Skip to content

Compose dev #3226

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jbaptperez wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Compose dev #3226

jbaptperez wants to merge 5 commits into from

Conversation

@jbaptperez
Copy link
Contributor

@jbaptperez jbaptperez commented Nov 21, 2024
edited
Loading

IMPORTANT: All Pull Requests should be connected to an issue, if you don't
have an issue, please start by creating an issue and link it to the PR.

Please provide enough information so that others can review your pull request:

  • What existing problem does this PR solve?
  • What new feature is being introduced with this PR?
    • Add to the development set-up the possibility to customise image builds (among other) using a .env file,
    • Update of the Compose file syntax to the Compose specification,
    • Other minor enhancements related to the development Compose set-up
  • Overview of changes to existing functions if required.
    • The current behavior remain the same, but the enhancement of the development set-up leads to different paths to the Dockerfiles and simplified commands to manage the development container.

Checks

  • All tests succeed.
  • Unit tests added.
  • e2e tests added.
  • Documentation updated.

Closing issues

Closes #3225.

Changes

.gitattributes and .dockerignore

Adds .gitattributes file to handle line endings, in particular when developing on Windows and building Linux images.
Adds .dockerignore file to limit the context transferred when building Docker images.

New Compose set-up for development

  • Located at contrib/docker/dev.
  • Does NOT replace the docker/dev set-up for now.
  • Uses a latest Compose syntax.
  • Relies only on Docker Compose CLI, not both Docker Compose and Docker CLIs anymore.
  • Allows image builds in enterprise context: Optional dependency source proxies can be set for Ubuntu, Python and Node.
  • Uses optimized multi-stage builds to locally build images.
  • Centralizes variables in an non-versioned .env file, with a .env.template model file.
  • Uses a structured file hierarchy for Compose services.
  • Uses per service environment files.
  • Uses only named volumes for speed, portability and to store all data that are not configuration or source files (use docker compose down -v to reset).
  • Splits the main service (container) into one per component (setup, celery-worker, gunicorn, frontend).
  • Makes the frontend service compatible with the 3 frontends implementations (switch via an environment variable).
  • Dramatically optimizes the setup stage (dedicated service) (shallow clones/fetches the Sigma repository, calls tsctl once to register all rules at once).
  • Uses a single entry point for each Docker service.
  • Makes each service run on PID 1 to properly receive Docker signals.**
  • Optimizes service startup order and leverages health checks to make service wait for each other (PostgreSQL, Redis, Gunicorn). OpenSearch has also a health check but the healthy state is not strictly required for development purposes.
  • Adds a dedicated README.md to quickly get started.

Limits

I used a copy of the timesketch.conf file to properly set variables required for a local setup.
This copy must be updated according to the modification mades to the data/timesketch.conf file.

However, if you decides to replace the current Compose development setup with the new (contrib) one, this can be solved the following way:

  • Move contrib/docker/dev to docker/dev,
  • Adapt content (relative paths and README.md commands),
  • Declare an environment variable for all settings that can be customized in the (Compose) timesketch.conf file,
  • Adapt and test using Compose,
  • Move the Compose timesketch.conf and replace the data/ one,
  • Adapt the Compose references to the new location (bind mounts),
  • Find references that use this file (development or contribution scripts) and adapt them: just declare and use environment variables.

@google-cla
Copy link

google-cla bot commented Nov 21, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@jbaptperez jbaptperez force-pushed the compose-dev branch 2 times, most recently from f8d06cb to fb811f1 Compare November 22, 2024 10:24
@jbaptperez jbaptperez marked this pull request as ready for review November 22, 2024 10:34
@jbaptperez jbaptperez force-pushed the compose-dev branch 12 times, most recently from 62afd82 to c310703 Compare November 28, 2024 21:57
@jbaptperez jbaptperez mentioned this pull request Dec 2, 2024
Open
@jbaptperez
Copy link
Contributor Author

jbaptperez commented Dec 2, 2024

As I had time to update the PR, I also optimized some things, like using a Python virtual environment in the Docker image.
There is a lot of another improvements to be done, but maybe in another PR?

