brennen
/
blubber
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
120 Commits
2 Branches
713 KiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
blubber/README.md

118 lines
3.1 KiB
Raw Permalink Normal View History

Provide a new Blubber logo The new logo was the winner of a recent round of voting among Release Engineering. (See https://phabricator.wikimedia.org/V19) It incorporates colors from the WM design palette and the ring pattern from the logos of other WM teams, platforms, and tooling. R.I.P. Tyler's dead-whale logo. Change-Id: I0f79dcd9cb521f39059fa4270f65508c3c097a54
5 years ago
Add README.md
7 years ago
Use a YAML config format instead of JSON
7 years ago
Bump config version to v4 We've changed the config to be more consistent about "copies" and "artifacts". This means that "copies" no longer accepts a string, but a slice of strings. We should bump the config version and blubber version to make it clear that we're not longer backwards compatible. Change-Id: Ib68f623cbdcdf0aed74f4fdaec062835748e8eb9
4 years ago
Use a YAML config format instead of JSON
7 years ago
Refactor builder to support file requirements and run pre-install The builder configuration has proven useful for supporting generic pre-entrypoint commands such as dependency managers not otherwise supported by specific Blubber configuration. Adding additional `builder.requirements` config expands support for such commands by allowing the user to specify files that should be copied into the image before the builder command runs. To support this extra configuration, `builder` had to be changed from a simple string to a mapping. The builder command must now by given as `builder.command`. The pattern of creating parent directories, copying files, and executing one or more commands prior to the entrypoint has become a common one. Some of the implementation of this pattern was moved from `PythonConfig` into shared build macros `build.SortFilesByDir` and `build.SyncFiles`. All config types that must have requirements files copied over independently of the entire source tree (`PythonConfig`, `BuilderConfig`, `NodeConfig`) now delegate to these functions. Change-Id: I67f33034f22cee2851ec866cfb07ab20c23eba8c
5 years ago
Use a YAML config format instead of JSON
7 years ago
Refactor builder to support file requirements and run pre-install The builder configuration has proven useful for supporting generic pre-entrypoint commands such as dependency managers not otherwise supported by specific Blubber configuration. Adding additional `builder.requirements` config expands support for such commands by allowing the user to specify files that should be copied into the image before the builder command runs. To support this extra configuration, `builder` had to be changed from a simple string to a mapping. The builder command must now by given as `builder.command`. The pattern of creating parent directories, copying files, and executing one or more commands prior to the entrypoint has become a common one. Some of the implementation of this pattern was moved from `PythonConfig` into shared build macros `build.SortFilesByDir` and `build.SyncFiles`. All config types that must have requirements files copied over independently of the entire source tree (`PythonConfig`, `BuilderConfig`, `NodeConfig`) now delegate to these functions. Change-Id: I67f33034f22cee2851ec866cfb07ab20c23eba8c
5 years ago
Support environment variables Summary: Added support for definition of environment variables under `runs.environment`. Corresponding `ENV` instructions will be added to Dockerfile output for the unprivileged build phase. Fixes T168425 Test Plan: Run `go test ./...`. Reviewers: thcipriani, mobrovac, hashar, Jrbranaa, mmodell, #release-engineering-team Reviewed By: mobrovac Tags: #release-engineering-team Maniphest Tasks: T168425 Differential Revision: https://phabricator.wikimedia.org/D691
6 years ago
Use a YAML config format instead of JSON
7 years ago
Support `copies` config entry for multi-stage builds Summary: Support a `copies` variant config entry that will result in a multi-stage build, copying both shared library files and application directory from a previously defined variant. This is essentially a shorthand for two `artifacts` entries that are likely to be idiomatic to multi-stage build/prod configurations. Defined a new abstract `build.CopyFrom` instruction and corresponding `docker.DockerCopyFrom` instruction and refactored the writing of these Dockerfile lines to be accomplished using an `InstructionsForPhase` method on `config.ArtifactsConfig`. Implemented new support for `copies` configuration in `config.VariantConfig` and an `InstructionsForPhase` method that returns `build.CopyFrom` instructions for both the shared library and application directories. Fixes T174622 Depends on D759 Test Plan: Run `go test ./...`. Run `blubber blubber.example.yaml production` and ensure the right `COPY --from` lines are included for the final stage. Reviewers: thcipriani, mobrovac, hashar, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174622 Differential Revision: https://phabricator.wikimedia.org/D768
6 years ago
Use a YAML config format instead of JSON
7 years ago
