code in a few years.. but I wonder how much that is just luck not having conflicting changes from Drupal core 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@AlMaVizca did separate this one out originally and I asked that we keep it the way it was, because separating it out means we are maintaining the whole file. I agree it may not change often, but if it does there's no way for us to know. Currently we get any changes automatically (or the sed
command will fail, notifying us that we need to update it). I think that's worth keeping as-is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is true. We'll need to rebase this onto 3.x. I can take a pass at that this morning since I'm familiar with the relevant 2.x->3.x changes... |
Thanks @AlMaVizca! Looking forward to reviewing those too! (Although it might be a little bit before I have a chance.) Yes let's keep them separate for now, since this PR is already close to being merged. |
baf327a
to
85ce7df
Compare
Done! |
Not sure why tests aren't running on this anymore (maybe due to base branch change and/or the fact that the PR branch doesn't start with |
…hown in Dockerfile.
85ce7df
to
9d5f824
Compare
Merged! Thanks again for all your work (and patience!) with this one @AlMaVizca! Great improvements! |
I would also like to refactor the
build-farmOS.sh
script to:Please let me know if it would be ok to add all that on this PR, or you prefer to create another issue for it.
Edited according to this comment