NextERP/runbot
5
0
Fork 0
mirror of https://github.com/odoo/runbot.git synced 2025-03-19 17:35:45 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
8937f379ce
runbot/runbot/container.py

238 lines
10 KiB
Python
Raw Normal View History

[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
# -*- coding: utf-8 -*-
"""Containerize builds
The docker image used for the build is always tagged like this:
odoo:runbot_tests
This file contains helpers to containerize builds with Docker.
When testing this file:
the first parameter should be a directory containing Odoo.
The second parameter is the exposed port
"""
import argparse
import datetime
[FIX] runbot: find docker gateway for build smtp host When a build is running, the stmp is the localhost. Since Docker builds, the localhost is the container which does not catch port 25 smtp. Mails are lost in the limbo. With this commit, the default gateway of the Docker network is used as smtp host for the builds. It's the responsability of the runbot host to catch smtp traffic from the container. This bridge interface exists by default on a system where Docker is running. However, Docker is affected by this issue: https://github.com/moby/moby/issues/26799 The first time the Docker daemon is installed, the Gateway is not defined on the bridge interface. When the Docker daemon is restarted, the gateway is correctly defined. Pay attention that restarting the Docker daemon will kill all the running/testing builds.
2019-01-07 18:01:46 +07:00
import json
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
import logging
import os
import shutil
import subprocess
import time
_logger = logging.getLogger(__name__)
DOCKERUSER = """
RUN groupadd -g %(group_id)s odoo \\
&& useradd -u %(user_id)s -g odoo -G audio,video odoo \\
&& mkdir /home/odoo \\
&& chown -R odoo:odoo /home/odoo \\
&& echo "odoo ALL= NOPASSWD: /usr/bin/pip" > /etc/sudoers.d/pip \\
&& echo "odoo ALL= NOPASSWD: /usr/bin/pip3" >> /etc/sudoers.d/pip
USER odoo
ENV COVERAGE_FILE /data/build/.coverage
""" % {'group_id': os.getgid(), 'user_id': os.getuid()}
[IMP] runbot: detach odoo command from docker_run When the docker_run function is called, the odoo command is decorated with a pip command to install required packages. This pollute the docker_run function if a runbot job_ method wants to use docker for something else that starting an odoo instance (like pg_dump) for example. With this commit, command modification is made in an optional helper function named build_odoo_cmd. the docker_run function now needs the command to run as a string instead of a list of odoo cmd and its parameters.
2019-04-04 16:55:30 +07:00
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
class Command():
def __init__(self, pres, cmd, posts):
self.pres = pres or []
self.cmd = cmd
self.posts = posts or []
def __getattr__(self, name):
return getattr(self.cmd, name)
def __getitem__(self, key):
return self.cmd[key]
def __add__(self, l):
return Command(self.pres, self.cmd + l, self.posts)
def build(self):
cmd_chain = []
cmd_chain += [' '.join(pre) for pre in self.pres if pre]
cmd_chain.append(' '.join(self))
cmd_chain += [' '.join(post) for post in self.posts if post]
return ' && '.join(cmd_chain)
[IMP] runbot: detach odoo command from docker_run When the docker_run function is called, the odoo command is decorated with a pip command to install required packages. This pollute the docker_run function if a runbot job_ method wants to use docker for something else that starting an odoo instance (like pg_dump) for example. With this commit, command modification is made in an optional helper function named build_odoo_cmd. the docker_run function now needs the command to run as a string instead of a list of odoo cmd and its parameters.
2019-04-04 16:55:30 +07:00
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
def docker_build(log_path, build_dir):
"""Build the docker image
:param log_path: path to the logfile that will contain odoo stdout and stderr
:param build_dir: the build directory that contains the Odoo sources to build.
