I have created an initial blubber/kokkuri pipeline for building our own version of Growthbook, based on the upstream Dockerfile.

It works, in as much as I have tested it with a local docker compose up command, which pulls in a regular mongodb container for the metadata DB. I can then browse the app on http://localhost:3000

Unfortunately, the code for Growbook is released under somewhat unfavourable licensing terms: LICENSE

• All content that resides under the "packages/enterprise/" directory of this repository is licensed under the license defined in "packages/enterprise/LICENSE".

That licence is named The GrowthBook Enterprise License and it is proprietary in its nature.

I have attempted to build Growthbook without including this directory (as this diff shows), but unfortunately both of the front-end and back-end package directories refer to this module in many places.
Therefore, I believe that it would require considerable work to remove it altogether.

I don't think that it will be possible to continue to build and publish this container image without seeking approval from senior management to make an exception for Growthbook.
cc @Gehel and @odimitrijevic who I believe have already been discussing this possibility.

@BTullis Please go ahead with the deployment. The goal with the POC to understand if this is a viable solution. The decision around non-OSI licensing will follow once a recommendation is made.

FWIW, I think the License Ben is mentioning is different than GrowthBook's 'non-OSI but still open-source' license.

Everything else in GrowthBook is MIT-expat, but stuff in the packages/enterprise/ directory is 'The GrowthBook Enterprise License (the “Enterprise License”)' with the following text:

The GrowthBook Enterprise License (the “Enterprise License”)
Copyright (c) 2023 GrowthBook Inc.

With regard to the GrowthBook Software:

This software and associated documentation files (the "Software") may only be used in production, if you (and any entity that you represent) have > agreed to, and are in compliance with, the GrowthBook Subscription Terms of Service, available at https://www.growthbook.io/terms (the “Terms of > Service”), or other agreement governing the use of the Software, as agreed by you and GrowthBook, and otherwise have a valid GrowthBook Enterprise > or Pro license for the correct number of user seats. Subject to the foregoing sentence, you are free to modify this Software and publish patches to > the Software. You agree that GrowthBook and/or its licensors (as applicable) retain all right, title and interest in and
to all such modifications and/or patches, and all such modifications and/or patches may only be used, copied, modified, displayed, distributed, or > otherwise exploited with a valid GrowthBook Enterprise license for the correct number of user seats. Notwithstanding the foregoing, you may copy > and modify the Software for development and testing purposes, without requiring a
subscription. You agree that GrowthBook and/or its licensors (as applicable) retain all right, title and interest in and to all such modifications. > You are not granted any other rights beyond what is expressly stated herein. Subject to the foregoing, it is forbidden to copy, merge, publish, > distribute, sublicense, and/or sell the Software.

The full text of this Enterprise License shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, > FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER > LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER > DEALINGS IN THE SOFTWARE.

For all third party components incorporated into the GrowthBook Software, those components are licensed under the original license provided by the > owner of the applicable component.

I'd assume that GrowthBook intends their non-enterprise licensed stuff to be usable without the enterprise licensed stuff, so this seems like an oversight on their part. It might be worth asking them about this.

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/ferretdb/-/merge_requests/1

Add the build pipeline for ferretdb

I've now got the ferretdb image ready as well. I will add submit requests to add both projects to the trusted runners, then start working on the helm chart for it.

btullis opened https://gitlab.wikimedia.org/repos/releng/gitlab-trusted-runner/-/merge_requests/92

Add ferretdb and growthbook data-engineering projects to trusted runners

btullis closed https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/2

Draft: Modify the build process to exclude enterprise modules

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/ferretdb/-/merge_requests/1

Add the build pipeline for ferretdb

dancy merged https://gitlab.wikimedia.org/repos/releng/gitlab-trusted-runner/-/merge_requests/92

Add ferretdb and growthbook data-engineering projects to trusted runners

Change #1055385 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/puppet@production] Add a PostgreSQL database for Growthbook

https://gerrit.wikimedia.org/r/1055385

Change #1055385 merged by Btullis:

[operations/puppet@production] Add a PostgreSQL database for Growthbook

https://gerrit.wikimedia.org/r/1055385

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/1

Add the initial build pipeline for Growthbook

Change #1055390 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/puppet@production] Add kubeconfig files for growthbook on dse-k8s

https://gerrit.wikimedia.org/r/1055390

Change #1055391 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] Add a growthbook namespace to the dse-k8s cluster

https://gerrit.wikimedia.org/r/1055391

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/3

Configure the yarn proxy support

Change #1055390 merged by Btullis:

[operations/puppet@production] Add kubeconfig files for growthbook on dse-k8s

https://gerrit.wikimedia.org/r/1055390

Change #1055391 merged by jenkins-bot:

[operations/deployment-charts@master] Add a growthbook namespace to the dse-k8s cluster

https://gerrit.wikimedia.org/r/1055391

Change #1055417 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] [WIP] Create a new chart for growbook using scaffolding.

https://gerrit.wikimedia.org/r/1055417

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/3

Configure the yarn proxy support

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/4

Set the https-proxy as well as the plaintext version.

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/4

Set the https-proxy as well as the plaintext version.

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/5

Set npm proxy instead of yarn https-proxy

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/5

Set npm proxy instead of yarn https-proxy

There is a slight problem with building the Growthbook image.

I had to set the proxy server for yarn to use on the trusted runners.
https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/3

That worked fine, but there is another step which is proving resistant to configuration.
This is because Next.js used in the front-end uses a node-fetch, which in turn uses a library called undici to retrieve something.

#52 61.15  | Attention: Next.js now collects completely anonymous telemetry regarding usage.
#52 61.15  | This information is used to shape Next.js' roadmap and prioritize features.
#52 61.15  | You can learn more, including how to opt-out if you'd not like to participate in this anonymous program, by visiting the following URL:
#52 61.15  | https://nextjs.org/telemetry
#52 61.15  | 
#52 61.27  |    ▲ Next.js 14.1.0
#52 61.27  | 
#52 61.27  |    Skipping validation of types
#52 61.27  |    Skipping linting
#52 61.71  |    Creating an optimized production build ...
#52 62.33  |    Downloading swc package @next/swc-linux-x64-gnu...
#52 65.71  | TypeError: fetch failed
#52 65.71  |     at Object.fetch (node:internal/deps/undici/undici:11576:11)
#52 65.71  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
#52 65.71  |     at async extractBinary (/usr/src/growthbook/node_modules/next/dist/lib/download-swc.js:90:9)
#52 65.71  |     at async downloadNativeNextSwc (/usr/src/growthbook/node_modules/next/dist/lib/download-swc.js:151:9)
#52 65.71  |     at async tryLoadNativeWithFallback (/usr/src/growthbook/node_modules/next/dist/build/swc/index.js:286:5)
#52 65.71  |     at async /usr/src/growthbook/node_modules/next/dist/build/swc/index.js:270:40 {
#52 65.71  |   cause: AggregateError
#52 65.71  |       at internalConnectMultiple (node:net:1114:18)
#52 65.71  |       at internalConnectMultiple (node:net:1177:5)
#52 65.71  |       at Timeout.internalConnectMultipleTimeout (node:net:1687:3)
#52 65.71  |       at listOnTimeout (node:internal/timers:575:11)
#52 65.71  |       at process.processTimers (node:internal/timers:514:7) {
#52 65.71  |     code: 'ETIMEDOUT',

Undici doesn't support automatic use of the http_proxy enviroinment variable (and friends) until version 6.14.0 - https://github.com/nodejs/undici/pull/2994
We are currently bound to major version 5 of undici by the yarn.lock file.

I tried setting proxy options via a couple of other methods, but nothing has worked yet.
I will look and see what other options we have of working around this.

A search for Next.js download SWC (from download-swc.js in that stacktrace you provided yielded: https://nextjs.org/docs/messages/failed-loading-swc

Quoting that page:

If SWC continues to fail to load you can opt-out by disabling swcMinify in your next.config.js or by adding a .babelrc to your project with the following content:

{
  "presets": ["next/babel"]
}

In T365839#9998908, @phuedx wrote:

A search for Next.js download SWC (from download-swc.js in that stacktrace you provided yielded: https://nextjs.org/docs/messages/failed-loading-swc

Quoting that page:

If SWC continues to fail to load you can opt-out by disabling swcMinify in your next.config.js or by adding a .babelrc to your project with the following content:

.babelrc

{
  "presets": ["next/babel"]
}

Great! Thanks @phuedx , I will try that now.

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/6

Disable the use of SWC, as it fails to download on trusted runners

I'm not sure if it will work, because the message still says Downloading swc... but then it says SWC is disabled.

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/6

Disable the use of SWC, as it fails to download on trusted runners

Same issue, unfortunately. I also found this conversation: https://github.com/vercel/next.js/discussions/44959 which mentions being unable to prevent the downloading.

I'll keep looking for other options. Some people have had success by enabling a global proxy agent with setGlobalDispatcher e.g. https://github.com/vercel/next.js/issues/47039#issuecomment-2188970821

Maybe that's worth a go.

btullis opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/7

Remove custom babel configuration

btullis merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/7

Attempt to set a proxy for undici on trusted runners

Hmm. I tried patching the growthbook front-end code with this gist: https://gist.github.com/zicklag/1bb50db6c5138de347c224fda14286da
...with the intention of using setGlobalDispatcher if the http_proxy environment variable is set.

Unfortunately, it didn't work. I suspect that I probably put it in the wrong place, so that it was ineffective. I'll check again.

I've taken an alternate approach: I've defined a small bash script that downloads the swc packages, extract them at the right location under node_modules, which causes the official download-swc.js script to skip the packages download. It's not beautiful, but it works.

Change #1055943 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/dns@master] growthbook: add svc.eqiad and discovery records

https://gerrit.wikimedia.org/r/1055943

Change #1055943 merged by Brouberol:

[operations/dns@master] growthbook: add svc.eqiad and discovery records

https://gerrit.wikimedia.org/r/1055943

Change #1055417 merged by Brouberol:

[operations/deployment-charts@master] Create a new chart for growbook using scaffolding.

https://gerrit.wikimedia.org/r/1055417

Change #1056078 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: define helmfile and production values

https://gerrit.wikimedia.org/r/1056078

Change #1056078 merged by Brouberol:

[operations/deployment-charts@master] growthbook: define helmfile and production values

https://gerrit.wikimedia.org/r/1056078

Change #1056118 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: small fixes to the chart

https://gerrit.wikimedia.org/r/1056118

Change #1056118 merged by Brouberol:

[operations/deployment-charts@master] growthbook: small fixes to the chart

https://gerrit.wikimedia.org/r/1056118

Change #1056123 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: bind ferretdb service to 0.0.0.0 instead of localhost

https://gerrit.wikimedia.org/r/1056123

Change #1056123 merged by Brouberol:

[operations/deployment-charts@master] growthbook: bind ferretdb service to 0.0.0.0 instead of localhost

https://gerrit.wikimedia.org/r/1056123

Change #1056126 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: add mesh service, configuration, container and networkpolicies

https://gerrit.wikimedia.org/r/1056126

Change #1056126 merged by Brouberol:

[operations/deployment-charts@master] growthbook: add mesh service, configuration, container and networkpolicies

https://gerrit.wikimedia.org/r/1056126

Change #1056137 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: split chart into 2 charts (frontend/backend)

https://gerrit.wikimedia.org/r/1056137

Change #1056147 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/dns@master] growthbook: provision DNS records for each backend/frontend service

https://gerrit.wikimedia.org/r/1056147

Change #1056147 merged by Brouberol:

[operations/dns@master] growthbook: provision DNS records for each backend/frontend service

https://gerrit.wikimedia.org/r/1056147

Change #1056137 merged by Brouberol:

[operations/deployment-charts@master] growthbook: split chart into 2 charts (frontend/backend)

https://gerrit.wikimedia.org/r/1056137

Change #1056164 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: define one TLS hostname per subchart

https://gerrit.wikimedia.org/r/1056164

Change #1056165 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: fix volume/configmap name problem

https://gerrit.wikimedia.org/r/1056165

Change #1056164 merged by Brouberol:

[operations/deployment-charts@master] growthbook: define one TLS hostname per subchart

https://gerrit.wikimedia.org/r/1056164

Change #1056165 merged by Brouberol:

[operations/deployment-charts@master] growthbook: fix volume/configmap name problem

https://gerrit.wikimedia.org/r/1056165

Change #1056191 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: fix typo in tls hostname

https://gerrit.wikimedia.org/r/1056191

Change #1056191 merged by Brouberol:

[operations/deployment-charts@master] growthbook: fix typo in tls hostname

https://gerrit.wikimedia.org/r/1056191

Change #1056196 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: bump chart version to allow subchart upgrade

https://gerrit.wikimedia.org/r/1056196

Change #1056196 merged by Brouberol:

[operations/deployment-charts@master] growthbook: bump chart version to allow subchart upgrade

https://gerrit.wikimedia.org/r/1056196

brouberol opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/12

Install mongodb in the growthbook image

brouberol merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/12

Install mongodb in the growthbook image

Change #1056485 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: replace ferretdb by mongo itself

https://gerrit.wikimedia.org/r/1056485

Change #1056485 merged by Brouberol:

[operations/deployment-charts@master] growthbook: replace ferretdb by mongo itself

https://gerrit.wikimedia.org/r/1056485

brouberol opened https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/14

Install mongosh, the mongoDB shell, in the image

brouberol merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/14

Install mongosh, the mongoDB shell, in the image

Change #1056879 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: fix mongo connection string and update image

https://gerrit.wikimedia.org/r/1056879

Change #1056879 merged by Brouberol:

[operations/deployment-charts@master] growthbook: fix mongo connection string and update image

https://gerrit.wikimedia.org/r/1056879

Change #1056887 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: deploy mongodb with auth enabled

https://gerrit.wikimedia.org/r/1056887

Change #1056910 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] Use a 10 GB persistent volume for mongodb

https://gerrit.wikimedia.org/r/1056910

Change #1056910 merged by jenkins-bot:

[operations/deployment-charts@master] Use a 10 GB persistent volume for mongodb

https://gerrit.wikimedia.org/r/1056910

Change #1056887 merged by jenkins-bot:

[operations/deployment-charts@master] growthbook: deploy mongodb with auth enabled

https://gerrit.wikimedia.org/r/1056887

Change #1056936 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] Configure growthbook/mongodb deployment with a recreate strategy

https://gerrit.wikimedia.org/r/1056936

Change #1056936 merged by jenkins-bot:

[operations/deployment-charts@master] Configure growthbook/mongodb deployment with a recreate strategy

https://gerrit.wikimedia.org/r/1056936

Change #1056975 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] Update the hostname for mongodb access

https://gerrit.wikimedia.org/r/1056975

Change #1056975 merged by jenkins-bot:

[operations/deployment-charts@master] Update the hostname for mongodb access

https://gerrit.wikimedia.org/r/1056975

Change #1056977 had a related patch set uploaded (by Btullis; author: Btullis):

[operations/deployment-charts@master] Growthbook: disable aythmechanism PLAIN

https://gerrit.wikimedia.org/r/1056977

Change #1056977 merged by jenkins-bot:

[operations/deployment-charts@master] Growthbook: disable aythmechanism PLAIN

https://gerrit.wikimedia.org/r/1056977

Change #1057183 had a related patch set uploaded (by Brouberol; author: Brouberol):

[operations/deployment-charts@master] growthbook: small fixes to the values

https://gerrit.wikimedia.org/r/1057183

Change #1057183 merged by Brouberol:

[operations/deployment-charts@master] growthbook: small fixes to the values

https://gerrit.wikimedia.org/r/1057183

We have been able to deploy an instance of Growthbook to the dse-k8s-eqiad Kubernetes cluster. To that effect, we have written a growthbook chart, which deploys the following components:

• the growthbook frontend
• the growthbook backend
• a mongoDB database, persisting its data within our Ceph cluster, using a Persistent Volume

The application itself is not exposed to the outside world, through a wikimedia.org subdomain. If you want to have access to it locally, you need to perform several operations:

1. Map growthbook.discovery.wmnet and growthbook-backend.discovery.wnnet to localhost in your /etc/hosts file. For example, mine looks like this

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1	localhost growthbook.discovery.wmnet growthbook-backend.discovery.wmnet
255.255.255.255	broadcasthost
::1             localhost

2. Open 2 ssh tunnels to the Growthbook backend and frontend, by running

ssh -N -L 3000:growthbook.discovery.wmnet:30443 -L 3100:growthbook-backend.discovery.wmnet:30443 bast1003.wikimedia.org

You should then be able to access the application by connecting to https://growthbook.discovery.wmnet:3000, after having accepted the security risks (due to the fact that the application x509 certificate wasn't signed by a Certificate Authority (our own) trusted by your browser).