Support `copies` config entry for multi-stage builds Summary: Support a `copies` variant config entry that will result in a multi-stage build, copying both shared library files and application directory from a previously defined variant. This is essentially a shorthand for two `artifacts` entries that are likely to be idiomatic to multi-stage build/prod configurations. Defined a new abstract `build.CopyFrom` instruction and corresponding `docker.DockerCopyFrom` instruction and refactored the writing of these Dockerfile lines to be accomplished using an `InstructionsForPhase` method on `config.ArtifactsConfig`. Implemented new support for `copies` configuration in `config.VariantConfig` and an `InstructionsForPhase` method that returns `build.CopyFrom` instructions for both the shared library and application directories. Fixes T174622 Depends on D759 Test Plan: Run `go test ./...`. Run `blubber blubber.example.yaml production` and ensure the right `COPY --from` lines are included for the final stage. Reviewers: thcipriani, mobrovac, hashar, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174622 Differential Revision: https://phabricator.wikimedia.org/D768
6 years ago
Refactor config for node app dependencies Summary: Change `node.dependencies` flag to `node.requirements`, the list of files (typically `package.json` and either `npm-shrinkwrap.json` or `package-lock.json`) that declare dependencies to be installed with NPM. Test Plan: Run `go test ./...`. Try it out with something like Mathoid. Reviewers: thcipriani, hashar, mobrovac, Joe, akosiaris, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Differential Revision: https://phabricator.wikimedia.org/D1058
6 years ago
Unify `copies` and `artifacts` configuration Refactored `copies` configuration to allow for greater control over when and which both local build context files and variant artifacts are copied into the target image. The new configuration introduces a "local" keyword to signify when a `copies` entry should apply to the files from the local build context as opposed to files from another variant's image during a multi-stage build. variants: build: copies: - from: local source: ./src destination: . Note that with this change, the user must now explicitly define whether _any_ files should be copied in from the local build context. None will be copied in by default. To help keep configurations succinct, especially considering this new requirement, and to approximate the old `copies: variant`, a shorthand format and sane defaults for `source` and `destination` (depending whether `from` is "local" or a variant name) were implemented. variants: build: copies: [local] development: copies: - from: build - from: local source: ./config.dev.yaml destination: ./config.yaml The shorthand: copies: [ref, ...] # is equivalent to copies: [{ from: ref }, ...] And the following defaults are used when no `source` and `destination` are specified. copies: - from: local # defaults to - from: local source: . destination: . copies: - from: variant # defaults to two entries - from: variant source: /srv/app # the lives.in dir destination: /srv/app - from: variant source: /opt/local # the shared lib dir destination: /opt/local Bug: T211625 Change-Id: I4c4217905afc0762b6bd66ed594d43cc0486e3e2
5 years ago
Support `copies` config entry for multi-stage builds Summary: Support a `copies` variant config entry that will result in a multi-stage build, copying both shared library files and application directory from a previously defined variant. This is essentially a shorthand for two `artifacts` entries that are likely to be idiomatic to multi-stage build/prod configurations. Defined a new abstract `build.CopyFrom` instruction and corresponding `docker.DockerCopyFrom` instruction and refactored the writing of these Dockerfile lines to be accomplished using an `InstructionsForPhase` method on `config.ArtifactsConfig`. Implemented new support for `copies` configuration in `config.VariantConfig` and an `InstructionsForPhase` method that returns `build.CopyFrom` instructions for both the shared library and application directories. Fixes T174622 Depends on D759 Test Plan: Run `go test ./...`. Run `blubber blubber.example.yaml production` and ensure the right `COPY --from` lines are included for the final stage. Reviewers: thcipriani, mobrovac, hashar, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174622 Differential Revision: https://phabricator.wikimedia.org/D768
6 years ago
Use a YAML config format instead of JSON
7 years ago
Support `copies` config entry for multi-stage builds Summary: Support a `copies` variant config entry that will result in a multi-stage build, copying both shared library files and application directory from a previously defined variant. This is essentially a shorthand for two `artifacts` entries that are likely to be idiomatic to multi-stage build/prod configurations. Defined a new abstract `build.CopyFrom` instruction and corresponding `docker.DockerCopyFrom` instruction and refactored the writing of these Dockerfile lines to be accomplished using an `InstructionsForPhase` method on `config.ArtifactsConfig`. Implemented new support for `copies` configuration in `config.VariantConfig` and an `InstructionsForPhase` method that returns `build.CopyFrom` instructions for both the shared library and application directories. Fixes T174622 Depends on D759 Test Plan: Run `go test ./...`. Run `blubber blubber.example.yaml production` and ensure the right `COPY --from` lines are included for the final stage. Reviewers: thcipriani, mobrovac, hashar, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174622 Differential Revision: https://phabricator.wikimedia.org/D768