"""
# Prepare docker image
docker_dir = os.path.join(build_dir, 'docker')
os.makedirs(docker_dir, exist_ok=True)
shutil.copy(os.path.join(os.path.dirname(__file__), 'data', 'Dockerfile'), docker_dir)
# synchronise the current user with the odoo user inside the Dockerfile
with open(os.path.join(docker_dir, 'Dockerfile'), 'a') as df:
df.write(DOCKERUSER)
logs = open(log_path, 'w')
dbuild = subprocess.Popen(['docker', 'build', '--tag', 'odoo:runbot_tests', '.'], stdout=logs, stderr=logs, cwd=docker_dir)
dbuild.wait()
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
[IMP] runbot: share sources between builds Multibuild can create generate a lots of checkout, especially for small and fast jobs, which can overload runbot discs since we are trying not to clean build immediatly. (To ease bug fix and allow wake up) This commit proposes to store source on a single place, so that docker can add them as ro volume in the build directory. The checkout is also moved to the installs jobs, so that builds containing only create builds steps won't checkout the sources. This change implies to use --addons-path correctly, since odoo and enterprise addons wont be merged in the same repo anymore. This will allow to test addons a dev will do, with a closer command line. This implies to change the code structure a litle, some changes where made to remove no-so-usefull fields on build, and some hard-coded logic (manifest_names and server_names) are now stored on repo instead. This changes implies that a build CANNOT write in his sources. It shouldn't be the case, but it means that runbot cannot be tested on runbot untill datas are written elsewhere than in static. Other possibilities are possible, like bind mounting the sources in the build directory instead of adding ro volumes in docker. Unfortunately, this needs to give access to mount as sudo for runbot user and changes docjker config to allow mounts in volumes which is not the case by default. A plus of this solution would be to be able to make an overlay mount.
2019-07-08 19:44:32 +07:00
def docker_run(run_cmd, log_path, build_dir, container_name, exposed_ports=None, cpu_limit=None, preexec_fn=None, ro_volumes=None):
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
"""Run tests in a docker container
[IMP] runbot: detach odoo command from docker_run When the docker_run function is called, the odoo command is decorated with a pip command to install required packages. This pollute the docker_run function if a runbot job_ method wants to use docker for something else that starting an odoo instance (like pg_dump) for example. With this commit, command modification is made in an optional helper function named build_odoo_cmd. the docker_run function now needs the command to run as a string instead of a list of odoo cmd and its parameters.
2019-04-04 16:55:30 +07:00
:param run_cmd: command string to run in container
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
:param log_path: path to the logfile that will contain odoo stdout and stderr
:param build_dir: the build directory that contains the Odoo sources to build.
This directory is shared as a volume with the container
:param container_name: used to give a name to the container for later reference
:param exposed_ports: if not None, starting at 8069, ports will be exposed as exposed_ports numbers
[IMP] runbot: share sources between builds Multibuild can create generate a lots of checkout, especially for small and fast jobs, which can overload runbot discs since we are trying not to clean build immediatly. (To ease bug fix and allow wake up) This commit proposes to store source on a single place, so that docker can add them as ro volume in the build directory. The checkout is also moved to the installs jobs, so that builds containing only create builds steps won't checkout the sources. This change implies to use --addons-path correctly, since odoo and enterprise addons wont be merged in the same repo anymore. This will allow to test addons a dev will do, with a closer command line. This implies to change the code structure a litle, some changes where made to remove no-so-usefull fields on build, and some hard-coded logic (manifest_names and server_names) are now stored on repo instead. This changes implies that a build CANNOT write in his sources. It shouldn't be the case, but it means that runbot cannot be tested on runbot untill datas are written elsewhere than in static. Other possibilities are possible, like bind mounting the sources in the build directory instead of adding ro volumes in docker. Unfortunately, this needs to give access to mount as sudo for runbot user and changes docjker config to allow mounts in volumes which is not the case by default. A plus of this solution would be to be able to make an overlay mount.
