-
Notifications
You must be signed in to change notification settings - Fork 7
/
Dockerfile
100 lines (75 loc) · 2.7 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# syntax = docker/dockerfile:1
ARG PYTHON_VERSION="3.8"
ARG POETRY_VERSION="1.2.2"
ARG BUILD_DEPS="\
gcc bzip2 git curl libpq-dev gettext \
libgdal-dev python3-cffi python3-gdal \
python3-dev default-libmysqlclient-dev build-essential \
build-essential \
cmake \
autoconf pkg-config autoconf libtool automake \
libmariadb-dev"
ARG RUNTIME_DEPS="\
git \
tzdata \
postgresql-client \
netcat-traditional \
curl \
gosu \
gdal-bin"
FROM python:${PYTHON_VERSION}-slim as base
ARG POETRY_VERSION
ENV PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 \
DEBIAN_FRONTEND=noninteractive \
PROJECT=Weni-engine \
PROJECT_PATH=/home/app \
APP_USER=app_user \
APP_GROUP=app_group \
USER_ID=1999 \
GROUP_ID=1999 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
PATH="/install/bin:${PATH}" \
APP_PORT=${APP_PORT} \
APPLICATION_NAME="Weni-engine" \
RUNTIME_DEPS=${RUNTIME_DEPS} \
BUILD_DEPS=${BUILD_DEPS} \
PYTHONIOENCODING=UTF-8 \
LIBRARY_PATH=/lib:/usr/lib
ARG COMPRESS_ENABLED
ARG BRANDING_ENABLED
RUN addgroup --gid "${GROUP_ID}" "${APP_GROUP}" \
&& useradd --system -m -d "${PROJECT_PATH}" -u "${USER_ID}" -g "${GROUP_ID}" "${APP_USER}"
WORKDIR "${PROJECT_PATH}"
RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
FROM base as build-poetry
ARG POETRY_VERSION
COPY pyproject.toml poetry.lock ./
RUN --mount=type=cache,mode=0755,target=/pip_cache,id=pip pip install --cache-dir /pip_cache -U poetry=="${POETRY_VERSION}" \
&& poetry cache clear -n --all pypi \
&& poetry export --without-hashes --output requirements.txt
# && poetry add -n --lock $(cat pip-requires.txt) \
FROM base as build
ARG BUILD_DEPS
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update \
&& apt-get install --no-install-recommends --no-install-suggests -y ${BUILD_DEPS}
COPY --from=build-poetry "${PROJECT_PATH}/requirements.txt" /tmp/dep/
RUN --mount=type=cache,mode=0755,target=/pip_cache,id=pip pip install --cache-dir /pip_cache --prefix=/install -r /tmp/dep/requirements.txt
FROM base
ARG BUILD_DEPS
ARG RUNTIME_DEPS
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update \
&& SUDO_FORCE_REMOVE=yes apt-get remove --purge -y ${BUILD_DEPS} \
&& apt-get autoremove -y \
&& apt-get install -y --no-install-recommends ${RUNTIME_DEPS} \
&& rm -rf /usr/share/man /usr/share/doc
COPY --from=build /install /usr/local
COPY --chown=${APP_USER}:${APP_GROUP} ./ ${PROJECT_PATH}
USER "${APP_USER}:${APP_GROUP}"
EXPOSE 8000
ENTRYPOINT ["bash", "./entrypoint.sh"]
CMD ["start"]