-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
175 lines (144 loc) · 6.83 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
FROM node:18.17.0-bullseye-slim AS static_files
WORKDIR /code
ENV PATH=/code/node_modules/.bin:$PATH
COPY frontend/package.json frontend/package-lock.json /code/
RUN npm install --silent
COPY frontend/ /code/
RUN npm run build
FROM python:3.10-slim-bullseye AS base
# Create a group and user to run our app
ARG APP_USER=appuser
RUN groupadd -r ${APP_USER} && useradd --no-log-init -r -g ${APP_USER} ${APP_USER}
# Install packages needed to run your application (not build deps):
# postgresql-client -- for running database commands
# We need to recreate the /usr/share/man/man{1..8} directories first because
# they were clobbered by a parent image.
RUN set -ex \
&& RUN_DEPS=" \
libpcre3 \
mime-support \
postgresql-client \
vim \
" \
&& seq 1 8 | xargs -I{} mkdir -p /usr/share/man/man{} \
&& apt-get update && apt-get install -y --no-install-recommends $RUN_DEPS \
&& rm -rf /var/lib/apt/lists/*
# Copy in your requirements file
# ADD requirements.txt /requirements.txt
# OR, if you're using a directory for your requirements, copy everything (comment out the above and uncomment this if so):
ADD requirements /requirements
# Install build deps, then run `pip install`, then remove unneeded build deps all in a single step.
# Correct the path to your production requirements file, if needed.
RUN set -ex \
&& BUILD_DEPS=" \
build-essential \
libpcre3-dev \
libpq-dev \
git-core \
" \
&& apt-get update && apt-get install -y --no-install-recommends $BUILD_DEPS \
&& pip install -U -q pip-tools \
&& pip-sync requirements/base/base.txt requirements/deploy/deploy.txt \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $BUILD_DEPS \
&& rm -rf /var/lib/apt/lists/*
FROM base AS deploy
# Copy your application code to the container (make sure you create a .dockerignore file if any large files or directories should be excluded)
RUN mkdir /code/
WORKDIR /code/
ADD . /code/
# Copy React SPA build into final image
COPY --from=static_files /code/build /code/build
# uWSGI will listen on this port
EXPOSE 8000
# Add any static environment variables needed by Django or your settings file here:
ENV DJANGO_SETTINGS_MODULE=traffic_stops.settings.deploy
# Call collectstatic (customize the following line with the minimal environment variables needed for manage.py to run):
RUN DATABASE_URL='' ENVIRONMENT='' DJANGO_SECRET_KEY='dummy' DOMAIN='' python manage.py collectstatic --noinput
# Tell uWSGI where to find your wsgi file (change this):
ENV UWSGI_WSGI_FILE=traffic_stops/wsgi.py
# Base uWSGI configuration (you shouldn't need to change these):
ENV UWSGI_HTTP=:8000 UWSGI_MASTER=1 UWSGI_HTTP_AUTO_CHUNKED=1 UWSGI_HTTP_KEEPALIVE=1 UWSGI_LAZY_APPS=1 UWSGI_WSGI_ENV_BEHAVIOR=holy UWSGI_IGNORE_SIGPIPE=true UWSGI_IGNORE_WRITE_ERRORS=true UWSGI_DISABLE_WRITE_EXCEPTION=true
# Number of uWSGI workers and threads per worker (customize as needed):
ENV UWSGI_WORKERS=2 UWSGI_THREADS=4
# uWSGI static file serving configuration (customize or comment out if not needed):
ENV UWSGI_STATIC_MAP="/static/=/code/static/" UWSGI_STATIC_EXPIRES_URI="/static/.*\.[a-f0-9]{12,}\.(css|js|png|jpg|jpeg|gif|ico|woff|ttf|otf|svg|scss|map|txt) 315360000"
RUN touch /code/.env
# Change to a non-root user
USER ${APP_USER}:${APP_USER}
# Uncomment after creating your docker-entrypoint.sh
ENTRYPOINT ["/code/docker-entrypoint.sh"]
# Start uWSGI
CMD ["newrelic-admin", "run-program", "uwsgi", "--single-interpreter", "--enable-threads", "--show-config"]
FROM python:3.10-slim-bullseye AS dev
ARG USERNAME=appuser
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Create non-root user
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID --create-home --shell /bin/bash $USERNAME
# Install packages for Dev Container development
# build-essential -- for gcc to compile non-wheel packages with C dependencies
# docker-ce-cli -- docker CLI
# docker-compose-plugin -- docker compose CLI
# git-core -- to pull, commit, and push from dev container
# gnupg2 -- GNU privacy guard - a free PGP replacement
# libpq-dev -- header files for PostgreSQL
# openssh-client -- for git over SSH
# sudo -- to run commands as superuser
# vim -- enhanced vi editor for commits
ENV KUBE_CLIENT_VERSION="v1.29.4"
ENV HELM_VERSION="3.14.4"
RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
--mount=type=cache,mode=0755,target=/root/.cache/pip \
set -ex \
&& RUN_DEPS=" \
build-essential \
docker-ce-cli \
docker-compose-plugin \
git-core \
gnupg2 \
jq \
libpcre3 \
libpq-dev \
nodejs \
openssh-client \
postgresql-client-12 \
sudo \
vim \
" \
&& apt-get update && apt-get -y install curl wget gnupg2 lsb-release \
# starship.rs prompt
&& curl -sS https://starship.rs/install.sh | sh -s -- -y \
# kubectl
&& curl --silent -L https://dl.k8s.io/release/$KUBE_CLIENT_VERSION/bin/linux/$(dpkg --print-architecture)/kubectl -o /usr/local/bin/kubectl \
&& chmod +x /usr/local/bin/kubectl \
# helm
&& curl --silent -L https://get.helm.sh/helm-v$HELM_VERSION-linux-$(dpkg --print-architecture).tar.gz --output - | tar -xzC /tmp \
&& mv /tmp/linux-$(dpkg --print-architecture)/helm /usr/local/bin/helm \
&& chmod +x /usr/local/bin/helm \
# docker
&& curl https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker.gpg >/dev/null \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
# nodejs
&& sh -c 'echo "deb https://deb.nodesource.com/node_18.x $(lsb_release -cs) main" > /etc/apt/sources.list.d/nodesource.list' \
&& wget --quiet -O- https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - \
# PostgreSQL
&& sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' \
&& curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null \
# dev packages
&& apt-get update \
&& apt-get install -y --no-install-recommends $RUN_DEPS \
# sudo
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME
# Install Docker Buildx component for Docker v23.0.0+
COPY --from=docker/buildx-bin:latest /buildx /usr/libexec/docker/cli-plugins/docker-buildx
COPY --chown=$USER_UID:$USER_GID . /code/
USER $USERNAME
RUN set -ex \
&& touch /code/.env \
&& echo 'eval "$(starship init bash)"' >> ~/.bashrc
ENV DJANGO_SETTINGS_MODULE=traffic_stops.settings.dev
ENV PATH=/code/venv/bin:$PATH
WORKDIR /code
CMD ["python", "/code/manage.py", "runserver", "0.0.0.0:8000"]