2019-07-08 19:44:32 +07:00
:params ro_volumes: dict of dest:source volumes to mount readonly in builddir
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
"""
_logger.debug('Docker run command: %s', run_cmd)
logs = open(log_path, 'w')
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
run_cmd = 'cd /data/build && %s' % run_cmd
logs.write("Docker command:\n%s\n=================================================\n" % run_cmd.replace('&& ', '&&\n').replace('|| ', '||\n\t'))
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
# create start script
docker_command = [
'docker', 'run', '--rm',
'--name', container_name,
'--volume=/var/run/postgresql:/var/run/postgresql',
'--volume=%s:/data/build' % build_dir,
'--shm-size=128m',
'--init',
]
[IMP] runbot: share sources between builds Multibuild can create generate a lots of checkout, especially for small and fast jobs, which can overload runbot discs since we are trying not to clean build immediatly. (To ease bug fix and allow wake up) This commit proposes to store source on a single place, so that docker can add them as ro volume in the build directory. The checkout is also moved to the installs jobs, so that builds containing only create builds steps won't checkout the sources. This change implies to use --addons-path correctly, since odoo and enterprise addons wont be merged in the same repo anymore. This will allow to test addons a dev will do, with a closer command line. This implies to change the code structure a litle, some changes where made to remove no-so-usefull fields on build, and some hard-coded logic (manifest_names and server_names) are now stored on repo instead. This changes implies that a build CANNOT write in his sources. It shouldn't be the case, but it means that runbot cannot be tested on runbot untill datas are written elsewhere than in static. Other possibilities are possible, like bind mounting the sources in the build directory instead of adding ro volumes in docker. Unfortunately, this needs to give access to mount as sudo for runbot user and changes docjker config to allow mounts in volumes which is not the case by default. A plus of this solution would be to be able to make an overlay mount.
2019-07-08 19:44:32 +07:00
if ro_volumes:
for dest, source in ro_volumes.items():
logs.write("Adding readonly volume '%s' pointing to %s \n" % (dest, source))
docker_command.append('--volume=%s:/data/build/%s:ro' % (source, dest))
[FIX] runbot: mount host odoorc file in the container When starting a container, the .odoorc|.openerp_serverrc file is not used by the build. With this commit, if a .odoorc or .openerp_serverrc file is found in the home directory of the runbot user, this file is mounted read-only in the container, allowing some customization.
2019-01-03 15:28:41 +07:00
serverrc_path = os.path.expanduser('~/.openerp_serverrc')
odoorc_path = os.path.expanduser('~/.odoorc')
final_rc = odoorc_path if os.path.exists(odoorc_path) else serverrc_path if os.path.exists(serverrc_path) else None
if final_rc:
docker_command.extend(['--volume=%s:/home/odoo/.odoorc:ro' % final_rc])
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
if exposed_ports:
[IMP] runbot: share sources between builds Multibuild can create generate a lots of checkout, especially for small and fast jobs, which can overload runbot discs since we are trying not to clean build immediatly. (To ease bug fix and allow wake up) This commit proposes to store source on a single place, so that docker can add them as ro volume in the build directory. The checkout is also moved to the installs jobs, so that builds containing only create builds steps won't checkout the sources. This change implies to use --addons-path correctly, since odoo and enterprise addons wont be merged in the same repo anymore. This will allow to test addons a dev will do, with a closer command line. This implies to change the code structure a litle, some changes where made to remove no-so-usefull fields on build, and some hard-coded logic (manifest_names and server_names) are now stored on repo instead. This changes implies that a build CANNOT write in his sources. It shouldn't be the case, but it means that runbot cannot be tested on runbot untill datas are written elsewhere than in static. Other possibilities are possible, like bind mounting the sources in the build directory instead of adding ro volumes in docker. Unfortunately, this needs to give access to mount as sudo for runbot user and changes docjker config to allow mounts in volumes which is not the case by default. A plus of this solution would be to be able to make an overlay mount.