I thought about:

  • Adding an environment variable to allow a custom place for the configuration files (with a default value to be compatible), this is necessary for the next steps,
  • Put every component into its own container,
  • Using Compose profiles to start everything or only a set of services,
  • Allow, with port mapping to localhost, using our IDE to start a process in true debug mode (gunicorn or flask, celery),
  • Use Compose development features for an optimized synchronization with the current source code.

@jbaptperez jbaptperez force-pushed the compose-dev branch 2 times, most recently from 212f1bb to 08e8de9 Compare December 3, 2024 17:08
@jkppr jkppr mentioned this pull request Dec 12, 2024
Merged
4 tasks
@jkppr
Copy link
Collaborator

jkppr commented Dec 12, 2024

Thanks for the suggested changes to the development setup @jbaptperez. I appreciate you taking the time to propose these updates to improve the developer experience, especially for those in restricted environments. The changes are quite extensive and touch many core parts of our development setup, so we'll need some time to thoroughly review and test them.

While flexibility is important, we aim to maintain a simple and easily reproducible development environment that works out-of-the-box on a typical Linux machine. We generally encourage developers to manage their own custom configurations for specific environments, such as those found in corporate settings. Therefore, we may incorporate some of your proposed changes while declining others to ensure we keep the core setup as straightforward as possible.

@jkppr jkppr self-requested a review December 12, 2024 14:36
@jbaptperez
Copy link
Contributor Author

jbaptperez commented Dec 14, 2024

@jkppr, actually, the apparent change is not so big: Everything run into a single container with docker compose exec commands instead of docker exec ones.

I paid special attention to keeping default settings so that the behaviour without changes is the same as before.

A big change reported by Git is the deletion of the recently added yarn.lock file as it freezes a package source repository URL, which is indeed an issue for the PR.

The rest is close to the previous behaviour, with a single real difference: I duplicated the timesketch.conf file so that the development Compose set-up have its own; This simplifies the configuration from a single .env file but this is a kind of duplication, which can be discussed.

However, I understand your message and I am open to suggestions.

@jbaptperez jbaptperez force-pushed the compose-dev branch 2 times, most recently from 2161c61 to 94e3cad Compare December 23, 2024 13:48
@jbaptperez jbaptperez force-pushed the compose-dev branch 3 times, most recently from b1dbf22 to e7afbc6 Compare August 27, 2025 14:01
@jaegeral
Copy link
Collaborator

jaegeral commented Nov 7, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 7, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request significantly enhances the development environment by overhauling the Docker Compose setup. Key improvements include the adoption of the modern Compose specification, the introduction of a .env file for easier customization of builds, and the use of a Python virtual environment within the container. The changes make the development setup more flexible and robust, especially for environments with network restrictions.

My review focuses on ensuring the new setup is correct and follows best practices. I've found a critical issue in the docker-entrypoint.sh script that would prevent the timesketch container from starting correctly due to an incorrect virtual environment path. I've also identified a couple of high-severity issues related to build reproducibility: the use of a :latest tag for a base image and ignoring package lock files in .gitignore. Finally, I've suggested some improvements to the new README.md for clarity and consistency.

@jbaptperez
Copy link
Contributor Author

jbaptperez commented Nov 9, 2025
edited
Loading

I rebased my branch on top of master.
This led me to update my work according to the current progress:

  • Switching from Ubuntu 22.04 to Ubuntu 24.04,
  • Switching from Node 18 to Node 20 (mandatory),

Note the virtualenv became the standard way to run the application in-between, which is great.

I made the following changes:

  • Using local images built on-the-fly: They have their own directory, environment file, Dockerfile and they include the recently added health checks (with some changes),
  • Using long syntaxes in the Compose file, which helps to understand the code,
  • Changing the name of services and images, to cleary make the difference with any official images (e.g. PostgreSQL image names cannot conflict with the one for development),
  • Other minor changes.

However, I the work is not over. To do:

  • Splitting the timesketch service into individual ones:
    • Adding the development user and the sigma rules (once),
    • Starting the Celery worker,
    • Running Gunicorn (backend with auto-reload, static compiled frontend, port 5000), depends on the Celery worker,
    • Running Vite (dynamic frontend with auto-reload, port 5001, depends of Gunicorn),
  • A proper update of the README.md.

