-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
95 lines (72 loc) · 2.88 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# syntax=docker/dockerfile:1.4
FROM python:3-alpine as base
# Ensure that the environment uses UTF-8 encoding by default
ENV LANG en_US.UTF-8
# Disable pip cache dir
ENV PIP_NO_CACHE_DIR true
# Stops Python default buffering to stdout, improving logging to the console.
ENV PYTHONUNBUFFERED 1
ENV APP_HOME /src
ENV APP_NAME django_learn
WORKDIR ${APP_HOME}
# Install and update common OS packages, pip, setuptools, wheel, and awscli
RUN apk update --no-cache && apk upgrade --no-cache
RUN pip install --upgrade pip setuptools wheel
#######################################################################
# Intermediate layer to build only prod deps
FROM base as python-builder
# Install python requirements
COPY requirements requirements
RUN mkdir /build && pip install --prefix=/build -r requirements/base.txt
#######################################################################
# dev is used for local development, as well as a base for frontend.
FROM python-builder AS dev
ENV PYTHONPATH ${APP_HOME}/${APP_NAME}
# Django Settings
ENV DJANGO_SETTINGS_MODULE ${APP_NAME}.settings.dev
# .backend-deps and .frontend-deps are required to run the application
RUN apk add --no-cache --virtual .backend-deps postgresql-client
# Install python requirements
COPY requirements requirements
# RUN cp -Rfp /build/* /usr/local && rm -Rf /build && pip install -r requirements/local.txt
RUN cp -Rfp /build/* /usr/local && rm -Rf /build
EXPOSE 8000
# Start app using development server
ENTRYPOINT ["./docker-entrypoint.sh"]
CMD ["sh", "-c", "python $APP_NAME/manage.py runserver 0.0.0.0:8000"]
#######################################################################
# prod layer
FROM base as prod
ARG USER_UID=1000
ARG USER_GID=$USER_UID
ARG USERNAME=django
ENV PYTHONPATH ${APP_HOME}/${APP_NAME}
ENV DJANGO_SETTINGS_MODULE ${APP_NAME}.settings.base
# Convert sercrets to environment variables
COPY <<EOF /etc/profile.d/secrets_env.sh
if [ -d /var/run/secrets ]; then
for s in $(find -L /var/run/secrets/$APP_NAME -type f); do
export $(basename \$s)=$(cat \$s);
done
fi
EOF
# Copy Python requirements from builder layer
COPY --from=python-builder /build /usr/local
# Cleanup *.key files
RUN for i in $(find /usr/local/lib/python3* -type f -name "*.key*"); do rm "$i"; done
# .backend-deps are required to run the application
RUN apk add --no-cache --virtual .backend-deps bash curl postgresql-client
# Create non-root user
RUN addgroup -S -g $USER_GID $USERNAME \
&& adduser -S -u $USER_UID $USERNAME $USERNAME \
&& chown -Rf $USER_UID:$USER_GID ${APP_HOME}
USER $USERNAME
# Copy code
COPY --chown=$USER_UID:$USER_GID . .
RUN chmod +x *.sh
# Setup healthcheck
HEALTHCHECK --start-period=300s --interval=30s --retries=30 \
CMD curl -sf -A docker-healthcheck -o /dev/null http://localhost:8000/ht/
# Start app using gunicorn
ENTRYPOINT ["./docker-entrypoint.sh"]
CMD ["gunicorn", "-c", "gunicorn_conf.py"]