Page MenuHomePhabricator
Create Task
Maniphest T355214

[apt-buildpack] Not sourcing /layers/fagiani_apt/apt/.profile.d/000_apt.sh
Closed, ResolvedPublic
Actions

Description

The apt buildpack extracts packages in /layers/fagiani_apt/apt/, and leaves a useful little shell script in /layers/fagiani_apt/apt/.profile.d/000_apt.sh that adjusts the $PATH and some other environment variables to see these packages. However, that shell script isn’t sourced automatically, so users have to know it exists. It would be more useful to source it automatically.

Related Objects
Search...

Event Timeline

dcaro created this task.Jan 17 2024, 11:29 AM
LucasWerkmeister updated the task description. (Show Details)Jan 17 2024, 7:13 PM
dcaro changed the task status from Open to In Progress.Jan 18 2024, 10:45 AM
dcaro moved this task from Next Up to In Progress on the Toolforge (Toolforge iteration 03) board.
dcaro added a comment.Jan 18 2024, 10:48 AM

If the process is started using the procfile entrypoints, or the launcher the environment is set correctly:

vagrant@bookworm:~$ docker run --rm -ti --entrypoint launcher 172.19.0.1/tool-tf-test/tool-tf-test:latest@sha256:4170e90c44902b63ca1acf17522d063e43ffea52266a8e843c82a32ce99f4754 bash
...

heroku@3e1d1040bb55:/workspace$ echo $PATH
/layers/heroku_python/python/bin:/layers/heroku_python/dependencies/bin:/layers/heroku_nodejs-engine/dist/bin:/layers/fagiani_apt/apt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

Note that the entrypoint has to be the launcher process (as per bulidpack API spec). That is the default entrypoint when using procfile entries.

I think that the issue comes when using jobs, and specifying a command that is not in the procfile, then if you don't prepend it with launcher <yourcommand> it does not load the profiles.

Looking....

toolsbeta.test@toolsbeta-sgebastion-05:~$ toolforge jobs run --continuous --command 'launcher env' --image tool-test/tool-test:latest test-cron

toolsbeta.test@toolsbeta-sgebastion-05:~$ kubectl get pods
NAME                         READY   STATUS             RESTARTS     AGE
test-cron-64b95d574f-vlbkv   0/1     CrashLoopBackOff   1 (4s ago)   7s

toolsbeta.test@toolsbeta-sgebastion-05:~$ kubectl logs test-cron-64b95d574f-vlbkv
Enabled locales: de_DE it_IT pl_PL ja_JP en_GB fr_FR zh-hans_CN zh-hans_SG zh-hant_TW zh-hant_HK ru_RU es_ES nl_BE pt_PT
...
LIBRARY_PATH=/layers/fagiani_apt/apt/lib/x86_64-linux-gnu:/layers/fagiani_apt/apt/lib/i386-linux-gnu:/layers/fagiani_apt/apt/lib:/layers/fagiani_apt/apt/usr/lib/x86_64-linux-gnu:/layers/fagiani_apt/apt/usr/lib/i386-linux-gnu:/layers/fagiani_apt/apt/usr/lib
...
PATH=/layers/heroku_python/python/bin:/layers/heroku_python/dependencies/bin:/layers/heroku_nodejs-engine/dist/bin:/layers/fagiani_apt/apt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
...

vs

toolsbeta.test@toolsbeta-sgebastion-05:~$ toolforge jobs run --continuous --command env --image tool-test/tool-test:latest test-cron

toolsbeta.test@toolsbeta-sgebastion-05:~$ kubectl get pods
NAME                         READY   STATUS             RESTARTS     AGE
test-cron-7fbd68f5c6-4vgxl   0/1     CrashLoopBackOff   1 (5s ago)   8s

toolsbeta.test@toolsbeta-sgebastion-05:~$ kubectl logs test-cron-7fbd68f5c6-4vgxl
PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
...
LucasWerkmeister added a comment.Jan 18 2024, 12:45 PM

I see, then I probably didn’t get as far as trying the Procfile entries last time I was looking into this…

TBH to me it sounds fine to leave this unfixed then? As long as it’s documented that you have to use the launcher command, and if you want to run anything outside your Procfile then you’re on your own?

taavi subscribed.Jan 18 2024, 12:48 PM

I suspect we should just fix that in jobs-api to always use launcher?

dcaro added a comment.Jan 18 2024, 3:39 PM
In T355214#9468790, @taavi wrote:

I suspect we should just fix that in jobs-api to always use launcher?

