2020-10-10 00:54:23 +00:00
|
|
|
################################################################################
|
2022-01-07 17:06:04 +00:00
|
|
|
## Javascript build stage
|
2020-10-10 00:54:23 +00:00
|
|
|
################################################################################
|
|
|
|
|
(core) move more tests to grist-core
Summary:
* Tie build and run-time docker base images to a consistent version (buster)
* Extend the test login system activated by GRIST_TEST_LOGIN to ease porting tests that currently rely on cognito (many)
* Make org resets work in absence of billing endpoints
* When in-memory session caches are used, add missing invalidation steps
* Pass org information through sign-ups/sign-ins more carefully
* For CORS, explicitly trust GRIST_HOST origin when set
* Move some fixtures and tests to core, focussing on tests that cover existing failures or are in the set of tests run on deployments
* Retain regular `test` target to run the test suite directly, without docker
* Add a `test:smoke` target to run a single simple test without `GRIST_TEST_LOGIN` activated
* Add a `test:docker` target to run the tests against a grist-core docker image - since tests rely on certain fixture teams/docs, added `TEST_SUPPORT_API_KEY` and `TEST_ADD_SAMPLES` flags to ease porting
The tests ported were `nbrowser` tests: `ActionLog.ts` (the first test I tend to port to anything, out of habit), `Fork.ts` (exercises a lot of doc creation paths), `HomeIntro.ts` (a lot of DocMenu exercise), and `DuplicateDocument.ts` (covers a feature known to be failing prior to this diff, the CORS tweak resolves it).
Test Plan: Manually tested via `buildtools/build_core.sh`. In follow up, I want to add running the `test:docker` target in grist-core's workflows. In jenkins, only the smoke test is run. There'd be an argument for running all tests, but they include particularly slow tests, and are duplicates of tests already run (in different configuration admittedly), so I'd like to try first just using them in grist-core to gate updates to any packaged version of Grist (the docker image currently).