For now, the application isn't connected to any datasources.

One thing to consider is how Growthbook will be able to access Presto data via Kerberos in the future.

First, let's have a look at how things are configured for Superset (which also access Presto via Kerberos. Superset has a keytab allowing it to authenticate against Kerberos. Once it gets a TGT, it can then use it to connect to Presto. The data Presto uses is exposed via Hive, and stored in HDFS. When Superset performs a query, it does so by impersonating the UNIX user associated to the OpenID identity of the logged in Superset user. This means that a user with belonging to restricted groups will not be able to query certain tables via Superset.

Now, to Growthbook. Growthbook does not have a notion of identity impersonation. It gets access to Presto through its own UID/kerberos token, and that's it. This means either of 2 things:

• Presto must be given analytics-privatedata-users access to be able to access all our data, so we're able to run experiments on everything
• Presto must be given access to a specific HDFS directory, and data must be mirrored to this directory via regular jobs (Airflow, timers, etc).

After having talked with @Milimetric, it appears that the 2nd option is much more agreeable, as it respects our security policy of only having access to the data we need, for the extra price of having to maintain additional data jobs.

Assuming we go this way, I identified the following steps to setup Growthbook -> Presto communication and querying:

• create a growthbook UNIX user on the analytics machines
• create a specific UNIX group on analytics machines (say, analytics-poc)
• add the growthbook user to the analytics-poc group
• create hdfs:///wmf/data/proof_of_concepts, and chown it to growthbook:analytics-poc
• change the uid of the growthbook containers runuser to the UID of the growthbook user
• create a keytab for Growthbook, allowing it to connect to Presto via Kerberos
• render the keytab into a kerberos-kinit sidecar for the growthbook-backend pod, using the usual dance
• enable growthbook-->kerberos and growthbook-->presto traffic via external_services entries

This message contains the mongo commands we had to run to create the admin user/password, as well as the growthbook user/password.

First, we deploy mongo with Values.mongodb.auth.enabled: false. We then exec into the mongodb container and run

runuser@growthbook-backend-production-mongodb-7888bd9bd4-89mz5:/opt/growthbook$ /opt/mongodb/bin/mongosh
Current Mongosh Log ID:	66a21a900f1cfd4a9b482f8a
Connecting to:		mongodb://127.0.0.1:27017/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+2.2.12
Using MongoDB:		7.0.12
Using Mongosh:		2.2.12

For mongosh info see: https://docs.mongodb.com/mongodb-shell/


To help improve our products, anonymous usage data is collected and sent to MongoDB periodically (https://www.mongodb.com/legal/privacy-policy).
You can opt-out by running the disableTelemetry() command.
test> use admin
admin> db.createUser(
... {
...   user: "myUserAdmin",
...   pwd: passwordPrompt(),
...   roles: [
...     { role: "userAdminAnyDatabase", db: "admin" },
...     { role: "readWriteAnyDatabase", db: "admin" }
...   ]
... }
... )
Enter password
**********************{ ok: 1 }
admin>

We use the mongodb_admin_password password defined in the private puppet repo.

Then, we redeploy the growthbook chart, this time with Values.mongodb.auth.enabled, which causes mongo to start with the --auth flag.

We re-exec into the mongo container, and run

runuser@growthbook-backend-production-mongodb-7888bd9bd4-89mz5:/opt/growthbook$ /opt/mongodb/bin/mongosh --host growthbook-backend-production-mongodb --port 27017 --username myUserAdmin
...
test> use admin
admin> db.createUser( { user: "growthbook", pwd: "redacted", roles: [ { role: "readWrite", db: "growthbook" }] } )
{ ok: 1 }

Here, we use the password defined in the chart secret, under MONGODB_PASSWORD.

At that point, the backend should then be fully operational.

For now, we have packaged the mongo binaries within the growthbook docker image itself, in order to minimize the amount of new things we ship to our registries. We install mongo using a tar.gz download and unpacking, which also avoids publishing a non-OSI deb package to our apt repos.

brouberol updated https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/15

Minimize the amount of layers needed to download mongodb

brouberol merged https://gitlab.wikimedia.org/repos/data-engineering/growthbook/-/merge_requests/15

Minimize the amount of layers needed to download mongodb