6 years ago
Use a YAML config format instead of JSON
7 years ago
Smarter copies/sharedvolume/default behavior Summary: Defined new abstract `build.Volume` and corresponding `docker.DockerVolume` instructions. Refactored compilation of main `COPY` or `VOLUME` instruction for application files to use the new instructions and moved injection of these instructions out of the compiler and into `VariantConfig`. The latter can be smarter about the following cases: 1. When `copies` is set, simply depend on artifacts for the application files and do not copy anything from the build host. 2. When `sharedvolume` is `true`, inject a `build.Volume` instruction for the application working directory. 3. When neither of the above are set, copy application files from the host. Fixes T174623 Depends on D768 Test Plan: Run `go test ./...`. Run `blubber blubber.example.yaml production` and ensure: 1. The `prep` stage has a `COPY . .` instruction. 2. The final stage has no `COPY . .` instruction, only `COPY --from=prep` instructions. Reviewers: thcipriani, mobrovac, hashar, mmodell, #release-engineering-team Reviewed By: thcipriani, mobrovac, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174623 Differential Revision: https://phabricator.wikimedia.org/D769
6 years ago
Use a YAML config format instead of JSON
7 years ago
Define `NODE_ENV` and always define `NODE_PATH` Summary: Define `NODE_ENV` based on the configuration and define `NODE_PATH` when either `npm.install` or `npm.env` are true. The latter behavior is necessary for final stages of multi-stage builds where npm modules are not installed but the application requires node-related environment variables to run. Depends on D757 Ref T174626 Rename npm module/config to node Renamed `npm` yaml entry to `node` and `NpmConfig` to `NodeConfig`. Since we're dealing with general node builds and configuration, this seems to make more sense. Test Plan: Run `go test ./...` or `arc unit`. Run blubber against at least the `blubber.example.yaml`. Reviewers: thcipriani, mobrovac, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174626 Differential Revision: https://phabricator.wikimedia.org/D759
6 years ago
Use a YAML config format instead of JSON
7 years ago
Unify `copies` and `artifacts` configuration Refactored `copies` configuration to allow for greater control over when and which both local build context files and variant artifacts are copied into the target image. The new configuration introduces a "local" keyword to signify when a `copies` entry should apply to the files from the local build context as opposed to files from another variant's image during a multi-stage build. variants: build: copies: - from: local source: ./src destination: . Note that with this change, the user must now explicitly define whether _any_ files should be copied in from the local build context. None will be copied in by default. To help keep configurations succinct, especially considering this new requirement, and to approximate the old `copies: variant`, a shorthand format and sane defaults for `source` and `destination` (depending whether `from` is "local" or a variant name) were implemented. variants: build: copies: [local] development: copies: - from: build - from: local source: ./config.dev.yaml destination: ./config.yaml The shorthand: copies: [ref, ...] # is equivalent to copies: [{ from: ref }, ...] And the following defaults are used when no `source` and `destination` are specified. copies: - from: local # defaults to - from: local source: . destination: . copies: - from: variant # defaults to two entries - from: variant source: /srv/app # the lives.in dir destination: /srv/app - from: variant source: /opt/local # the shared lib dir destination: /opt/local Bug: T211625 Change-Id: I4c4217905afc0762b6bd66ed594d43cc0486e3e2
5 years ago
Define `NODE_ENV` and always define `NODE_PATH` Summary: Define `NODE_ENV` based on the configuration and define `NODE_PATH` when either `npm.install` or `npm.env` are true. The latter behavior is necessary for final stages of multi-stage builds where npm modules are not installed but the application requires node-related environment variables to run. Depends on D757 Ref T174626 Rename npm module/config to node Renamed `npm` yaml entry to `node` and `NpmConfig` to `NodeConfig`. Since we're dealing with general node builds and configuration, this seems to make more sense. Test Plan: Run `go test ./...` or `arc unit`. Run blubber against at least the `blubber.example.yaml`. Reviewers: thcipriani, mobrovac, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174626 Differential Revision: https://phabricator.wikimedia.org/D759
6 years ago
Add README.md
7 years ago
Use a YAML config format instead of JSON
7 years ago
Bump config version to v4 We've changed the config to be more consistent about "copies" and "artifacts". This means that "copies" no longer accepts a string, but a slice of strings. We should bump the config version and blubber version to make it clear that we're not longer backwards compatible. Change-Id: Ib68f623cbdcdf0aed74f4fdaec062835748e8eb9
4 years ago
Use a YAML config format instead of JSON
7 years ago
