adding PrivateBin to Janitor

[elrido]

Hello @jankeromnes

I finally found time to put together a Janitor image for PrivateBin, as outlined in the Janitor community.

PrivateBin is a PHP & JS web application. While it is simple to set up, we always had complaints (even among the core developers) that the unit testing setup was to complex and therefore many errors only get caught in our pull request triggered travis CI runs and subsequently have to be fixed by other developers, since the requester can't run the test locally.

I really like the idea of Janitor, as a way to provide less savvy contributors an easy way to pop up a PrivateBin development environment, do their changes, run the tests and then create their pull requests.

The container image adds a nginx + php-fpm setup exposing the Git repository, so one can instantly review the result of any changes in the browser. I am not sure if all the GUI stuff is needed for Janitor or not. If you like I can work on a slimmer container that doesn't include VNC etc. For PrivateBin the WebIDEs (which include a terminal to run tests) and the nginx server should be sufficient.

I did build and test the container locally. My application for a Janitor account sent back in March was not yet approved. I'll be glad to test the container in Janitor once I get my account.

For the SVG logo I would propose our icon.svg from our assets. Should I do a separate pull request for that?

Kind Regards El RIDO

[elrido]

I think your suggestions are all very sensible and clear and I'll update the pull request accordingly (and will create a separate one for the SVG).

Regarding putting the Janitor configuration into our main repository: If this would be the preferred, future-proof way, I can of course do that instead. I was trying to move non-standard uses and tools out of the main repository into dedicated ones (i.e. assets, docker for hosting the project, docker for unit testing). Would it be a viable alternative if we create a separate repo just for the Janitor image, too?

[jankeromnes]

I think your suggestions are all very sensible and clear and I'll update the pull request accordingly (and will create a separate one for the SVG).

Perfect, thanks!

Regarding putting the Janitor configuration into our main repository: If this would be the preferred, future-proof way, I can of course do that instead. I was trying to move non-standard uses and tools out of the main repository into dedicated ones

So, it all depends how frequently you want the development image to be updated.

If you want it to update every time there is a new push to https://github.com/PrivateBin/PrivateBin, the only options I know require some files to be added to that same repository:

• Add a development Dockerfile somewhere in the PrivateBin repository, then log into Docker Hub, create a new Automated Build for the PrivateBin repository (call it e.g. privatebin/privatebin-dev), and specify the path to your Dockerfile inside the PrivateBin repository
• Or, add a more flexible Circle CI configuration (example), that knows where to find your Dockerfile and then push the resulting image to Docker Hub (note: only the CircleCI config needs to be in the PrivateBin repo; the Dockerfile itself can then be pulled from anywhere)

Setting up your Dockerfile in https://github.com/JanitorTechnology/dockerfiles means that your resulting image won't be built on every push to PrivateBin/PrivateBin, but on every push to JanitorTechnology/dockerfiles (sometimes there are weeks without commits).

Would it be a viable alternative if we create a separate repo just for the Janitor image, too?

So, this would mean that your development image updates everytime there is a new push to that separate repository. I believe that once it's set up, you'll very rarely push to it, so your development image risks getting very much outdated.

TL;DR (sorry, I like to be very chatty sometimes), you have two options:

• Merge this Dockerfile into https://github.com/JanitorTechnology/dockerfiles/ (we're happy and excited to accept it!), and we'll set up your development image as janitortechnology/privatebin, and update it as frequently as we can (but sometimes it can get outdated, and you'll need to ping us)
• Merge this Dockerfile into https://github.com/PrivateBin/PrivateBin instead (e.g. in a .janitor directory), then set up the development image on Docker Hub yourself (e.g. privatebin/privatebin-dev or privatebin/privatebin-janitor), and it'll automatically stay up-to-date forever

There might be other options that I don't know of (e.g. using Travis CI if it knows how to build Docker images, or some Docker Hub web hooks).

[elrido]

Thank you for your detailed reply.

Given that this is a script project, our development or production environment requirements change rarely. New libraries are added directly to the source code repository and don't need to be deployed to the environment via deb packages. The only downside I see with an outdated image is that a dev always has to run the "Update source code" action in cloud9 before starting to work.

I think for now I would prefer to add the image here and will of course keep an eye on this repository to look out for changes that may be necessary like for ubuntu 18.04 (I think you have already branch for that and I could start to take a look into that).

[jankeromnes]

Let's merge this

Done.

and hook it up as an Automated Build on Docker Hub.

Done: https://hub.docker.com/r/janitortechnology/privatebin/

Now let's see if the first automated image build succeeds (I think it will fail, because I just remembered that Docker Hub uses an ancient Docker that doesn't support COPY --chown... but maybe there will be other errors to fix in the same go).

[elrido]

Thank you!

[jankeromnes]

@elrido You're very welcome!

Also, the PrivateBin image build succeeded, and I deployed it to Janitor (Palmaria server): https://janitor.technology/projects/

Could you please try it, and make sure that its containers are usable to hack & test PrivateBin, and to make valuable contributions upstream?

Additionally, you might want to add a janitor.json script that starts the PrivateBin server / web app, like so.

[elrido]

I'll test it, for sure.

I hadn't added an action to start and stop the service, since with PHP / JS this is not really needed on updating the code. The next request in the browser gets the new logic. The nginx & php-fpm instances get started via the supervisord when starting the container with no arguments.

[elrido]

Ok, so here is my feedback (thank you for the invite to the alpha BTW):

Both starting the container via the Janitor website or locally (using docker run -d --rm -p 127.0.0.1:8080:80 -p 127.0.0.1:8089:8089 -p 127.0.0.1:8090:8090 janitortechnology/privatebin /usr/bin/supervisord) works well.

When running locally as described above, I can access and use the cloud9 IDE on localhost:8089, Theia IDE on localhost:8090 and the live privatebin preview at localhost:8080.

When running it via the Janitor website, I can launch cloud9 IDE and running git update, the combined or individual unit tests via the menu Run, Run configurations works well (and quite fast, even compared to my local environment). Starting the VNC viewer works and gives you an xterm already in the project folder. I forgot to add any browser, so there is no way to access the live privatebin website (that I have found).

I think that even without the ability to browse the live privatebin website preview, the container in Janitor makes it very easy to change code and run the test suite against it. Would it (in a later version) be possible to configure Janitor images to expose other webservices in the "My Container" view or should I install chromium or firefox in the container image so one can access the preview via the VNC viewer?