gecko-dev/testing/docker
Maja Frydrychowicz 0eec303a06 Bug 1227367 - Add marionette-harness TaskCluster task; r=dustin
marionette-harness is implemented as a "generic" task and
can be triggered with the following try syntax:
`-p linux64_tc -j marionette-harness -u none -t none`

The Marionette harness tests do not depend on a browser build,
they only exercise Python code.

Add option to testing/docker/desktop-build/bin/build.sh to
execute any in-tree script instead of only `build-linux.sh`.
This feature is used to call
testing/taskcluster/scripts/tester/harness-test-linux.sh, which
in turn executes the mozharness script specified in the environment.

MozReview-Commit-ID: H08v8ow4p8q

--HG--
extra : rebase_source : 0b8caf4c149a7446591808381fc9819ed795bbd5
extra : histedit_source : 191251f01aeee1e683f14d35439aed5eff55c20d
2016-03-31 15:40:03 -04:00
..
android-gradle-build Bug 1252928 - Part 2: Turn android-gradle-build into a desktop-build clone. r=dustin 2016-03-08 11:42:56 -08:00
b2g-build Bug 1257127 - Change b2g Docker images and scripts to upgrade host toolchain r=garndt 2016-03-21 15:50:27 -07:00
base-build Bug 1122598: Refactor testing/docker to support Android; r=wcosta 2015-01-21 10:45:34 -05:00
base-test Bug 1237987 - Update mulet mochitests to use tester image r=wcosta 2016-01-08 11:26:28 -06:00
builder Bug 1257127 - Fix b2g device docker images to build in taskcluster r=wcosta 2016-03-30 02:44:00 +02:00
centos6-build Backed out changeset 3d245551d3fb (bug 1260505) for suspicion of causing taskcluster-images opt Docker Artifact Image Builder failures 2016-04-05 09:48:49 +02:00
centos6-build-upd Backed out changeset 3d245551d3fb (bug 1260505) for suspicion of causing taskcluster-images opt Docker Artifact Image Builder failures 2016-04-05 09:48:49 +02:00
decision Bug 1119387 part 5: Update docker images. 2015-03-25 14:25:27 -03:00
desktop-build Bug 1227367 - Add marionette-harness TaskCluster task; r=dustin 2016-03-31 15:40:03 -04:00
desktop-l10n Bug 1248713 - add docker container for l10n repacks r=catlee DONTBUILD 2016-03-04 13:30:59 -05:00
desktop-test Backed out changeset 3d245551d3fb (bug 1260505) for suspicion of causing taskcluster-images opt Docker Artifact Image Builder failures 2016-04-05 09:48:49 +02:00
image_builder Bug 1226413 - Allow task images to be built upon push r=wcosta 2015-11-16 12:01:15 -06:00
lint Bug 1229588: Add a taskcluster test for eslint. r=dustin 2016-01-06 13:33:30 -08:00
phone-builder Bug 1257127 - Bump phone-builder VERSION 0.0.25 r=wcosta 2016-03-30 09:13:00 +02:00
rust-build Bug 1245170 - Upload rust builds to tooltool. r=dustin 2016-02-16 13:30:19 -08:00
tester Bug 1248318 - Use in-tree script for emulator tests; r=ahal 2016-01-29 23:21:25 +08:00
tester-device Bug 1225461 - [tc-gip] test_login_bzlite.py is failing because of missing configuration r=garndt 2016-01-13 15:08:56 +01:00
ubuntu1204-test Backed out changeset 3d245551d3fb (bug 1260505) for suspicion of causing taskcluster-images opt Docker Artifact Image Builder failures 2016-04-05 09:48:49 +02:00
ubuntu1204-test-upd Backed out changeset 3d245551d3fb (bug 1260505) for suspicion of causing taskcluster-images opt Docker Artifact Image Builder failures 2016-04-05 09:48:49 +02:00
README.md Bug 1223123 - Enable pulse_audio for Linux64 TC desktop jobs + proper window manager. r=dustin 2015-11-25 14:56:02 -05:00
REGISTRY
build.sh Bug 1237740 - Fix build.sh error message typo. r=wcosta DONTBUILD 2016-01-07 12:41:00 -08:00

README.md

Docker Images for use in TaskCluster

This folder contains various docker images used in taskcluster as well as other misc docker images which may be useful for hacking on gecko.

Organization

Each folder describes a single docker image. We have two types of images that can be defined:

  1. Task Images (build-on-push)
  2. Docker Images (prebuilt)

These images depend on one another, as described in the FROM line at the top of the Dockerfile in each folder.

