diff --git a/backend/Dockerfile b/backend/Dockerfile index 4471fa7449c526ba121bb7f6c9dffa78b04c4fdb..46ab25a044674ce8134c7824ea61c7bf1211b3e7 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -12,22 +12,30 @@ COPY ./pyproject.toml ./poetry.lock* /tmp/ RUN poetry export -f requirements.txt --output requirements.txt --without-hashes -FROM python:3.11.4-slim-bookworm +FROM python:3.11.4-slim-bookworm as django RUN apt update -y && apt upgrade -y && apt install -y python3-dev libpq-dev cron RUN useradd -ms /bin/bash worker -USER worker +WORKDIR /code + +COPY docker-cron/clean.cron /etc/cron.d/clean-session -WORKDIR /code +RUN crontab -u worker /etc/cron.d/clean-session COPY --chown=worker:worker --from=requirements-stage /tmp/requirements.txt /code/requirements.txt +USER worker + RUN pip install --user --no-cache-dir --upgrade -r /code/requirements.txt COPY --chown=worker:worker . ./ -EXPOSE 8000 + +EXPOSE 8000 +# CMD ["service", "cron", "start"] CMD ["gunicorn", "--timeout", "120", "--bind", ":8000", "defense_finder_api.wsgi:application"] + + diff --git a/backend/docker-cron/clean.cron b/backend/docker-cron/clean.cron new file mode 100644 index 0000000000000000000000000000000000000000..ea15677e639c07d47e520f72be67bf03ef5e7a33 --- /dev/null +++ b/backend/docker-cron/clean.cron @@ -0,0 +1 @@ +*/5 * * * * python /code/manage.py clear-sessions-history diff --git a/deploy/charts/djangoninja/templates/deployment.yaml b/deploy/charts/djangoninja/templates/deployment.yaml index 7eb4b594be90f95b4d14745949f0fbe111fb2756..0b99bbed5107987a821d39493456ffc7ecc00841 100644 --- a/deploy/charts/djangoninja/templates/deployment.yaml +++ b/deploy/charts/djangoninja/templates/deployment.yaml @@ -93,6 +93,62 @@ spec: # name: server-static - mountPath: /uploaded-files name: uploaded-files + - name: "{{ .Chart.Name }}-cron" + + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - service + args: + - cron + - start + envFrom: + - configMapRef: + name: galaxy-config-map + env: + - name: DEBUG + value: "True" + - name: SECRET_KEY + value: {{ .Values.django.secret }} + - name: GALAXY_API_KEY + valueFrom: + secretKeyRef: + name: galaxy-secret + key: galaxy_key + - name: DF_HOSTNAME + value: {{ .Release.Name }} + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Values.postgresql.user }}.{{ .Values.postgresql.teamId }}-postgresql.credentials.postgresql.acid.zalan.do" + key: password + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: "{{ .Values.postgresql.user }}.{{ .Values.postgresql.teamId }}-postgresql.credentials.postgresql.acid.zalan.do" + key: username + - name: POSTGRES_DB + value: {{ .Values.postgresql.name }} + - name: DATABASE_URL + value: "psql://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@{{ .Values.postgresql.teamId }}-postgresql:5432/$(POSTGRES_DB)" + # livenessProbe: + # httpGet: + # path: / + # port: 8000 + # readinessProbe: + # httpGet: + # path: / + # port: 8000 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + # - mountPath: /code/public/static + # name: server-static + - mountPath: /uploaded-files + name: uploaded-files + {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }}