Remove the chown command from entrypoint. (#22584)

* Remove the chown command from entrypoint. * TMP: remove redundant timeout on the health check for worker/web containers
2024-08-23 12:00:32 +02:00 · 2024-08-23 12:00:32 +02:00 · e4ceb64b9e
--- a/.gitignore
+++ b/.gitignore
@ -57,7 +57,6 @@ private/

 # do not ignore the following files
 !docker-compose.ci.yml
-!docker-compose.deps.yml
 !docker-compose.private.yml
 !private/README.md
 !deps/.keep
--- a/3
+++ b/3
@ -146,7 +146,8 @@ clean_docker: docker_compose_down docker_mysqld_volume_remove docker_clean_image

 .PHONY: docker_compose_up
 docker_compose_up: docker_mysqld_volume_create ## Start the docker containers
-	docker compose up $(DOCKER_SERVICES) -d --wait --remove-orphans --force-recreate --quiet-pull $(ARGS)
+	docker compose up $(DOCKER_SERVICES) -d --wait --remove-orphans --quiet-pull $(ARGS)
+	docker compose rm -f olympia

 .PHONY: docker_extract_deps
 docker_extract_deps: ## Extract dependencies from the docker image to a local volume mount
--- a/docker-compose.deps.yml
+++ b/docker-compose.deps.yml
@ -1,12 +0,0 @@
-# Using this file enables a mount of ./deps to /deps in the web/worker containers.
-# This allows the /deps folder to be exposed on the host machine enabling editing of those files
-# from the host. It is disabled by default.
-services:
-  web: &web
-      volumes:
-      - ./deps:/deps
-      - ./package.json:/deps/package.json
-      - ./package-lock.json:/deps/package-lock.json
-
-  worker:
-    <<: *web
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -22,12 +22,21 @@ x-env-mapping: &env
    - CIRCLECI
    - HOST_UID

+x-olympia: &olympia
+  <<: *env
+  image: ${DOCKER_TAG:-}
+  # Ignore any linting saying we have an invalid value.
+  pull_policy: ${DOCKER_PULL_POLICY:-}
+  # We drop down to a different user through supervisord, but starting as
+  # root allows us to fix the ownership of files generated at image build
+  # time through the ./docker/entrypoint.sh script.
+  user: root
+  platform: linux/amd64
+  entrypoint: ["/data/olympia/docker/entrypoint.sh"]
+
 services:
-  worker: &worker
-    <<: *env
-    image: ${DOCKER_TAG:-}
-    # Ignore any linting saying we have an invalid value.
-    pull_policy: ${DOCKER_PULL_POLICY:-}
+  olympia:
+    <<: *olympia
    build:
      args:
        DOCKER_COMMIT: ${DOCKER_COMMIT:-}
@ -39,17 +48,24 @@ services:
      x-bake:
        pull: true
        platforms: linux/amd64
-    # We drop down to a different user through supervisord, but starting as
-    # root allows us to fix the ownership of files generated at image build
-    # time through the ./docker/entrypoint.sh script.
-    user: root
-    platform: linux/amd64
-    entrypoint: ["/data/olympia/docker/entrypoint.sh"]
+    volumes:
+      - data_deps:/deps
+      - ./package.json:/deps/package.json
+      - ./package-lock.json:/deps/package-lock.json
+    command: make update_deps
+  worker: &worker
+    <<: *olympia
+    depends_on:
+      olympia:
+        condition: service_completed_successfully
    command:
      - supervisord -n -c /data/olympia/docker/supervisor-celery.conf
    volumes:
      - .:/data/olympia
      - storage:/data/olympia/storage
+      - data_deps:/deps
+      - ./package.json:/deps/package.json
+      - ./package-lock.json:/deps/package-lock.json
    extra_hosts:
     - "olympia.test:127.0.0.1"
    restart: on-failure:5
@ -61,11 +77,7 @@ services:
        "CMD-SHELL",
        "if [ -f /data/olympia/supervisord.pid ]; then echo 'File exists'; else echo 'File not found'; exit 1; fi"
      ]
-      # Checking every 3 seconds for 100 tries is 5 minutes
-      # With a timeout of 45 seconds gives a total of 5 minutes 45 seconds
-      # For entrypoint.sh to complete
      interval: 3s
-      timeout: 45s
      retries: 100

