anki/docs/docker
Damien Elmes 5e0a761b87
Move away from Bazel (#2202)
(for upgrading users, please see the notes at the bottom)

Bazel brought a lot of nice things to the table, such as rebuilds based on
content changes instead of modification times, caching of build products,
detection of incorrect build rules via a sandbox, and so on. Rewriting the build
in Bazel was also an opportunity to improve on the Makefile-based build we had
prior, which was pretty poor: most dependencies were external or not pinned, and
the build graph was poorly defined and mostly serialized. It was not uncommon
for fresh checkouts to fail due to floating dependencies, or for things to break
when trying to switch to an older commit.

For day-to-day development, I think Bazel served us reasonably well - we could
generally switch between branches while being confident that builds would be
correct and reasonably fast, and not require full rebuilds (except on Windows,
where the lack of a sandbox and the TS rules would cause build breakages when TS
files were renamed/removed).

Bazel achieves that reliability by defining rules for each programming language
that define how source files should be turned into outputs. For the rules to
work with Bazel's sandboxing approach, they often have to reimplement or
partially bypass the standard tools that each programming language provides. The
Rust rules call Rust's compiler directly for example, instead of using Cargo,
and the Python rules extract each PyPi package into a separate folder that gets
added to sys.path.

These separate language rules allow proper declaration of inputs and outputs,
and offer some advantages such as caching of build products and fine-grained
dependency installation. But they also bring some downsides:

- The rules don't always support use-cases/platforms that the standard language
tools do, meaning they need to be patched to be used. I've had to contribute a
number of patches to the Rust, Python and JS rules to unblock various issues.
- The dependencies we use with each language sometimes make assumptions that do
not hold in Bazel, meaning they either need to be pinned or patched, or the
language rules need to be adjusted to accommodate them.

I was hopeful that after the initial setup work, things would be relatively
smooth-sailing. Unfortunately, that has not proved to be the case. Things
frequently broke when dependencies or the language rules were updated, and I
began to get frustrated at the amount of Anki development time I was instead
spending on build system upkeep. It's now about 2 years since switching to
Bazel, and I think it's time to cut losses, and switch to something else that's
a better fit.

The new build system is based on a small build tool called Ninja, and some
custom Rust code in build/. This means that to build Anki, Bazel is no longer
required, but Ninja and Rust need to be installed on your system. Python and
Node toolchains are automatically downloaded like in Bazel.

This new build system should result in faster builds in some cases:

- Because we're using cargo to build now, Rust builds are able to take advantage
of pipelining and incremental debug builds, which we didn't have with Bazel.
It's also easier to override the default linker on Linux/macOS, which can
further improve speeds.
- External Rust crates are now built with opt=1, which improves performance
of debug builds.
- Esbuild is now used to transpile TypeScript, instead of invoking the TypeScript
compiler. This results in faster builds, by deferring typechecking to test/check
time, and by allowing more work to happen in parallel.

As an example of the differences, when testing with the mold linker on Linux,
adding a new message to tags.proto (which triggers a recompile of the bulk of
the Rust and TypeScript code) results in a compile that goes from about 22s on
Bazel to about 7s in the new system. With the standard linker, it's about 9s.

Some other changes of note:

- Our Rust workspace now uses cargo-hakari to ensure all packages agree on
available features, preventing unnecessary rebuilds.
- pylib/anki is now a PEP420 implicit namespace, avoiding the need to merge
source files and generated files into a single folder for running. By telling
VSCode about the extra search path, code completion now works with generated
files without needing to symlink them into the source folder.
- qt/aqt can't use PEP420 as it's difficult to get rid of aqt/__init__.py.
Instead, the generated files are now placed in a separate _aqt package that's
added to the path.
- ts/lib is now exposed as @tslib, so the source code and generated code can be
provided under the same namespace without a merging step.
- MyPy and PyLint are now invoked once for the entire codebase.
- dprint will be used to format TypeScript/json files in the future instead of
the slower prettier (currently turned off to avoid causing conflicts). It can
automatically defer to prettier when formatting Svelte files.
- svelte-check is now used for typechecking our Svelte code, which revealed a
few typing issues that went undetected with the old system.
- The Jest unit tests now work on Windows as well.

