-
Notifications
You must be signed in to change notification settings - Fork 530
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Install python/npm dependencies in repostiroy root. (WIP/POC) #21857
Conversation
The reason deps are installed that way is to allow for local envs to have a We looked into doing this via a recursive I've not ran your patch locally but this would likely break this locally, unless the user on your local machine happens to have uid=9500/gid=9500, which are the values the image is built for. |
How can I test this? It's working for me locally and in CI it is working. |
It's only working in CI because it's not covering the use-case of installing new version of deps on top of an existing image (CI currently doesn't use the docker image for tests, and the build job doesn't care about updating deps on top of it - and even if it did, caching of the deps might hide this) |
I tested this code in a github action that was building the container. Could be there host has 9500 as the UID / GID. No way caching was an issue there cause CI. I'm trying to build a dind container that can run the docker build but still not working. Do you actually know how and when this edge case can/was reproduced? |
I don't have time to fully try this now. The approximate STRs are:
Expected results:
Actual results:
Because the problem depends on how the volume ownership is set up on the host you may need to try this under Linux/Windows w/ WSL, or tweak your Docker settings on Mac. |
Are you sure this is still an issue? I'm not able to reproduce no matter what I do. I was able to test this using docker in docker. What I did:
docker pull dind
docker run --privileged --name my-dind-container -v $(pwd):/app -d docker:dind
docker exec -it my-dind-container /bin/sh
apk add make nodejs npm
make update_deps
|
You're running a completely different image, but crucially you're running the container as root, which is not how we run addons-server locally, at least in Linux. You'll run into the opposite problem, where files created in the docker image now have the wrong owner (root) on the host, causing permission denied issues when you try to edit the files locally (when you're tweaking deps to add manual logging/debugging statements, or altering the package lock file) |
I set a pairing session for us. I'm not sure I understand exactly the parameters of how to reproduce this. We can do it together and walk through the steps. |
Naive question: if we just built the image locally as the default by modifying the compose.yml, this goes away? |
Reran this test with a nonroot user. To clarify, my nonroot user has UID and GID that is not 9500. Running make initialize_docker installs python deps in the container at /deps and installs node_modules in the repo root /data/olympia. This works, I got an error indexing a document in elastic search (I don't think that is related but will keep digging on that) Then, From the host I ran npm i react --save This created a new file in /data/olympia/node_moudules/react/** . Running make update_deps still works. I don't seem to have any text editors installed in the container, but I can cat, create, echo to files in the react directory. I think the reason this works is that olympia has the same GID/UID as my nonroot user, due to the So.... idk what or how anything could break given that the only change in the commit we are discussing is moving the node_modules to a different path. 🤷 I'm trying to break this thing and I just cannot. |
4e4b2c2
to
33e2d5a
Compare
Okay, I was able to reproduce finally and able to solve (for linux host), I think.. Updated the first commit to reflect those changes. Now I'm getting weird behavior running back on my mac as host where a user with my UID/GID already exists in the container while building it locally 🤷 I really wish it were unproblematic to run docker as root. |
33e2d5a
to
2faed54
Compare
2faed54
to
4396086
Compare
Description
This PR has 2 commits. The aim is to simplify some of our build logic, specifically with how we handle node_modules. The first commit moves our node_modules back to the repo root in /data/olympia. The second uses django staticfiles to source files we need to include in our css/js bundles, removing the need for manually copying and maintaining those files.
Context
Based on the comments so far, seems like we have had premission issues between the container and host.
Tests
Check in the comments but you can test this on a non-linux host using docker in docker.