Define `NODE_ENV` and always define `NODE_PATH` Summary: Define `NODE_ENV` based on the configuration and define `NODE_PATH` when either `npm.install` or `npm.env` are true. The latter behavior is necessary for final stages of multi-stage builds where npm modules are not installed but the application requires node-related environment variables to run. Depends on D757 Ref T174626 Rename npm module/config to node Renamed `npm` yaml entry to `node` and `NpmConfig` to `NodeConfig`. Since we're dealing with general node builds and configuration, this seems to make more sense. Test Plan: Run `go test ./...` or `arc unit`. Run blubber against at least the `blubber.example.yaml`. Reviewers: thcipriani, mobrovac, mmodell, #release-engineering-team Reviewed By: thcipriani, #release-engineering-team Tags: #release-engineering-team Maniphest Tasks: T174626 Differential Revision: https://phabricator.wikimedia.org/D759
6 years ago
Rename `run` config to `runs` It sounds more declarative.
7 years ago
Use a YAML config format instead of JSON
7 years ago
Add README.md
7 years ago
Unify `copies` and `artifacts` configuration Refactored `copies` configuration to allow for greater control over when and which both local build context files and variant artifacts are copied into the target image. The new configuration introduces a "local" keyword to signify when a `copies` entry should apply to the files from the local build context as opposed to files from another variant's image during a multi-stage build. variants: build: copies: - from: local source: ./src destination: . Note that with this change, the user must now explicitly define whether _any_ files should be copied in from the local build context. None will be copied in by default. To help keep configurations succinct, especially considering this new requirement, and to approximate the old `copies: variant`, a shorthand format and sane defaults for `source` and `destination` (depending whether `from` is "local" or a variant name) were implemented. variants: build: copies: [local] development: copies: - from: build - from: local source: ./config.dev.yaml destination: ./config.yaml The shorthand: copies: [ref, ...] # is equivalent to copies: [{ from: ref }, ...] And the following defaults are used when no `source` and `destination` are specified. copies: - from: local # defaults to - from: local source: . destination: . copies: - from: variant # defaults to two entries - from: variant source: /srv/app # the lives.in dir destination: /srv/app - from: variant source: /opt/local # the shared lib dir destination: /opt/local Bug: T211625 Change-Id: I4c4217905afc0762b6bd66ed594d43cc0486e3e2
5 years ago
Add README.md
7 years ago
Unify `copies` and `artifacts` configuration Refactored `copies` configuration to allow for greater control over when and which both local build context files and variant artifacts are copied into the target image. The new configuration introduces a "local" keyword to signify when a `copies` entry should apply to the files from the local build context as opposed to files from another variant's image during a multi-stage build. variants: build: copies: - from: local source: ./src destination: . Note that with this change, the user must now explicitly define whether _any_ files should be copied in from the local build context. None will be copied in by default. To help keep configurations succinct, especially considering this new requirement, and to approximate the old `copies: variant`, a shorthand format and sane defaults for `source` and `destination` (depending whether `from` is "local" or a variant name) were implemented. variants: build: copies: [local] development: copies: - from: build - from: local source: ./config.dev.yaml destination: ./config.yaml The shorthand: copies: [ref, ...] # is equivalent to copies: [{ from: ref }, ...] And the following defaults are used when no `source` and `destination` are specified. copies: - from: local # defaults to - from: local source: . destination: . copies: - from: variant # defaults to two entries - from: variant source: /srv/app # the lives.in dir destination: /srv/app - from: variant source: /opt/local # the shared lib dir destination: /opt/local Bug: T211625 Change-Id: I4c4217905afc0762b6bd66ed594d43cc0486e3e2
5 years ago
Add README.md
7 years ago
Use a YAML config format instead of JSON
7 years ago
Add README.md
7 years ago
Add Makefile Summary: Added a Makefile so you don't need any special mangling of your go path Test Plan: None Reviewers: dduvall, mmodell, #release-engineering-team Reviewed By: mmodell Subscribers: Joe Tags: #release-engineering-team Revert Plan: None Differential Revision: https://phabricator.wikimedia.org/D671
7 years ago
Add README.md
7 years ago
Add Makefile Summary: Added a Makefile so you don't need any special mangling of your go path Test Plan: None Reviewers: dduvall, mmodell, #release-engineering-team Reviewed By: mmodell Subscribers: Joe Tags: #release-engineering-team Revert Plan: None Differential Revision: https://phabricator.wikimedia.org/D671
7 years ago
Provide a CONTRIBUTING.md guide Summary: To help new developers get on board, let's provide a `CONTRIBUTING.md` doc. Test Plan: Proofread with your eyeballs. Reviewers: thcipriani, demon, hashar, mmodell, zeljkofilipin, greg, Jrbranaa, #release-engineering-team Reviewed By: thcipriani, hashar, #release-engineering-team Tags: #release-engineering-team Differential Revision: https://phabricator.wikimedia.org/D993
6 years ago
 