Images could either be an image intended for pushing to a docker registry, or one that is meant either for local testing or being built as an artifact when pushed to vcs.

Task Images (build-on-push)

Images can be uploaded as a task artifact, indexed under a given namespace, and used in other tasks by referencing the task ID.

Important to note, these images do not require building and pushing to a docker registry, and are build per push (if necessary) and uploaded as task artifacts.

The decision task that is run per push will determine if the image needs to be built based on the hash of the context directory and if the image exists under the namespace for a given branch.

As an additional convenience, and a precaution to loading images per branch, if an image has been indexed with a given context hash for mozilla-central, any tasks requiring that image will use that indexed task. This is to ensure there are not multiple images built/used that were built from the same context. In summary, if the image has been built for mozilla-central, pushes to any branch will use that already built image.

To use within an in-tree task definition, the format is:

image:
  type: 'task-image'
  path: 'public/image.tar'
  taskId: '{{#task_id_for_image}}builder{{/task_id_for_image}}'
Context Directory Hashing

Decision tasks will calculate the sha256 hash of the contents of the image directory and will determine if the image already exists for a given branch and hash or if a new image must be built and indexed.

Note: this is the contents of only the context directory, not the image contents.

The decision task will:

  1. Recursively collect the paths of all files within the context directory
  2. Sort the filenames alphabetically to ensure the hash is consistently calculated
  3. Generate a sha256 hash of the contents of each file.
  4. All file hashes will then be combined with their path and used to update the hash of the context directory.

This ensures that the hash is consistently calculated and path changes will result in different hashes being generated.

Task Image Index Namespace

Images that are built on push and uploaded as an artifact of a task will be indexed under the following namespaces.

  • docker.images.v1.{project}.{image_name}.latest
  • docker.images.v1.{project}.{image_name}.pushdate.{year}.{month}-{day}-{pushtime}
  • docker.images.v1.{project}.{image_name}.hash.{context_hash}

Not only can images be browsed by the pushdate and context hash, but the 'latest' namespace is meant to view the latest built image. This functions similarly to the 'latest' tag for docker images that are pushed to a registry.

Docker Registry Images (prebuilt)

Deprecation Warning: Use of prebuilt images should only be used for base images (those that other images will inherit from), or private images that must be stored in a private docker registry account. Existing public images will be converted to images that are built on push and any newly added image should follow this pattern.

These are images that are intended to be pushed to a docker registry and used by specifying the folder name in task definitions. This information is automatically populated by using the 'docker_image' convenience method in task definitions.

Example: image: {#docker_image}builder{/docker_image}

Each image has a version, given by its VERSION file. This should be bumped when any changes are made that will be deployed into taskcluster. Then, older tasks which were designed to run on an older version of the image can still be executed in taskcluster, while new tasks can use the new version.

Each image also has a REGISTRY, defaulting to the REGISTRY in this directory, and specifying the image registry to which the completed image should be uploaded.

Building images

Generally, images can be pulled from the registry rather than built locally, however, for developing new images it's often helpful to hack on them locally.

To build an image, invoke build.sh with the name of the folder (without a trailing slash):

./build.sh base

This is a tiny wrapper around building the docker images via docker build -t $REGISTRY/$FOLDER:$FOLDER_VERSION

Note: If no "VERSION" file present in the image directory, the tag 'latest' will be used and no registry user will be defined. The image is only meant to run locally and will overwrite any existing image with the same name and tag.

On completion, if the image has been tagged with a version and registry, build.sh gives a command to upload the image to the registry, but this is not necessary until the image is ready for production usage. Docker will successfully find the local, tagged image while you continue to hack on the image definitions.

Adding a new image

The docker image primitives are very basic building block for constructing an "image" but generally don't help much with tagging it for deployment so we have a wrapper (./build.sh) which adds some sugar to help with tagging/versioning... Each folder should look something like this:

  - your_amazing_image/
    - your_amazing_image/Dockerfile: Standard docker file syntax
    - your_amazing_image/VERSION: The version of the docker file
      (required* used during tagging)
    - your_amazing_image/REGISTRY: Override default registry
      (useful for secret registries)

Conventions

In some image folders you will see .env files these can be used in conjunction with the --env-file flag in docker to provide a environment with the given environment variables. These are primarily for convenience when manually hacking on the images.

You will also see a system-setup.sh script used to build the image. Do not replicate this technique - prefer to include the commands and options directly in the Dockerfile.