From 6c5a91f6e855a384a273557f147780cf20d75216 Mon Sep 17 00:00:00 2001 From: SeSo Date: Fri, 3 Jan 2025 14:23:50 -0800 Subject: [PATCH 1/2] chore: test docker image optimization Signed-off-by: SeSo --- bc_obps/Dockerfile | 52 +++++++++++++++++++++++++++++++++------------- 1 file changed, 38 insertions(+), 14 deletions(-) diff --git a/bc_obps/Dockerfile b/bc_obps/Dockerfile index 2f9712867d..b8e6a9b2c2 100644 --- a/bc_obps/Dockerfile +++ b/bc_obps/Dockerfile @@ -1,5 +1,5 @@ -# Use an official Python runtime as a parent image -FROM python:3.12.3 AS main +# Stage 1: Build stage +FROM python:3.12.3 AS builder # Install system dependencies and clean up RUN apt-get update && \ @@ -10,21 +10,14 @@ RUN apt-get update && \ # Set environment variables ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 \ - USER_ID=1001 \ HOME=/root WORKDIR ${HOME} -# Make everything in the home group-writable to support OpenShift's restricted SCC -# Needs to be done as root to chown -RUN useradd -ms /bin/bash -d ${HOME} --uid ${USER_ID} -g root bc_obps - -COPY ./ ${HOME}/ # Install asdf RUN git clone https://github.com/asdf-vm/asdf.git ${HOME}/asdf --depth 1 --branch v0.11.2 ENV BASH_ENV="${HOME}/asdf/asdf.sh" -# Because asdf is loaded via BASH_ENV, all commands using adsf need to be executed using /usr/bin/env bash -c SHELL ["/usr/bin/env", "bash", "-c"] RUN sed -i -nr '/python|poetry/p' ${HOME}/.tool-versions && \ @@ -39,14 +32,45 @@ ENV PATH="${HOME}/.asdf/installs/poetry/1.8.1/bin:${PATH}" # Configuring poetry to behave properly with asdf RUN poetry config virtualenvs.prefer-active-python true +# Copy project files +COPY ./ ${HOME}/ + +# Install project dependencies using Poetry +RUN poetry install --without dev + +# Stage 2: Production stage +FROM python:3.12.3 AS main + +# Install system dependencies and clean up +RUN apt-get update && \ + apt-get upgrade -y && \ + apt-get install -y curl build-essential && \ + apt-get clean + +# Set environment variables +ENV PYTHONDONTWRITEBYTECODE=1 \ + PYTHONUNBUFFERED=1 \ + USER_ID=1001 \ + HOME=/root + +WORKDIR ${HOME} + +# Copy only necessary files from the build stage +COPY --from=builder ${HOME}/.venv ${HOME}/.venv +COPY ./ ${HOME}/ + # Change ownership and permissions -RUN chown -R bc_obps:0 ${HOME} && \ +RUN chown -R ${USER_ID}:0 ${HOME} && \ chmod -R g+rwX ${HOME} -# Expose the port your Django application will run on (change as needed) +# Add virtual environment to PATH +ENV PATH="${HOME}/.venv/bin:${PATH}" + +# Expose the port your Django application will run on EXPOSE 8000 -# Install project dependencies using Poetry -RUN poetry install --without dev +# Switch to non-root user USER ${USER_ID} -CMD ["/usr/bin/env", "bash", "-c", "poetry run python manage.py collectstatic --noinput && poetry run python manage.py custom_migrate && poetry run gunicorn --access-logfile - bc_obps.wsgi:application --timeout 200 --workers 3 --bind '0.0.0.0:8000'"] + +# Command to run the application +CMD ["/usr/bin/env", "bash", "-c", "python manage.py collectstatic --noinput && python manage.py custom_migrate && gunicorn --access-logfile - bc_obps.wsgi:application --timeout 200 --workers 3 --bind '0.0.0.0:8000'"] From e4a2c4c35a5535010ad607adba96568ec7e84bd9 Mon Sep 17 00:00:00 2001 From: SeSo Date: Fri, 3 Jan 2025 14:34:44 -0800 Subject: [PATCH 2/2] chore: test docker image optimization Signed-off-by: SeSo --- bc_obps/Dockerfile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/bc_obps/Dockerfile b/bc_obps/Dockerfile index b8e6a9b2c2..f0e3f412fc 100644 --- a/bc_obps/Dockerfile +++ b/bc_obps/Dockerfile @@ -20,7 +20,15 @@ RUN git clone https://github.com/asdf-vm/asdf.git ${HOME}/asdf --depth 1 --branc ENV BASH_ENV="${HOME}/asdf/asdf.sh" SHELL ["/usr/bin/env", "bash", "-c"] +# Source asdf +RUN echo '. ${HOME}/asdf/asdf.sh' >> ${HOME}/.bashrc && \ + echo '. ${HOME}/asdf/completions/asdf.bash' >> ${HOME}/.bashrc + +RUN echo -e "python 3.12.3\npoetry 1.8.1" > ${HOME}/.tool-versions + +# Install plugins and tools RUN sed -i -nr '/python|poetry/p' ${HOME}/.tool-versions && \ + . ${HOME}/asdf/asdf.sh && \ cat ${HOME}/.tool-versions | cut -f 1 -d ' ' | xargs -n 1 asdf plugin-add && \ asdf plugin-update --all && \ asdf install && \ @@ -29,8 +37,10 @@ RUN sed -i -nr '/python|poetry/p' ${HOME}/.tool-versions && \ # Add Poetry's bin directory to PATH ENV PATH="${HOME}/.asdf/installs/poetry/1.8.1/bin:${PATH}" -# Configuring poetry to behave properly with asdf -RUN poetry config virtualenvs.prefer-active-python true +# Initialize Poetry +RUN . ${HOME}/asdf/asdf.sh && \ + poetry config virtualenvs.prefer-active-python true && \ + poetry config virtualenvs.in-project true # Copy project files COPY ./ ${HOME}/