[tbs.docs]Figure out naming conventions for Toolforge buildpack related stuff
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Legoktm
	Oct 17 2020, 12:26 AM

Description

buildpacks introduce a bunch of new things that we should figure out naming conventions for. Some prior discussion happened in https://gerrit.wikimedia.org/r/c/operations/docker-images/toollabs-images/+/634349 and between @Legoktm and @Bstorm on IRC.

We'll probably want to create the buildpacks.toolforge.org tool as a placeholder or info/status page at some point.

stacks

A stack is the name of an ABI implemented through docker images. Each stack will have at least a build, builder and run image, but might have more in the future for mixins. For the most part, these names should only be used in the buildpacks' config files, not by end users.

org.toolforge.buildpacks.stack.buster1 - A stack based on Debian Buster (note: we'd probably start with 0 for the PoC stage)
- docker-registry.tools.wmflabs.org/toolforge-buster1-run:latest
  - Base layer that all applications run on top of
- docker-registry.tools.wmflabs.org/toolforge-buster1-build:latest
  - Base layer the builders run on top of
- docker-registry.tools.wmflabs.org/toolforge-buster1-builder:latest
  - The image that contains the buildpacks that is run by pack to do the actual building

Using :latest is convenient because we can automatically push security updates of apt packages to users on the same tag. Instead we put the version in the image name, so if we need to make an ABI-incompatible change, we can create a new image.

Prior art: Heroku names its stacks in the form heroku-18 or heroku-16 where 16 and 18 refer to the Ubuntu LTS version being used. We could do something similar, e.g. toolforge-10 (Buster = 10) but I think we should have our own Toolforge version in case we do need to make ABI-incompatible changes.

buildpacks

buildpacks have a name and version. Advanced users could use these names in their project.toml files.

org.toolforge.buildpacks.python37
- This buildpack is fixed at python37 because it's using Debian Buster's packages. Plus we expect to have multiple Python versions. A python38 buildpack would need to be implemented differently.
org.toolforge.buildpacks.pip
- This is expected to be rolling and follow the latest upstream, so there's no versioning in the name. In theory this is stack agnostic, so we can reuse the same buildpack for python37 and python38.
org.toolforge.buildpacks.uwsgi
- This is (currently) pinned to a specific version mostly for stability, but we only expect one as it's also stack agnostic.

images

Each repository will result in a docker image being built. I think a naming convention like tool-$TOOL if there's only one repository for that tool, or tool-$TOOL-$SUFFIX where the operators can pick an arbitrary [A-z0-9] suffix if the tool plans on having multiple repositories/images. I don't know if that has enough conflict protection though...

Related Objects
Search...

Status	Assigned	Task
Stalled	LucasWerkmeister	T320140 Migrate wd-shex-infer from Toolforge GridEngine to Toolforge Kubernetes
Stalled	matmarex	T319707 Migrate dtcheck from Toolforge GridEngine to Toolforge Kubernetes
Open	None	T320062 Migrate steve-adder from Toolforge GridEngine to Toolforge Kubernetes
Open	None	T320011 Migrate rfa-voting-history from Toolforge GridEngine to Toolforge Kubernetes
Open	dcaro	T194332 [Epic] Make Toolforge a proper platform as a service with push-to-deploy and build packs
In Progress	dcaro	T267374 [tbs.beta] Create a toolforge build service beta release
Duplicate	None	T297088 [tbs.docs] Create admin documentation (to be expanded)
Resolved	dcaro	T265780 [tbs.docs]Figure out naming conventions for Toolforge buildpack related stuff

Event Timeline

Legoktm created this task.Oct 17 2020, 12:26 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 17 2020, 12:26 AM

Legoktm updated the task description. (Show Details)Oct 17 2020, 1:01 AM

Bstorm triaged this task as Medium priority.Oct 19 2020, 7:07 PM

Bstorm moved this task from Inbox to Doing on the cloud-services-team (Kanban) board.Oct 19 2020, 7:12 PM

[16:46]  <    bd808> legoktm: LGTM honestly. The final image naming thing... probably could use names tied to whatever the naming for the origin git repos is I guess.
[16:47]  <    bd808> the "tool-{name}" prefix thing is what Striker does for Diffusion repos and Phab projects. It is possible to have collisions in that scheme, but it has not become an active problem yet.

On images, I think tool-$TOOL-$SUFFIX is enough collision protection if we have a reasonable auth scheme. I cannot imagine a way that a per-tool auth scheme doesn't end up as a requirement unless the remote repo is entirely controlled from within Toolforge and forces naming accordingly.

I started looking into creating a k8s deployment, I noticed that webservice creates some labels:

# Labels for all objects created by this webservice
self.webservice_labels = {
    "tools.wmflabs.org/webservice": "true",
    "tools.wmflabs.org/webservice-version": "1",
    "toolforge": "tool",
    "name": self.tool.name,
}

We need to come up with new labels due to the domain change and then also because this is not actually using webservice. (Note: we don't want to add toolforge: tool because that enables a pod preset for read/write NFS, which we don't want per @Bstorm.)

So:

app.kubernetes.io/component: web
app.kubernetes.io/managed-by: tfb

Theoretically we could also update webservice to match this labeling system (managed-by: webservice), but that's not a constraint.

Legoktm mentioned this in T266844: Use common k8s labels in tools-webservice.Oct 29 2020, 10:50 PM

aborrero moved this task from Doing to Inbox on the cloud-services-team (Kanban) board.May 11 2021, 4:39 PM

dcaro added a project: User-dcaro.Oct 18 2021, 1:48 PM

dcaro edited projects, added Toolforge Build Service; removed Toolforge.Oct 18 2021, 2:19 PM

dcaro added a project: Cloud-Services-Origin-Team.Nov 24 2021, 3:25 PM

dcaro added a project: Cloud-Services-Worktype-Project.

dcaro renamed this task from Figure out naming conventions for Toolforge buildpack related stuff to [tbs.docs]Figure out naming conventions for Toolforge buildpack related stuff.Aug 26 2022, 8:13 AM

dcaro edited parent tasks, added: T297088: [tbs.docs] Create admin documentation (to be expanded); removed: T194332: [Epic] Make Toolforge a proper platform as a service with push-to-deploy and build packs.Aug 26 2022, 9:14 AM

This was already implemented

[tbs.docs]Figure out naming conventions for Toolforge buildpack related stuffClosed, ResolvedPublicActions