-
Notifications
You must be signed in to change notification settings - Fork 219
/
Copy pathDockerfile
141 lines (106 loc) · 4.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# syntax=docker/dockerfile:1
# check=skip=InvalidDefaultArgInFrom
# Automatically build image using Python version specified in `pyproject.toml`
ARG API_PY_VERSION
##################
# Python builder #
##################
FROM docker.io/python:${API_PY_VERSION} AS builder
# Get the version from the main justfile
ARG OV_PDM_VERSION
# Container optimizations
ENV PYTHONUNBUFFERED=1
ENV PIP_NO_CACHE_DIR=1
ENV PIP_NO_COLOR=1
# - Install system packages needed for building Python dependencies
# - Create a virtualenv inside `/venv`
# - Install PDM to install Python dependencies
RUN apt-get update \
&& apt-get install -yqq --no-install-recommends python3-dev \
&& apt-get autoremove -y \
&& rm -rf /var/lib/apt/lists/* \
&& pip install --upgrade pip \
&& pip install pdm~=$OV_PDM_VERSION
# Copy subpackages from additional build-context 'packages'
# hadolint ignore=DL3022
COPY --from=packages openverse-attribution /packages/python/openverse-attribution
# Copy the Python project manifest and PDM lockfile into the container
COPY pyproject.toml pdm.lock /
# Pass additional arguments when installing Python packages with PDM
ARG PDM_INSTALL_ARGS="--no-editable"
# Install Python dependencies into a new virtualenv
RUN pdm install --check --frozen-lockfile $PDM_INSTALL_ARGS
#######
# API #
#######
FROM docker.io/python:${API_PY_VERSION}-slim AS api
LABEL org.opencontainers.image.source="https://github.com/WordPress/openverse"
# Container optimizations
ENV PYTHONUNBUFFERED=1
ENV PIP_NO_CACHE_DIR=1
ENV PIP_NO_COLOR=1
# Activate the virtualenv
ENV PATH="/.venv/bin:$PATH"
WORKDIR /api
# Copy virtualenv from the builder image
COPY --from=builder /.venv /.venv
ARG BUILDARCH
ARG AUDIOWAVEFORM_RELEASE=1.10.1
ARG AUDIOWAVEFORM_DEB=audiowaveform_${AUDIOWAVEFORM_RELEASE}-1-12_${BUILDARCH}.deb
# - Install system packages needed for running Python dependencies
# - Create directory for dumping API logs
# - apt --fix-broken install required to install missing dependencies for audiowaveform and audiowaveform itself
# dpkg -i marks the dependencies for installation, apt-get installs them
# we need to ignore error output from dpkg -i for this reason
RUN apt-get update \
&& apt-get install -yqq --no-install-recommends \
curl \
postgresql-client \
&& curl -sLO https://github.com/bbc/audiowaveform/releases/download/${AUDIOWAVEFORM_RELEASE}/${AUDIOWAVEFORM_DEB} \
&& (dpkg -i ${AUDIOWAVEFORM_DEB} || apt-get --fix-broken -y --no-install-recommends install) \
&& apt-get autoremove -y \
&& rm -rf /var/lib/apt/lists/* ${AUDIOWAVEFORM_DEB} \
&& mkdir -p /var/log/openverse_api/openverse_api.log
# Create a folder for placing static files
RUN mkdir /static
# Create a non-root user, and make it the owner of the static dir created above
RUN useradd --create-home ov_user \
&& chown -R ov_user /static
USER ov_user
# Copy subpackages from additional build-context 'packages'
# hadolint ignore=DL3022
COPY --chown=ov_user --from=packages openverse-attribution /packages/python/openverse-attribution/
# Copy code into the final image
COPY --chown=ov_user . /api/
# Collect static assets, these are used by the next stage, `nginx`
RUN env \
SETUP_ES="False" \
DJANGO_SECRET_KEY="any string" \
CANONICAL_DOMAIN="" \
python manage.py collectstatic
# Add the release version to the docker container
ARG SEMANTIC_VERSION
ENV SEMANTIC_VERSION=$SEMANTIC_VERSION
ENV SENTRY_RELEASE=$SEMANTIC_VERSION
# Exposes
# - 8000: Dev server for API Django app
EXPOSE 8000
# Wait for ES to accept connections
ENTRYPOINT ["./run.sh"]
CMD ["python", "run.py"]
#########
# NGINX #
#########
FROM docker.io/nginx:1.27.4-alpine AS nginx
LABEL org.opencontainers.image.source="https://github.com/WordPress/openverse"
WORKDIR /app
COPY nginx/nginx.conf.template /etc/nginx/templates/openverse-api.conf.template
COPY nginx/snippets /etc/nginx/snippets
# Copy static files from `api` target
COPY --from=api /static /app/static
# Only environment variables with this prefix will be available in the template
ENV NGINX_ENVSUBST_FILTER="DJANGO_NGINX_"
ENV DJANGO_NGINX_ENVIRONMENT="local"
# Add the release version to the docker container
ARG SEMANTIC_VERSION
ENV DJANGO_NGINX_GIT_REVISION=$SEMANTIC_VERSION