From c784694ffdfcd254e77deafd7ea2730e38076556 Mon Sep 17 00:00:00 2001 From: Bryan Brancotte <bryan.brancotte@pasteur.fr> Date: Wed, 16 Mar 2022 11:20:58 +0100 Subject: [PATCH] reduce lib installed, collect static during build * keep app and test related libs but remove sphinx and django-extensions related dependencies. * remove apache2-dev * collect static, and get ready to copy it on startup if needed to be serve by another container * gunicorn only reload when used in docker-compose * none root user * run migration on startup * copy static files to $STATIC_ROOT_ON_STARTUP_COPY when mounted --- docker-compose.yaml | 5 ++++- ippisite/Dockerfile | 41 +++++++++++++++++------------------ ippisite/docker-entrypoint.sh | 36 ++++++++++++++++++++++++++++++ ippisite/ippisite/settings.py | 2 +- ippisite/requirements-dev.txt | 4 ---- ippisite/requirements.txt | 9 +++++--- 6 files changed, 67 insertions(+), 30 deletions(-) create mode 100644 ippisite/docker-entrypoint.sh diff --git a/docker-compose.yaml b/docker-compose.yaml index 18f53298..93f97e77 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -21,13 +21,16 @@ services: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=postgres - POSTGRES_HOST=db + entrypoint: /docker-entrypoint.sh + command: gunicorn --reload --reload-engine inotify ippisite.wsgi -b 0.0.0.0:8000 volumes: - ./ippisite:/code # for dev purpose only !!! ports: - - "8000:8000" + - "8095:8000" depends_on: - db + volumes: ippidb-dev-db-data: diff --git a/ippisite/Dockerfile b/ippisite/Dockerfile index 8eaf11f1..530586f8 100644 --- a/ippisite/Dockerfile +++ b/ippisite/Dockerfile @@ -1,37 +1,36 @@ FROM python:3.9 -RUN apt-get update \ +EXPOSE 8000 +ENV PYTHONPATH "${PYTHONPATH}:/usr/lib/python3/dist-packages" +ENV PYTHONUNBUFFERED 1 + +RUN addgroup --gid 1001 kiwi \ + && adduser --disabled-password --gecos '' --uid 1001 --gid 1001 kiwi \ + && apt-get update \ && apt-get install -y \ nano \ wget \ gettext \ python3-dev \ - cron \ - apache2-dev \ + python3-openbabel \ && rm -rf /var/lib/apt/lists/* \ - && python -m pip install --upgrade pip -RUN python -m pip install --upgrade pip setuptools - -RUN apt-get update && apt-get install -y python3-openbabel -ENV PYTHONPATH "${PYTHONPATH}:/usr/lib/python3/dist-packages" - - -ENV PYTHONUNBUFFERED 1 -EXPOSE 8000 -RUN mkdir /code + && python -m pip install --upgrade pip setuptools \ + && mkdir /code WORKDIR /code -COPY requirements.txt /code/ +COPY requirements*.txt /code/ RUN pip install -r requirements.txt +# && pip install -r requirements-dev.txt -COPY . /code/ +COPY ./*-entrypoint.sh / +RUN chmod a+x /*-entrypoint.sh -#WORKDIR /code -#RUN python manage.py migrate +COPY . /code/ -RUN apt-get install -y libgraphviz-dev -COPY requirements-dev.txt /code/ -RUN python -m pip install -r requirements-dev.txt +ENV STATIC_ROOT /static_root +ENV STATIC_ROOT_ON_STARTUP_COPY="/tmp${STATIC_ROOT}_on_startup_copy" +RUN python manage.py collectstatic --noinput +CMD ["gunicorn", "--bind", ":8000", "config.wsgi:application"] -CMD ["gunicorn", "--reload", "--reload-engine", "inotify", "--bind", ":8000", "ippisite.wsgi:application"] +USER kiwi \ No newline at end of file diff --git a/ippisite/docker-entrypoint.sh b/ippisite/docker-entrypoint.sh new file mode 100644 index 00000000..d0971436 --- /dev/null +++ b/ippisite/docker-entrypoint.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +function msg_info { + echo -e "\033[1;32m$1\033[0m" +} + +function msg_warning { + echo -e "\033[1;33m$1\033[0m" +} + +function msg_error { + echo -e "\033[1;31m$1\033[0m" +} + +cd /code + +if [ "$1" == "hold_on" ]; then + msg_info "holding on util you delete /tmp/hold_on" + touch /tmp/hold_on + while [ -e "/tmp/hold_on" ]; do + sleep 1 ; + echo "holding on" ; + done +fi + +msg_info "Applying database migrations" +python manage.py migrate || exit 4 + +if [ -e $STATIC_ROOT_ON_STARTUP_COPY ]; then + msg_info "Copying static files to $STATIC_ROOT_ON_STARTUP_COPY" + cp -rf ${STATIC_ROOT}/* ${STATIC_ROOT_ON_STARTUP_COPY} || exit 6 +else + msg_info "$STATIC_ROOT_ON_STARTUP_COPY absent, cannot copy static files on startup to this directory" +fi + +exec "$@" diff --git a/ippisite/ippisite/settings.py b/ippisite/ippisite/settings.py index 221035d0..87706945 100644 --- a/ippisite/ippisite/settings.py +++ b/ippisite/ippisite/settings.py @@ -52,7 +52,7 @@ INSTALLED_APPS = [ "live_settings", "formtools", "debug_toolbar", - "mod_wsgi.server", + # "mod_wsgi.server", "django.contrib.sites", "allauth", "allauth.account", diff --git a/ippisite/requirements-dev.txt b/ippisite/requirements-dev.txt index dc664a18..41d6b594 100644 --- a/ippisite/requirements-dev.txt +++ b/ippisite/requirements-dev.txt @@ -8,10 +8,6 @@ sphinx sphinx-argparse sphinx_rtd_theme sphinxcontrib-bibtex -# coverage -coverage -# tests -parameterized # dependencies to generate graph models using django-extensions pygraphviz pydot diff --git a/ippisite/requirements.txt b/ippisite/requirements.txt index 650332e4..4f62602d 100644 --- a/ippisite/requirements.txt +++ b/ippisite/requirements.txt @@ -1,5 +1,3 @@ -# modwsgi -mod-wsgi # django and extensions Django django-extensions @@ -39,4 +37,9 @@ git+https://gitlab.pasteur.fr/hub/django-biodblinks.git#egg=django-biodblinks==0 cryptography # gunicorn inotify -gunicorn \ No newline at end of file +gunicorn +# coverage +coverage +# tests +parameterized +# End of file \ No newline at end of file -- GitLab