-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathDockerfile
85 lines (67 loc) · 2.73 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
FROM ubuntu:20.04 as stage1
ARG DEBIAN_FRONTEND=noninteractive
ENV PYTHONUNBUFFERED 1
ENV KUBE_LATEST_VERSION=v1.24.4
ENV HELM_VERSION=v3.9.4
ENV HELM_FILENAME=helm-${HELM_VERSION}-linux-amd64.tar.gz
RUN set -xe; \
apt-get -qq update && apt-get install -y --no-install-recommends \
apt-transport-https \
git-core \
make \
software-properties-common \
gcc \
python3-dev \
libffi-dev \
python3-pip \
python3-setuptools \
curl \
&& curl -L https://storage.googleapis.com/kubernetes-release/release/${KUBE_LATEST_VERSION}/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl \
&& curl -L https://get.helm.sh/${HELM_FILENAME} | tar xz && mv linux-amd64/helm /usr/local/bin/helm && rm -rf linux-amd64 \
&& apt-get autoremove -y && apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* \
&& mkdir -p /app \
&& pip3 install virtualenv \
&& virtualenv -p python3 --prompt "(cloudman)" /app/venv
# Set working directory to /app/
WORKDIR /app/
# Only add files required for installation to improve build caching
ADD requirements.txt /app
ADD setup.py /app
ADD README.rst /app
ADD HISTORY.rst /app
ADD cloudman/cloudman/__init__.py /app/cloudman/cloudman/__init__.py
# Install requirements. Move this above ADD as 'pip install cloudman-server'
# asap so caching works
RUN /app/venv/bin/pip3 install -U pip && /app/venv/bin/pip3 install --no-cache-dir -r requirements.txt
# Stage-2
FROM ubuntu:20.04
ARG DEBIAN_FRONTEND=noninteractive
ENV PYTHONUNBUFFERED 1
# Create cloudman user environment
RUN useradd -ms /bin/bash cloudman \
&& mkdir -p /app \
&& chown cloudman:cloudman /app -R \
&& apt-get -qq update && apt-get install -y --no-install-recommends \
git-core \
python3-pip \
python3-setuptools \
locales locales-all \
&& apt-get autoremove -y && apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/*
ENV LC_ALL en_US.UTF-8
WORKDIR /app/cloudman/
# Copy cloudman files to final image
COPY --chown=cloudman:cloudman --from=stage1 /app /app
COPY --chown=cloudman:cloudman --from=stage1 /usr/local/bin/kubectl /usr/local/bin/kubectl
COPY --chown=cloudman:cloudman --from=stage1 /usr/local/bin/helm /usr/local/bin/helm
# Add the source files last to minimize layer cache invalidation
ADD --chown=cloudman:cloudman . /app
# Switch to new, lower-privilege user
USER cloudman
RUN chmod a+x /usr/local/bin/kubectl \
&& chmod a+x /usr/local/bin/helm \
&& /app/venv/bin/python manage.py collectstatic --no-input
# gunicorn will listen on this port
EXPOSE 8000
CMD /bin/bash -c "source /app/venv/bin/activate && /app/venv/bin/gunicorn -k gevent -b :8000 --access-logfile - --error-logfile - --log-level info cloudman.wsgi"