If you're upgrading from Bazel, updated usage instructions are in docs/development.md and docs/build.md. A summary of the changes:

- please remove node_modules and .bazel
- install rustup (https://rustup.rs/)
- install rsync if not already installed  (on windows, use pacman - see docs/windows.md)
- install Ninja (unzip from https://github.com/ninja-build/ninja/releases/tag/v1.11.1 and
  place on your path, or from your distro/homebrew if it's 1.10+)
- update .vscode/settings.json from .vscode.dist
2022-11-27 15:24:20 +10:00
..
Dockerfile updates to the build process and binary bundles 2022-02-10 19:23:07 +10:00
README.md Move away from Bazel (#2202) 2022-11-27 15:24:20 +10:00

Building and running Anki in Docker

This is an example Dockerfile contributed by an Anki user, which shows how Anki can be both built and run from within a container. It works by streaming the GUI over an X11 socket.

Building and running Anki within a container has the advantage of fully isolating the build products and runtime dependencies from the rest of your system, but it is a somewhat niche approach, with some downsides such as an inability to display natively on Wayland, and a lack of integration with desktop icons/filetypes. But even if you do not use this Dockerfile as-is, you may find it useful as a reference.

Anki's Linux CI is also implemented with Docker, and the Dockerfiles for that may also be useful for reference - they can be found in .buildkite/linux/docker.

Build the Docker image

For best results, enable BuildKit (export DOCKER_BUILDKIT=1).

When in this current directory, one can build the Docker image like this:

docker build --tag anki --file Dockerfile ../../

When this is done, run docker image ls to see that the image has been created.

If one wants to build from the project's root directory, use this command:

docker build --tag anki --file docs/docker/Dockerfile .

Run the Docker image

Anki starts a graphical user interface, and this requires some extra setup on the user's end. These instructions were tested on Linux (Debian 11) and will have to be adapted for other operating systems.

To allow the Docker container to pull up a graphical user interface, we need to run the following:

xhost +local:root

Once done using Anki, undo this with

xhost -local:root

Then, we will construct our docker run command:

docker run --rm -it \
    --name anki \
    --volume $HOME/.local/share:$HOME/.local/share:rw \
    --volume /etc/passwd:/etc/passwd:ro \
    --user $(id -u):$(id -g) \
    --volume /tmp/.X11-unix:/tmp/.X11-unix:rw \
    --env DISPLAY=$DISPLAY \
    anki

Here is a breakdown of some of the arguments:

  • Mount the current user's ~/.local/share directory onto the container. Anki saves things into this directory, and if we don't mount it, we will lose any changes once the container exits. We mount this as read-write (rw) because we want to make changes here.

    --volume $HOME/.local/share:$HOME/.local/share:rw
    
  • Mount /etc/passwd so we can enter the container as ourselves. We mount this as read-only because we definitely do not want to modify this.

    --volume /etc/passwd:/etc/passwd:ro
    
  • Enter the container with our user ID and group ID, so we stay as ourselves.

    --user $(id -u):$(id -g)
    
  • Mount the X11 directory that allows us to open displays.

    --volume /tmp/.X11-unix:/tmp/.X11-unix:rw
    
  • Pass the DISPLAY variable to the container, so it knows where to display graphics.

    --env DISPLAY=$DISPLAY
    

Running Dockerized Anki easily from the command line

One can create a shell function that executes the docker run command. Then one can simply run anki on the command line, and Anki will open in Docker. Make sure to change the image name to whatever you used when building Anki.

anki() {
    docker run --rm -it \
        --name anki \
        --volume $HOME/.local/share:$HOME/.local/share:rw \
        --volume /etc/passwd:/etc/passwd:ro \
        --user $(id -u):$(id -g) \
        --volume /tmp/.X11-unix:/tmp/.X11-unix:rw \
        --env DISPLAY=$DISPLAY \
        anki "$@"
}