77 строки
2.4 KiB
Docker
77 строки
2.4 KiB
Docker
FROM python:3.12.7 AS compile
|
|
|
|
ENV PIP_NO_CACHE_DIR=off \
|
|
PIP_DISABLE_PIP_VERSION_CHECK=on \
|
|
POETRY_HOME="/opt/poetry" \
|
|
POETRY_NO_INTERACTION=1 \
|
|
POETRY_VIRTUALENVS_IN_PROJECT=true \
|
|
VIRTUAL_ENV=/opt/.venv \
|
|
PATH="/opt/.venv/bin:$PATH"
|
|
|
|
# Install Poetry
|
|
RUN python -m venv $POETRY_HOME && \
|
|
$POETRY_HOME/bin/pip install poetry==1.4.1 && \
|
|
$POETRY_HOME/bin/poetry --version
|
|
|
|
WORKDIR /opt
|
|
COPY ./poetry.lock ./pyproject.toml ./
|
|
RUN $POETRY_HOME/bin/poetry install --only main --no-root && \
|
|
uwsgi --build-plugin https://github.com/Datadog/uwsgi-dogstatsd
|
|
|
|
# though we have kinto-remote-settings specified as a dependency in
|
|
# pyproject.toml, we have it configured to install in editable mode for local
|
|
# development. For building the container, we only install the "main"
|
|
# dependency group so that we can use pip to install the packages in
|
|
# non-editable mode
|
|
COPY ./kinto-remote-settings ./kinto-remote-settings
|
|
COPY version.json .
|
|
RUN pip install ./kinto-remote-settings
|
|
|
|
# We pull the Kinto Admin assets at the version specified in `kinto-admin/VERSION`.
|
|
FROM alpine:3 AS get-admin
|
|
WORKDIR /opt
|
|
COPY bin/pull-kinto-admin.sh .
|
|
COPY kinto-admin/ kinto-admin/
|
|
RUN ./pull-kinto-admin.sh
|
|
|
|
|
|
FROM python:3.12.7-slim AS production
|
|
|
|
ENV KINTO_INI=config/local.ini \
|
|
KINTO_ADMIN_ASSETS_PATH=/app/kinto-admin/build/ \
|
|
PATH="/opt/.venv/bin:$PATH" \
|
|
PORT=8888 \
|
|
PYTHONUNBUFFERED=1 \
|
|
VIRTUAL_ENV=/opt/.venv
|
|
|
|
COPY /bin/update_and_install_system_packages.sh /opt
|
|
RUN /opt/update_and_install_system_packages.sh \
|
|
# Needed for UWSGI
|
|
libxml2-dev \
|
|
# Needed for psycopg2
|
|
libpq-dev
|
|
|
|
COPY --from=compile $VIRTUAL_ENV $VIRTUAL_ENV
|
|
|
|
WORKDIR /app
|
|
RUN chown 10001:10001 /app && \
|
|
groupadd --gid 10001 app && \
|
|
useradd --no-create-home --uid 10001 --gid 10001 --home-dir /app app
|
|
COPY --chown=app:app . .
|
|
COPY --from=compile /opt/dogstatsd_plugin.so .
|
|
|
|
COPY --from=get-admin /opt/kinto-admin/build $KINTO_ADMIN_ASSETS_PATH
|
|
|
|
# Generate local key pair to simplify running without Autograph out of the box (see `config/testing.ini`)
|
|
RUN python -m kinto_remote_settings.signer.generate_keypair /app/ecdsa.private.pem /app/ecdsa.public.pem
|
|
|
|
EXPOSE $PORT
|
|
USER app
|
|
ENTRYPOINT ["./bin/run.sh"]
|
|
# Run uwsgi by default
|
|
CMD ["start"]
|
|
|
|
FROM production AS local
|
|
# create directories for volume mounts used in browser tests / local development
|
|
RUN mkdir -p -m 777 /app/mail && mkdir -p -m 777 /tmp/attachments
|