2019-07-08 19:44:32 +07:00
for dp, hp in enumerate(exposed_ports, start=8069):
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
docker_command.extend(['-p', '127.0.0.1:%s:%s' % (hp, dp)])
if cpu_limit:
docker_command.extend(['--ulimit', 'cpu=%s' % int(cpu_limit)])
docker_command.extend(['odoo:runbot_tests', '/bin/bash', '-c', "%s" % run_cmd])
docker_run = subprocess.Popen(docker_command, stdout=logs, stderr=logs, preexec_fn=preexec_fn, close_fds=False, cwd=build_dir)
_logger.info('Started Docker container %s', container_name)
return docker_run.pid
def docker_stop(container_name):
"""Stops the container named container_name"""
_logger.info('Stopping container %s', container_name)
dstop = subprocess.run(['docker', 'stop', container_name])
def docker_is_running(container_name):
"""Return True if container is still running"""
dinspect = subprocess.run(['docker', 'container', 'inspect', container_name], stderr=subprocess.DEVNULL, stdout=subprocess.DEVNULL)
return True if dinspect.returncode == 0 else False
[FIX] runbot: find docker gateway for build smtp host When a build is running, the stmp is the localhost. Since Docker builds, the localhost is the container which does not catch port 25 smtp. Mails are lost in the limbo. With this commit, the default gateway of the Docker network is used as smtp host for the builds. It's the responsability of the runbot host to catch smtp traffic from the container. This bridge interface exists by default on a system where Docker is running. However, Docker is affected by this issue: https://github.com/moby/moby/issues/26799 The first time the Docker daemon is installed, the Gateway is not defined on the bridge interface. When the Docker daemon is restarted, the gateway is correctly defined. Pay attention that restarting the Docker daemon will kill all the running/testing builds.
2019-01-07 18:01:46 +07:00
def docker_get_gateway_ip():
"""Return the host ip of the docker default bridge gateway"""
docker_net_inspect = subprocess.run(['docker', 'network', 'inspect', 'bridge'], stdout=subprocess.PIPE)
if docker_net_inspect.returncode != 0:
return None
if docker_net_inspect.stdout:
try:
return json.loads(docker_net_inspect.stdout)[0]['IPAM']['Config'][0]['Gateway']
except KeyError:
return None
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
def build(args):
"""Build container from CLI"""
_logger.info('Building the base image container')
logdir = os.path.join(args.build_dir, 'logs')
os.makedirs(logdir, exist_ok=True)
logfile = os.path.join(logdir, 'logs-build.txt')
docker_build(logfile, args.build_dir)
_logger.info('Finished building the base image container')
def tests(args):
_logger.info('Start container tests')
os.makedirs(os.path.join(args.build_dir, 'logs'), exist_ok=True)
os.makedirs(os.path.join(args.build_dir, 'datadir'), exist_ok=True)
if args.kill:
# Test stopping a non running container
_logger.info('Test killing an non existing container')
docker_stop('xy' * 5)
# Test building
_logger.info('Test building the base image container')
logfile = os.path.join(args.build_dir, 'logs', 'logs-build.txt')
docker_build(logfile, args.build_dir)
# Test testing
odoo_cmd = ['/data/build/odoo-bin', '-d %s' % args.db_name, '--addons-path=/data/build/addons', '--data-dir', '/data/build/datadir', '-r %s' % os.getlogin(), '-i', args.odoo_modules, '--test-enable', '--stop-after-init', '--max-cron-threads=0']
if args.kill:
logfile = os.path.join(args.build_dir, 'logs', 'logs-partial.txt')
container_name = 'odoo-container-test-%s' % datetime.datetime.now().microsecond
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
# FIXME
# docker_run(build_odoo_cmd(odoo_cmd), logfile, args.build_dir, container_name)
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
# Test stopping the container
_logger.info('Waiting 30 sec before killing the build')
time.sleep(30)
docker_stop(container_name)
time.sleep(3)
# Test full testing
logfile = os.path.join(args.build_dir, 'logs', 'logs-full-test.txt')
container_name = 'odoo-container-test-%s' % datetime.datetime.now().microsecond
if args.coverage:
omit = ['--omit', '*__manifest__.py']
with open(os.path.join(args.build_dir, 'odoo-bin'), 'r') as exfile:
pyversion = 'python3' if 'python3' in exfile.readline() else 'python'
odoo_cmd = [ pyversion, '-m', 'coverage', 'run', '--branch', '--source', '/data/build'] + omit + odoo_cmd
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
# FIXME
# docker_run(build_odoo_cmd(odoo_cmd), logfile, args.build_dir, container_name)
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
time.sleep(1) # give time for the container to start
while docker_is_running(container_name):
time.sleep(10)
_logger.info("Waiting for %s to stop", container_name)
[IMP] runbot: detach odoo command from docker_run When the docker_run function is called, the odoo command is decorated with a pip command to install required packages. This pollute the docker_run function if a runbot job_ method wants to use docker for something else that starting an odoo instance (like pg_dump) for example. With this commit, command modification is made in an optional helper function named build_odoo_cmd. the docker_run function now needs the command to run as a string instead of a list of odoo cmd and its parameters.
2019-04-04 16:55:30 +07:00
if args.dump:
_logger.info("Testing pg_dump")
logfile = os.path.join(args.build_dir, 'logs', 'logs-pg_dump.txt')
container_name = 'odoo-container-test-pg_dump-%s' % datetime.datetime.now().microsecond
docker_pg_dump_cmd = 'cd /data/build/datadir && pg_dump -U %s -f db_export.sql %s' % (os.getlogin(), args.db_name)
docker_run(docker_pg_dump_cmd, logfile, args.build_dir, container_name)
time.sleep(1)
while docker_is_running(container_name):
time.sleep(10)
_logger.info("Waiting for %s to stop", container_name)
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
if args.run:
# Test running
logfile = os.path.join(args.build_dir, 'logs', 'logs-running.txt')
odoo_cmd = [
'/data/build/odoo-bin', '-d %s' % args.db_name,
'--db-filter', '%s.*$' % args.db_name, '--addons-path=/data/build/addons',
'-r %s' % os.getlogin(), '-i', 'web', '--max-cron-threads=1',
'--data-dir', '/data/build/datadir', '--workers', '2',
'--longpolling-port', '8070']
[FIX] runbot: find docker gateway for build smtp host When a build is running, the stmp is the localhost. Since Docker builds, the localhost is the container which does not catch port 25 smtp. Mails are lost in the limbo. With this commit, the default gateway of the Docker network is used as smtp host for the builds. It's the responsability of the runbot host to catch smtp traffic from the container. This bridge interface exists by default on a system where Docker is running. However, Docker is affected by this issue: https://github.com/moby/moby/issues/26799 The first time the Docker daemon is installed, the Gateway is not defined on the bridge interface. When the Docker daemon is restarted, the gateway is correctly defined. Pay attention that restarting the Docker daemon will kill all the running/testing builds.
2019-01-07 18:01:46 +07:00
smtp_host = docker_get_gateway_ip()
if smtp_host:
odoo_cmd.extend(['--smtp', smtp_host])
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
container_name = 'odoo-container-test-%s' % datetime.datetime.now().microsecond
[FIX] runbot: fix coverage since shared sources The requirements path and python version where defined from server in cmd. Since in coverage we add a 'python' before server, it is difficult to define which element of the cmd is the server. A solution here is simply to define requirements install and python version when building cmd since we have access to all build/source informations. We also add python part in every cases, and coverage params are now a _cmd python_params. The _cmd method now returns a Command object instead of a list, which behave has a list for the cmd part but also contains a pres and posts list. pres are requirement install, preparation, ... cmd is the original cmd list, element can be append or added, this will allow to keep existing python job without to much changes. posts are post cmd commands, like coverage result making. This commit also fix issue with create_job dependencies.