We have to be a bit careful though, if you want to start a job using the procfile entry, then we should not use the launcher, but just the procfile euntry itself (there's a link from each procfile entry to the launcher):

heroku@5d1079ab04d9:/workspace$ ls -la /cnb/process/
total 8
drwxr-xr-x 2 root root 4096 Jan  1  1980 .
drwxr-xr-x 1 root root 4096 Jan  1  1980 ..
lrwxrwxrwx 1 root root   23 Jan  1  1980 web -> /cnb/lifecycle/launcher

otherwise, there's a few environment variables that get reset by the launcher process, that it needs:

vagrant@bookworm:~/td$ docker run -ti --rm --entrypoint launcher  172.19.0.1/tool-tf-test/tool-tf-test:latest@sha256:46e5c31b94959a730e83c737f764d8ca9556139d4a8ba9d595793fe1857f64f0 /cnb/process/web
ERROR: failed to get platform API version; please set 'CNB_PLATFORM_API' to specify the desired platform API version

As in, you can't run the launcher from the launcher itself xd

vagrant@bookworm:~/td$ docker run -ti --rm --entrypoint launcher  172.19.0.1/tool-tf-test/tool-tf-test:latest@sha256:46e5c31b94959a730e83c737f764d8ca9556139d4a8ba9d595793fe1857f64f0 /cnb/lifecycle/launcher
ERROR: failed to get platform API version; please set 'CNB_PLATFORM_API' to specify the desired platform API version

this works:

vagrant@bookworm:~/td$ docker run -ti --rm --entrypoint web  172.19.0.1/tool-tf-test/tool-tf-test:latest@sha256:46e5c31b94959a730e83c737f764d8ca9556139d4a8ba9d595793fe1857f64f0

So we might have to inject those two extra vars (the PATH and CNB_PLATFORM_API) somewhere in the profile scripts, should be easy.

CodeReviewBot added a project: Patch-For-Review.Jan 19 2024, 2:22 PM

dcaro opened https://gitlab.wikimedia.org/repos/cloud/toolforge/builds-builder/-/merge_requests/31

task-combined: add a fix to allow running nested launchers

dcaro moved this task from In Progress to In Review on the Toolforge (Toolforge iteration 03) board.Jan 23 2024, 10:52 AM
dcaro edited projects, added Toolforge (Toolforge iteration 04); removed Toolforge (Toolforge iteration 03).Jan 24 2024, 9:16 AM
dcaro moved this task from Next Up to In Review on the Toolforge (Toolforge iteration 04) board.
CodeReviewBot added a comment.Jan 25 2024, 10:40 AM

dcaro merged https://gitlab.wikimedia.org/repos/cloud/toolforge/builds-builder/-/merge_requests/31

task-combined: add a fix to allow running nested launchers

CodeReviewBot added a comment.Jan 25 2024, 10:41 AM

project_1317_bot_df3177307bed93c3f34e421e26c86e38 opened https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/186

builds-builder: bump to 0.0.91-20240125104035-05caf57f

CodeReviewBot added a comment.Jan 25 2024, 11:23 AM

dcaro merged https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/186

builds-builder: bump to 0.0.91-20240125104035-05caf57f

dcaro closed this task as Resolved.Jan 25 2024, 11:30 AM
dcaro moved this task from In Review to Done on the Toolforge (Toolforge iteration 04) board.

Okok, now we support both using procfile entries (strongly recommended), and passing ad-hoc commands (recommended for testing only).

Maintenance_bot removed a project: Patch-For-Review.Jan 25 2024, 11:30 AM
LucasWerkmeister added a comment.Jan 25 2024, 9:30 PM

Sounds good, thanks!

dcaro reopened this task as Open.Jan 31 2024, 9:32 AM
dcaro moved this task from Done to In Progress on the Toolforge (Toolforge iteration 04) board.

This is missing the jobs-api side of things to prepend launcher to all the buildservice-based jobs... working on it

CodeReviewBot added a project: Patch-For-Review.Jan 31 2024, 9:47 AM

dcaro opened https://gitlab.wikimedia.org/repos/cloud/toolforge/jobs-api/-/merge_requests/58

buildservice: prepend launcher to any command

dcaro mentioned this in T319953: Migrate panoviewer from Toolforge GridEngine to Toolforge Kubernetes.Jan 31 2024, 11:05 AM
CodeReviewBot added a comment.Jan 31 2024, 11:56 AM

dcaro merged https://gitlab.wikimedia.org/repos/cloud/toolforge/jobs-api/-/merge_requests/58

buildservice: prepend launcher to any command

CodeReviewBot added a comment.Jan 31 2024, 11:59 AM

project_1317_bot_df3177307bed93c3f34e421e26c86e38 opened https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/187

jobs-api: bump to 0.0.259-20240131115703-0bab4ab7

CodeReviewBot added a comment.Jan 31 2024, 2:22 PM

dcaro merged https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/187

jobs-api: bump to 0.0.259-20240131115703-0bab4ab7

dcaro added a comment.Jan 31 2024, 2:26 PM

Done, also updated https://wikitech.wikimedia.org/wiki/Help:Toolforge/Build_Service#Job to reflect the changes

dcaro closed this task as Resolved.Jan 31 2024, 2:27 PM
dcaro moved this task from In Progress to Done on the Toolforge (Toolforge iteration 04) board.
Stashbot added a comment.Feb 14 2024, 12:09 PM

Mentioned in SAL (#wikimedia-cloud) [2024-02-14T12:09:32Z] <dcaro> rebuilt image to pick up the latest procfile fixes (T355214)

dcaro mentioned this in T320014: Migrate robokobot from Toolforge GridEngine to Toolforge Kubernetes.Feb 14 2024, 12:11 PM
Maintenance_bot removed a project: Patch-For-Review.Feb 14 2024, 12:30 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits