bblfsh / bblfshd

A self-hosted server for source code parsing
https://doc.bblf.sh
GNU General Public License v3.0
359 stars 54 forks source link
ast babelfish code-analysis parser server uast

bblfshd Build Status codecov license GitHub release

This repository contains bblfsh daemon (bblfshd), which includes the runtime that runs the driver in containers and the bblfshctl, a cli tool used to control the installed drivers and query the status of the daemon.

Drivers are implemented as Docker images, each having their own repository in the bblfsh organization on GitHub. For more information, see bblfsh SDK documentation.

Getting Started

See the Getting Started guide.

Quick start

This project is now part of source{d} Engine, which provides the simplest way to get started with a single command. Visit sourced.tech/engine for more information.

Rootless mode

The recommended way to run bblfshd by itself is using Docker:

docker run -d --name bblfshd \
  -p 9432:9432 \
  -v /var/lib/bblfshd:/var/lib/bblfshd \
  -v /proc:/newproc \
  --security-opt seccomp=./bblfshd-seccomp.json \
  bblfsh/bblfshd

On macOS, use this command instead to use a Docker volume:

docker run -d --name bblfshd \
  -p 9432:9432 \
  -v bblfsh-storage:/var/lib/bblfshd bblfsh/bblfshd \
  -v /proc:/newproc \
  --security-opt seccomp=./bblfshd-seccomp.json \
  bblfsh/bblfshd

To understand the flags -v /proc:/newproc and --security-opt seccomp=./bblfshd-seccomp.json, where bblfshd-seccomp.json is a file present in this repo, and check further requirements, please refer to rootless.md. bblfshd is based on container technology and interacts with the kernel at a low level. It exposes a gRPC server at the port 9432 by default which is used by the clients to interact with the server. Also, we mount the path /var/lib/bblfshd/ where all the driver images and container instances will be stored.

Privileged mode

We advise against it, but if you prefer to run bblfshd in privileged mode to skip configuration steps of rootless.md, you could do, in Linux:

docker run -d --name bblfshd --privileged -p 9432:9432 -v /var/lib/bblfshd:/var/lib/bblfshd bblfsh/bblfshd

or macOs:

docker run -d --name bblfshd --privileged -p 9432:9432 -v bblfsh-storage:/var/lib/bblfshd bblfsh/bblfshd

Install drivers

Now you need to install the driver images into the daemon, you can install the official images just running the command:

docker exec -it bblfshd bblfshctl driver install --all

You can check the installed versions by executing:

docker exec -it bblfshd bblfshctl driver list
+----------+-------------------------------+---------+--------+---------+-----+-------------+
| LANGUAGE |             IMAGE             | VERSION | STATUS | CREATED | GO  |   NATIVE    |
+----------+-------------------------------+---------+--------+---------+-----+-------------+
| python   | //bblfsh/python-driver:latest | v1.1.5  | beta   | 4 days  | 1.8 | 3.6.2       |
| java     | //bblfsh/java-driver:latest   | v1.1.0  | alpha  | 6 days  | 1.8 | 8.131.11-r2 |
+----------+-------------------------------+---------+--------+---------+-----+-------------+

To test the driver you can execute a parse request to the server with the bblfshctl parse command, and an example contained in the Docker image:

docker exec -it bblfshd bblfshctl parse /opt/bblfsh/etc/examples/python.py

SELinux

If your system has SELinux enabled (which is the default in Fedora, Red Hat, CentOS and many others) you'll need to compile and load a policy module before running the bblfshd Docker image or running driver containers will fail with a permission denied message in the logs.

To do this, run these commands from the project root:

cd selinux/
sh compile.sh
semodule -i bblfshd.pp

If you were already running an instance of bblfshd, you will need to delete the container (docker rm -f bblfshd) and run it again (docker run...).

Once the module has been loaded with semodule the change should persist even if you reboot. If you want to permanently remove this module run semodule -d bblfshd.

Alternatively, you could set SELinux to permissive module with:

echo 1 > /sys/fs/selinux/enforce

(doing this on production systems which usually have SELinux enabled by default should be strongly discouraged).

Development

If you wish to work on bblfshd , you'll first need Go installed on your machine (version 1.11+ is required) and Docker. Docker is used to build and run tests in an isolated environment.

For local development of bblfshd, first make sure Go is properly installed and that a GOPATH has been set. You will also need to add $GOPATH/bin to your $PATH.

Next, using Git, clone this repository into $GOPATH/src/github.com/bblfsh/bblfshd. All the necessary dependencies are automatically installed, so you just need to type make. This will compile the code and then run the tests. If this exits with exit status 0, then everything is working!

Dependencies

Ensure you have ostree and development libraries for ostree installed.

You can install from your distribution pack manager as follow, or built from source (more on that here).

Debian, Ubuntu, and related distributions:

$ apt-get install libostree-dev

Fedora, CentOS, RHEL, and related distributions:

$ yum install -y ostree-devel

Arch and related distributions:

$ pacman -S ostree

Building From Source

Build with:

$ make build

Running Tests

Run tests with:

$ make test

Environment variables

Enable tracing

Bblfshd supports OpenTracing that can be used to profile request on a high level or trace individual requests to bblfshd and/or language drivers.

To enable it, you can use Jaeger. The easiest way is to start all-in-one Jaeger image:

docker run -d --name jaeger \
  -e COLLECTOR_ZIPKIN_HTTP_PORT=9411 \
  -p 5775:5775/udp \
  -p 6831:6831/udp \
  -p 6832:6832/udp \
  -p 5778:5778 \
  -p 16686:16686 \
  -p 14268:14268 \
  -p 9411:9411 \
  jaegertracing/all-in-one:1.8

For Docker installation of bblfshd add the following flags:

--link jaeger:jaeger -e JAEGER_AGENT_HOST=jaeger -e JAEGER_AGENT_PORT=6831 -e JAEGER_SAMPLER_TYPE=const -e JAEGER_SAMPLER_PARAM=1

For bblfshd running locally, set following environment variables:

JAEGER_AGENT_HOST=localhost JAEGER_AGENT_PORT=6831 JAEGER_SAMPLER_TYPE=const JAEGER_SAMPLER_PARAM=1

Run few requests, and check traces at http://localhost:16686.

For enabling tracing in production, consult Jaeger documentation.

License

GPLv3, see LICENSE