Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

T340226 reproducible builds #517

Merged
merged 89 commits into from
Dec 5, 2023
Merged

T340226 reproducible builds #517

merged 89 commits into from
Dec 5, 2023

Conversation

rti
Copy link
Contributor

@rti rti commented Nov 16, 2023
edited
Loading

Addressed in this PR

This PR became a bit more complex as it turned out to make lots of sense to do some of the "heavy lifting" tasks in the build system all at once instead of distributing them in several PRs.

Specifically, this PR changes:

  • Component versions are specified in variables.env which should makes builds pretty™ reproducible, this is true for git checkouts and docker images https://phabricator.wikimedia.org/T340226
    • definitely not an reproducible on a byte by byte level, e.g. debian security patches will sneak into docker base images
  • Flatten file hierarchy, i.e. remove the Docker folder https://phabricator.wikimedia.org/T343873
  • Move build logic into Dockerfile to leverage docker builds caching https://phabricator.wikimedia.org/T345564
  • Put docker builds first, tarballs are extracted from the docker builds now
  • Builds are now versioned right after build, docker images get version tags and latest, tarballs get a version string
  • Remove the builder container, everything is done in docker build now which is containerized anyway
  • ./build.sh now has a slightly different interface, see README https://phabricator.wikimedia.org/T345564
    • exporting to tarballs and dumping docker images as tarballs needs to be explicitly set via options now
    • without those options, builds can run way faster now, especially when parts are cached already
  • wdqs-frontend is based on debian now, not alpine for consistency (we use debian in most places anyway)
  • Do not write any temp files into the repo during build https://phabricator.wikimedia.org/T347053
  • Remove the build metadata mechanism, as all versions are specified upfront now https://phabricator.wikimedia.org/T347084
  • Working towards removing the Makefile, it is only used for test and lint now https://phabricator.wikimedia.org/T346037

We probably want to backport this to 1.39 and 1.40

Open Questions

  • Some base images change, when we backport this to 1.39 and 1.40 we might introduce instabilities. How can we prevent this?
  • How does the cache handle commit sha and docker image url changes?

@rti rti force-pushed the move-build-logic-to-dockerfile branch from c45d3c6 to e8a3947 Compare November 17, 2023 13:36
@rti rti force-pushed the move-build-logic-to-dockerfile branch from e8a3947 to d61d83d Compare November 21, 2023 15:33
@rti rti force-pushed the move-build-logic-to-dockerfile branch from 26764e0 to a9638fc Compare November 22, 2023 10:07
@rti rti mentioned this pull request Nov 22, 2023
Closed
@lorenjohnson lorenjohnson mentioned this pull request Dec 4, 2023
Closed
lorenjohnson
lorenjohnson approved these changes Dec 5, 2023
View reviewed changes
Copy link
Contributor

@lorenjohnson lorenjohnson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So excited for this one. My favourite set of changes to date! I approve and based on use so far think its doing everything it should. 🎉

README.md Show resolved Hide resolved
build/WDQS/Dockerfile Show resolved Hide resolved
test/scripts/test_suite.sh Show resolved Hide resolved
@rti rti merged commit b53344d into main Dec 5, 2023
25 checks passed
@rti rti deleted the move-build-logic-to-dockerfile branch December 5, 2023 10:35
rti added a commit that referenced this pull request Dec 15, 2023
@rti
T340226 reproducible builds (#517) backport to build WMDE.13 on mw-1.39
e1ffe4e
rti added a commit that referenced this pull request Dec 18, 2023
@rti
T340226 reproducible builds (#517)
dbd05d3
@rti rti mentioned this pull request Dec 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lorenjohnson lorenjohnson lorenjohnson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rti @lorenjohnson