@jbaptperez jbaptperez force-pushed the compose-dev branch 6 times, most recently from 19ff354 to a770a1e Compare November 14, 2025 10:42
@jbaptperez jbaptperez force-pushed the compose-dev branch 2 times, most recently from 95c40df to 0ade735 Compare December 10, 2025 16:16
@jbaptperez jbaptperez force-pushed the compose-dev branch 5 times, most recently from d117702 to a3de4ea Compare December 23, 2025 13:14
@jbaptperez
Copy link
Contributor Author

jbaptperez commented Dec 23, 2025

Hi @jkppr,
I finalized my work (1 year!) and wrote details about the new features introduced in the PR description.

For information, I'm moving to a new squad, so I won't work on this project anymore.
However, I transferred details about this PR to @jeflagel that remains in the team.

Sorry if I made such a big PR but I ran out of time to properly extract every new features that I added on-the-fly.

In the future, if you agree to replace the current Compose setup with the new one of this PR (for now in the contrib directory), the required maintenance of the new timesketch.conf file could be completely removed (see the limits section in the PR description).

I hope you will merge this PR.

@jbaptperez jbaptperez marked this pull request as ready for review December 23, 2025 15:52
@jbaptperez
Add a .gitattribute file
6e036e8 
Makes the repository handle file line endings.
This helps to make it cross-platform, asserting some files are Unix-ended.
@jbaptperez
Update .dockerignore
2304e09 
Adds .gitignore files.
Dramatically improves an image build in a development context.
@jbaptperez
Add a new Compose for development
153da65 
Compose standard changes:
- Removes the deprecated "version" field,
- Adds a toplevel "name" field (prefix of container names nad network),
- Adds a toplevel "network" field, with a common "timesketch-dev"
  network,
- Removes container names (depends on and toplevel name and service
  names),
- Do not bind to the 127.0.0.1 interface only (0.0.0.0),
- Removes useless "links" (common network),
- Refactors environment variables not to use a YAML array,
- Removes "restart" fields to detect undesired crashes in development,
- Binds ports of other services to the host (opensearch, redis).

General changes:
- Allows Docker image builds in a restricted company context (limited
  access to remote Ubuntu, Python or Node repositories) using variables,
- Centralizes variables in a .env file (not versioned),
- Adds a .env.template file as .env template with predefined variables,
- Use a distinct directory for every service dependencies,
- Use named volumes for portability and to avoid auto-creation of
  anonymous ones (PostgreSQL, Redis and Prometheus declare volumes in
  their Dockerfile; this leads to anonymous volume creations if they
  are not declared in Compose),
- Uses a per-service environment file,
- Uses local images that include their healthcheck,
- Rename some service names,
- Simplifies how development configuration files are transferred to
  Timesketch,
- Simplifies manipulation of containers using Compose CLI instead of
  the Docker one,
- Simplify and optimizes the Timesketch entrypoint,
- Updates the Bash scripts to start frontend-ng,
- Updates related documentation.
@jbaptperez
Make backend proxy configurable for frontend development
fa40f08 
Required to isolate development processes into their own Docker
container.
@jbaptperez
Use a single Compose service per development component
d6e9b24 
Dockerfile changes:
- Switches to optimized multistage build,
- Switch to rootless images (user name, UID and GID are configurable),
- Use dedicated entrypoints per images,
- Add a health check for the Gunicorn image,
- Frontend compatible with all 3 versions at build time.

Compose changes:
- Splits services into multiple ones,
- Use a dedicated setup service for data initialization,
- Dramatically optimizes the initial setup.

README.md changes:
- Rewrites everything, clearer.
@jbaptperez jbaptperez requested a review from jaegeral December 24, 2025 18:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkppr jkppr Awaiting requested review from jkppr

@jaegeral jaegeral Awaiting requested review from jaegeral

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

@jbaptperez jbaptperez

@jkppr jkppr

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Adapt the development Compose set-up to allow restricted company contexts

3 participants

@jbaptperez @jkppr @jaegeral