-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
106 lines (83 loc) · 3.04 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
ARG EXTERNAL_REG
ARG PYTHON_IMG_TAG
FROM ${EXTERNAL_REG}/python:${PYTHON_IMG_TAG}-slim-bullseye as base
ARG APP_VERSION
ARG PYTHON_IMG_TAG
ARG APP_MAINTAINER
ARG DEVOPS_MAINTAINER
LABEL monitoring-api.envidat.ch.app-version="${APP_VERSION}" \
monitoring-api.envidat.ch.python-img-tag="${PYTHON_IMG_TAG}" \
monitoring-api.envidat.ch.app-maintainer="${APP_MAINTAINER}" \
monitoring-api.envidat.ch.app-maintainer="${DEVOPS_MAINTAINER}" \
monitoring-api.envidat.ch.api-port="8080"
RUN set -ex \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install \
-y --no-install-recommends locales \
&& DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \
&& rm -rf /var/lib/apt/lists/*
# Set locale
RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
FROM base as build
RUN set -ex \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install \
-y --no-install-recommends \
build-essential \
gcc \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /opt/python
COPY pyproject.toml pdm.lock README.md /opt/python/
COPY monitoring-api/project/__version__.py /opt/python/monitoring-api/project/
RUN pip install --no-cache-dir --upgrade pip \
&& pip install --no-cache-dir pdm==2.8.2 \
&& pdm config python.use_venv false
RUN pdm install --prod --no-editable
FROM base as runtime
ARG PYTHON_IMG_TAG
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PYTHONFAULTHANDLER=1 \
PATH="/opt/python/bin:$PATH" \
PYTHONPATH="/opt/python/pkgs:/opt/app"
RUN set -ex \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install \
-y --no-install-recommends \
nano \
curl \
postgresql-client \
&& rm -rf /var/lib/apt/lists/*
COPY --from=build \
"/opt/python/__pypackages__/${PYTHON_IMG_TAG}/lib" \
/opt/python/pkgs
COPY --from=build \
"/opt/python/__pypackages__/${PYTHON_IMG_TAG}/bin" \
/opt/python/bin
WORKDIR /opt/app
COPY ./monitoring-api /opt/app/
# Pre-compile deps to .pyc, add envidat user, permissions
RUN python -c "import compileall; compileall.compile_path(maxlevels=10, quiet=1)" \
&& useradd -r -u 900 -m -c "envidat account" -d /home/envidat -s /bin/false envidat \
&& chown -R envidat:envidat /opt
FROM runtime as debug
WORKDIR /opt/python
COPY pyproject.toml pdm.lock ./
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN pip install --no-cache-dir pdm==2.8.2 \
&& pdm config python.use_venv false \
&& pdm export --dev --no-default | \
pip install --no-cache-dir -r /dev/stdin
WORKDIR /opt/app
USER envidat
ENTRYPOINT ["python", "-m", "debugpy", "--wait-for-client", "--listen", \
"0.0.0.0:5678", "-m"]
CMD ["gunicorn", "project.wsgi:application", "--bind", "0.0.0.0:8080", \
"--reload", "--log-level", "debug"]
FROM runtime as prod
USER envidat
ENTRYPOINT ["gunicorn", "project.wsgi:application", "--bind", "0.0.0.0:8080"]
CMD ["--workers", "3", "--log-level", "error"]