2019-07-15 16:27:46 +07:00
# FIXME
# docker_run(build_odoo_cmd(odoo_cmd), logfile, args.build_dir, container_name, exposed_ports=[args.odoo_port, args.odoo_port + 1], cpu_limit=300)
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
if __name__ == '__main__':
logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(levelname)s %(name)s: %(message)s')
parser = argparse.ArgumentParser()
subparser = parser.add_subparsers(help='commands')
p_build = subparser.add_parser('build', help='Build docker image')
p_build.add_argument('build_dir')
p_build.set_defaults(func=build)
p_test = subparser.add_parser('tests', help='Test docker functions')
p_test.set_defaults(func=tests)
p_test.add_argument('build_dir')
p_test.add_argument('odoo_port', type=int)
p_test.add_argument('db_name')
p_test.add_argument('--coverage', action='store_true', help= 'test a build with coverage')
p_test.add_argument('-i', dest='odoo_modules', default='web', help='Comma separated list of modules')
p_test.add_argument('--kill', action='store_true', default=False, help='Also test container kill')
[IMP] runbot: detach odoo command from docker_run When the docker_run function is called, the odoo command is decorated with a pip command to install required packages. This pollute the docker_run function if a runbot job_ method wants to use docker for something else that starting an odoo instance (like pg_dump) for example. With this commit, command modification is made in an optional helper function named build_odoo_cmd. the docker_run function now needs the command to run as a string instead of a list of odoo cmd and its parameters.
2019-04-04 16:55:30 +07:00
p_test.add_argument('--dump', action='store_true', default=False, help='Test database export with pg_dump')
[REF] runbot: use Docker containers for builds When building Odoo, the instance is started on the same host as the runbot. It means that all the required python packages have to be installed on each runbot hosts with the same versions. Also there is no real separation between builds. Finally, from a security point of view, arbitrary code could be executed on the runbot host. With this commit, the runbot uses Docker containers to build Odoo. During the tests, Odoo http ports are not exposed to the outside, meaning that nobody could interact with that instance. The Docker image used for containers is valid for Odoo branches 10.0, 11.0, 12.0 and master. When building, right before starting the Odoo tests, the tested branch's requirements.txt is now taken into account to adapt the container. On a runbot host, the "docker ps -a" command can be used to have the list of the current builds. The containers are named using the build dest field and the current running job. For example: 123456-12-0-123456_job_30_run Prerequisites: Docker have to be installed on the runbot hosts and the user that runs the runbot should be able to use Docker. Typically, the runbot user have to be added to the docker unix group. On the first build, the Docker image will be built from scratch. It can last several minutes locking the runbot cron during this time. It means that on a multi-runbot configuration, this process will be repeated for each runbot and during this time there will be no builds. To avoid such a situation, the Docker image can be built from the command line. The container.py file can be started like this: python3 container.py build /tmp/build_dir The /tmp/build_dir directory will be created to store the Dockerfile. When the process is done, the "docker images" command should show an image tagged runbot_tests in the odoo repository. At that time, the runbot instance can be started, it will use this image for the builds. Api change: The 'job_*' methods signature has changed, the lock_path is not needed anymore. Docker image informations: Currently, the Docker image is built based on Ubuntu bionic to benefit of the python 3.6 version. Chrome and phantomjs are both installed. The latest wkhtmltopdf (0.12.5) is installed as recommended on our wiki: https://github.com/odoo/odoo/wiki/Wkhtmltopdf
2018-10-29 22:16:12 +07:00
p_test.add_argument('--run', action='store_true', default=False, help='Also test running (Warning: the container survives exit)')
args = parser.parse_args()
args.func(args)
Reference in New Issue Copy Permalink