  web:
@ -174,6 +186,12 @@ volumes:
    name: addons-server_data_mysqld
    external: true
  data_rabbitmq:
+  data_deps:
+    driver: local
+    driver_opts:
+      type: none
+      o: bind
+      device: ./deps
  storage:
    driver: local
    driver_opts:
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -21,10 +21,6 @@ function get_olympia_gid() { echo "$(id -g "$OLYMPIA_USER")"; }
 if [[ -n "${HOST_UID:-}" ]]; then
  usermod -u ${HOST_UID} ${OLYMPIA_USER}
  echo "${OLYMPIA_USER} UID: ${OLYMPIA_UID} -> ${HOST_UID}"
-
-  # Ensure the olympia user has access to the /deps directory
-  echo "Updating file ownership for ${OLYMPIA_USER}"
-  time chown -R "$(get_olympia_uid):$(get_olympia_gid)" /deps
 fi

 cat <<EOF | su -s /bin/bash $OLYMPIA_USER
--- a/docs/topics/development/building_and_running_services.md
+++ b/docs/topics/development/building_and_running_services.md
@ -115,7 +115,7 @@ such as [docker-compose.ci.yml](../../../docker-compose.ci.yml) for CI environme
 To mount with a specific  set of docker compose files you can add the COMPOSE_FILE argument to make up. This will persist your setting to .env.

 ```sh
-make up COMPOSE_FILE=docker-compose.ci.yml:docker-compose.deps.yml
+make up COMPOSE_FILE=docker-compose.yml:docker-compose.ci.yml
 ```

 Files should be separated with a colon.
@ -133,5 +133,3 @@ We additionally mount serval local directories to the web/worker containers.

 - **.:/data/olympia**: Mounts the local repository into the container to allow real-time changes to files within the container.
 - **./deps:/deps**: Mounts the dependencies directory to enable better caching across builds and provide visibility for debugging directly on the host.
-This mount is only included when using the [docker-compose.deps.yml](../../../docker-compose.deps.yml) file.
-
--- a/docs/topics/development/setup_and_configuration.md
+++ b/docs/topics/development/setup_and_configuration.md
@ -193,7 +193,6 @@ Though it is **highly recommended to use the make commands** instead of directly

 - **[docker-compose.yml][docker-compose]**: The primary Docker Compose file defining services, networks, and volumes for local and CI environments.
 - **[docker-compose.ci.yml][docker-compose-ci]**: Overrides certain configurations for CI-specific needs, ensuring the environment is optimized for automated testing and builds.
- **[docker-compose.deps.yml][docker-compose-deps]**: Attaches a mount at ./deps to /deps in the container, exposing the contents to the host
 - **[docker-compose.private.yml][docker-compose-private]**: Runs addons-server with the _customs_ service that is only avaiable to Mozilla employees

 Our docker compose files rely on substituted values, all of which are included in our .env file for direct CLI compatibility.
@ -324,7 +323,6 @@ To fix this error `rm -f .env` to remove your .env and `make up` to restart the

 [docker-compose]: ../../../docker-compose.yml
 [docker-compose-ci]: ../../../docker-compose.ci.yml
-[docker-compose-deps]: ../../../docker-compose.deps.yml
 [docker-compose-private]: ../../../docker-compose.private.yml
 [docker-image-digest]: https://github.com/opencontainers/.github/blob/main/docs/docs/introduction/digests.md
 [addons-server-tags]: https://hub.docker.com/r/mozilla/addons-server/tags