-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
160 lines (113 loc) · 3.93 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
ARG NGINX_IMAGE_NAME=fundocker/openshift-nginx
ARG NGINX_IMAGE_TAG=1.24.0
ARG STATIC_ROOT=/data/static
ARG SITE=nau
# The ID of the user running in the container
ARG DOCKER_USER=10000
# ---- base image to inherit from ----
FROM python:3.11-bookworm as base
# ---- front-end builder image ----
FROM node:20.13 as front-builder
ARG SITE
# Copy frontend app sources
COPY ./sites/${SITE}/src/frontend /builder/src/frontend
WORKDIR /builder/src/frontend
RUN yarn install --frozen-lockfile && \
yarn compile-translations && \
yarn build-ts-production && \
yarn build-sass-production
# ---- back-end builder image ----
FROM base as back-builder
ARG SITE
WORKDIR /builder
# Copy required python dependencies
COPY ./sites/${SITE}/requirements/base.txt /builder/requirements.txt
# Upgrade pip to its latest release to speed up dependencies installation
RUN pip install --upgrade pip
RUN mkdir /install && \
pip install --prefix=/install -r requirements.txt
# ---- Core application image ----
FROM base as core
ARG SITE
# Install gettext
RUN apt-get update && \
apt-get install -y \
gettext && \
rm -rf /var/lib/apt/lists/*
# Copy installed python dependencies
COPY --from=back-builder /install /usr/local
# Copy runtime-required files
COPY ./sites/${SITE}/src/backend /app/
COPY ./docker/files/usr/local/bin/entrypoint /usr/local/bin/entrypoint
# Copy distributed application's statics
COPY --from=front-builder /builder/src/backend/base/static/richie /app/base/static/richie
WORKDIR /app
# Make sure .mo files are up-to-date
RUN mkdir -p locale && python manage.py compilemessages
# Gunicorn
RUN mkdir -p /usr/local/etc/gunicorn
COPY ./docker/files/usr/local/etc/gunicorn/app.py /usr/local/etc/gunicorn/app.py
# Give the "root" group the same permissions as the "root" user on /etc/passwd
# to allow a user belonging to the root group to add new users; typically the
# docker user (see entrypoint).
RUN chmod g=u /etc/passwd
# We wrap commands run in this container by the following entrypoint that
# creates a user on-the-fly with the container user ID (see USER) and root group
# ID.
ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
# ---- Static files/links collector ----
FROM core as collector
ARG STATIC_ROOT
# Install rdfind
RUN apt-get update && \
apt-get install -y \
rdfind && \
rm -rf /var/lib/apt/lists/*
# Collect static files
RUN python manage.py collectstatic --noinput
# Replace duplicated file by a symlink to decrease the overall size of the
# final image
RUN rdfind -makesymlinks true ${STATIC_ROOT}
# ---- Development image ----
FROM core as development
ARG SITE
# Copy required python dependencies
COPY ./sites/${SITE}/requirements/dev.txt /tmp/requirements.txt
# Install development dependencies
RUN pip install -r /tmp/requirements.txt
# Un-privileged user running the application
ARG DOCKER_USER
USER ${DOCKER_USER}
# Run django development server
CMD python manage.py runserver 0.0.0.0:8000
# ---- Production image ----
FROM core as production
ARG DOCKER_USER
ARG SITE
ARG STATIC_ROOT
ENV SITE=${SITE}
# Install wait-for-it
RUN apt-get update && \
apt-get install -y \
wait-for-it && \
rm -rf /var/lib/apt/lists/*
# Copy collected symlinks to static files
COPY --from=collector ${STATIC_ROOT}/staticfiles.json ${STATIC_ROOT}/
# Un-privileged user running the application
USER ${DOCKER_USER}
# The default command runs gunicorn WSGI server in the sandbox
CMD gunicorn -c /usr/local/etc/gunicorn/app.py ${SITE}.wsgi:application
# ---- Nginx ----
FROM ${NGINX_IMAGE_NAME}:${NGINX_IMAGE_TAG} as nginx
ARG STATIC_ROOT
RUN mkdir -p ${STATIC_ROOT}
COPY --from=collector ${STATIC_ROOT} ${STATIC_ROOT}
# Install awscli to send static assets to S3 Bucket
RUN cd / && \
apt update && \
apt install unzip && \
rm -rf /var/lib/apt/lists/* && \
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
unzip awscliv2.zip && \
./aws/install && \
rm -r aws awscliv2.zip