  1. ![Blubber](docs/logo-400.png)
  2. 

  3. **Very experimental proof of concept.**
  4. 

  5. Blubber is a highly opinionated abstraction for container build configurations
  6. and a command-line compiler which currently supports outputting multi-stage
  7. Dockerfiles. It aims to provide a handful of declarative constructs that
  8. accomplish build configuration in a more secure and determinate way than
  9. running ad-hoc commands.
  10. 

  11. ## Example configuration

  12. 

  13. ```yaml
  14. version: v4
  15. base: debian:jessie
  16. apt:
  17.   packages: [libjpeg, libyaml]
  18. lives:
  19.   in: /srv/service
  20. runs:
  21.   environment:
  22.     FOO: bar
  23.     BAR: baz
  24. 

  25. variants:
  26.   build:
  27.     apt:
  28.       packages: [libjpeg-dev, libyaml-dev]
  29.     node:
  30.       requirements: [package.json, package-lock.json]
  31.     copies: [local]
  32. 

  33.   development:
  34.     includes: [build]
  35. 

  36.   test:
  37.     includes: [build]
  38.     apt:
  39.       packages: [chromium]
  40.     entrypoint: [npm, test]
  41. 

  42.   prep:
  43.     includes: [build]
  44.     node:
  45.       env: production
  46. 

  47.   production:
  48.     base: debian:jessie-slim
  49.     node:
  50.       env: production
  51.     copies: [prep]
  52.     entrypoint: [node, server.js]
  53. ```
  54. 

  55. ## Variants

  56. 

  57. Blubber supports a concept of composeable configuration variants for defining
  58. slightly different container images while still maintaining a sufficient
  59. degree of parity between them. For example, images for development and testing
  60. may require some development and debugging packages which you wouldn't want in
  61. production lest they contain vulnerabilities and somehow end up linked or
  62. included in the application runtime.
  63. 

  64. Properties declared at the top level are shared among all variants unless
  65. redefined, and one variant can include the properties of others. Some
  66. properties, like `apt:packages` are combined when inherited or included.
  67. 

  68. In the example configuration, the `test` variant when expanded effectively
  69. becomes:
  70. 

  71. ```yaml
  72. version: v4
  73. base: debian:jessie
  74. apt:
  75.   packages: [libjpeg, libyaml, libjpeg-dev, libyaml-dev, chromium]
  76. node:
  77.   dependencies: true
  78. runs:
  79.   in: /srv/service
  80.   as: runuser
  81.   uid: 666
  82.   gid: 666
  83. entrypoint: [npm, test]
  84. ```
  85. 

  86. ## Artifacts

  87. 

  88. When trying to ensure optimally sized Docker images for production, there's a
  89. common pattern that has emerged which is essentially to use one image for
  90. building an application and copying the resulting build artifacts to another
  91. much more optimized image, using the latter for production.
  92. 

  93. The Docker community has responded to this need by implementing
  94. [multi-stage builds](https://github.com/moby/moby/pull/32063) and Blubber
  95. makes use of this with its `copies` configuration property.
  96. 

  97. In the example configuration, the `production` variant declares artifacts to
  98. be copied over from the result of building the `prep` image.
  99. 

  100. ## Usage

  101. 

  102. Running the `blubber` command will be produce `Dockerfile` output for the
  103. given variant.
  104. 

  105.     blubber config.yaml variant
  106. 

  107. You can see the result of the example configuration by cloning this repo and
  108. running (assuming you have go):
  109. 

  110.     make
  111.     ./bin/blubber blubber blubber.example.yaml development
  112.     ./bin/blubber blubber blubber.example.yaml test
  113.     ./bin/blubber blubber blubber.example.yaml production
  114. 

  115. ## Contribution

  116. 

  117. If you'd like to make code contributions to Blubber, see
  118. [CONTRIBUTING.md](CONTRIBUTING.md).