Reviewers: alexmojaki
Reviewed By: alexmojaki
Subscribers: alexmojaki
Differential Revision: https://phab.getgrist.com/D3176
2021-12-10 22:42:54 +00:00
|
|
|
FROM node:14-buster as builder
|
2020-10-10 00:54:23 +00:00
|
|
|
|
|
|
|
# Install all node dependencies.
|
|
|
|
ADD package.json package.json
|
2021-04-02 23:11:27 +00:00
|
|
|
ADD yarn.lock yarn.lock
|
|
|
|
RUN yarn install --frozen-lockfile
|
2020-10-10 00:54:23 +00:00
|
|
|
|
|
|
|
# Build node code.
|
|
|
|
ADD tsconfig.json tsconfig.json
|
|
|
|
ADD app app
|
|
|
|
ADD stubs stubs
|
|
|
|
ADD buildtools buildtools
|
|
|
|
ADD static static
|
2021-04-02 23:11:27 +00:00
|
|
|
ADD test/tsconfig.json test/tsconfig.json
|
|
|
|
RUN yarn run build:prod
|
2020-10-10 00:54:23 +00:00
|
|
|
|
2022-01-07 17:06:04 +00:00
|
|
|
################################################################################
|
|
|
|
## Python collection stage
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
# Fetch python3.9 and python2.7
|
|
|
|
FROM python:3.9-slim-buster as collector
|
|
|
|
|
2020-10-10 00:54:23 +00:00
|
|
|
# Install all python dependencies.
|
|
|
|
ADD sandbox/requirements.txt requirements.txt
|
2022-01-07 17:06:04 +00:00
|
|
|
ADD sandbox/requirements3.txt requirements3.txt
|
2020-10-10 00:54:23 +00:00
|
|
|
RUN \
|
|
|
|
apt update && \
|
2022-01-07 17:06:04 +00:00
|
|
|
apt install -y --no-install-recommends python2 python-pip python-setuptools && \
|
|
|
|
pip2 install -r requirements.txt && \
|
|
|
|
pip3 install -r requirements3.txt
|
2020-10-10 00:54:23 +00:00
|
|
|
|
2022-03-24 20:27:34 +00:00
|
|
|
################################################################################
|
|
|
|
## Sandbox collection stage
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
# Fetch gvisor-based sandbox. Note, to enable it to run within default
|
|
|
|
# unprivileged docker, layers of protection that require privilege have
|
|
|
|
# been stripped away, see https://github.com/google/gvisor/issues/4371
|
|
|
|
FROM gristlabs/gvisor-unprivileged:buster as sandbox
|
|
|
|
|
2020-10-10 00:54:23 +00:00
|
|
|
################################################################################
|
|
|
|
## Run-time stage
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
# Now, start preparing final image.
|
2021-11-30 04:14:50 +00:00
|
|
|
FROM node:14-buster-slim
|
2020-10-10 00:54:23 +00:00
|
|
|
|
2022-01-07 17:06:04 +00:00
|
|
|
# Install libexpat1, libsqlite3-0 for python3 library binary dependencies.
|
2022-03-24 20:27:34 +00:00
|
|
|
# Install pgrep for managing gvisor processes.
|
2022-01-07 17:06:04 +00:00
|
|
|
RUN \
|
|
|
|
apt-get update && \
|
2022-03-24 20:27:34 +00:00
|
|
|
apt-get install -y --no-install-recommends libexpat1 libsqlite3-0 procps && \
|
2022-01-07 17:06:04 +00:00
|
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
# Keep all storage user may want to persist in a distinct directory
|
|
|
|
RUN mkdir -p /persist/docs
|
|
|
|
|
2020-10-10 00:54:23 +00:00
|
|
|
# Copy node files.
|
|
|
|
COPY --from=builder /node_modules node_modules
|
|
|
|
COPY --from=builder /_build _build
|
|
|
|
COPY --from=builder /static static
|
|
|
|
|
2022-01-07 17:06:04 +00:00
|
|
|
# Copy python files.
|
|
|
|
COPY --from=collector /usr/bin/python2.7 /usr/bin/python2.7
|
|
|
|
COPY --from=collector /usr/lib/python2.7 /usr/lib/python2.7
|
|
|
|
COPY --from=collector /usr/local/lib/python2.7 /usr/local/lib/python2.7
|
|
|
|
COPY --from=collector /usr/local/bin/python3.9 /usr/bin/python3.9
|
|
|
|
COPY --from=collector /usr/local/lib/python3.9 /usr/local/lib/python3.9
|
|
|
|
COPY --from=collector /usr/local/lib/libpython3.9.* /usr/local/lib/
|
|
|
|
# Set default to python3
|
2022-03-24 20:27:34 +00:00
|
|
|
RUN \
|
|
|
|
ln -s /usr/bin/python3.9 /usr/bin/python && \
|
|
|
|
ln -s /usr/bin/python3.9 /usr/bin/python3 && \
|
|
|
|
ldconfig
|
|
|
|
|
|
|
|
# Copy runsc.
|
|
|
|
COPY --from=sandbox /runsc /usr/bin/runsc
|
2020-10-10 00:54:23 +00:00
|
|
|
|
|
|
|
# Add files needed for running server.
|
|
|
|
ADD package.json package.json
|
|
|
|
ADD ormconfig.js ormconfig.js
|
|
|
|
ADD bower_components bower_components
|
|
|
|
ADD sandbox sandbox
|
2021-11-30 04:14:50 +00:00
|
|
|
ADD plugins plugins
|
2020-10-10 00:54:23 +00:00
|
|
|
|
|
|
|
# Set some default environment variables to give a setup that works out of the box when
|
|
|
|
# started as:
|
|
|
|
# docker run -p 8484:8484 -it <image>
|
|
|
|
# Variables will need to be overridden for other setups.
|
2022-03-24 20:27:34 +00:00
|
|
|
ENV \
|
|
|
|
PYTHON_VERSION_ON_CREATION=3 \
|
|
|
|
GRIST_ORG_IN_PATH=true \
|
|
|
|
GRIST_HOST=0.0.0.0 \
|
|
|
|
GRIST_SINGLE_PORT=true \
|
|
|
|
GRIST_SERVE_SAME_ORIGIN=true \
|
|
|
|
GRIST_DATA_DIR=/persist/docs \
|
|
|
|
GRIST_INST_DIR=/persist \
|
|
|
|
GRIST_SESSION_COOKIE=grist_core \
|
|
|
|
GVISOR_FLAGS="-unprivileged -ignore-cgroups" \
|
|
|
|
GRIST_SANDBOX_FLAVOR=gvisor \
|
|
|
|
TYPEORM_DATABASE=/persist/home.sqlite3
|
|
|
|
|
2020-10-10 00:54:23 +00:00
|
|
|
EXPOSE 8484
|
2022-03-24 20:27:34 +00:00
|
|
|
|
|
|
|
CMD ./sandbox/run.sh
|