Mercurial > p > roundup > code

annotate scripts/Docker/Dockerfile @ 7637:d745a6eb0604

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
build: update python:3-alpine version Update the sha256 sum used to download the current 3-alpine version. Also abstracted it into a variable (argument) that is used in both the build and deployment images.
author John Rouillard <rouilj@ieee.org>
date Sun, 24 Sep 2023 00:29:45 -0400
parents 3f268f7157f3
children b9641ea5fee4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
1 # hadolint global ignore=DL3003
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
2 # build in root dir using:
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
3 #
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
4 # docker build -t roundup-app --rm -f scripts/Dockerfile .
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
5 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
6 # run using:
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
7 #
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
8 # docker run --rm -v /.../issue.tracker:/usr/src/app/tracker \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
9 # -p 9017:8080 roundup-app:latest
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
10
7637
d745a6eb0604 build: update python:3-alpine version
John Rouillard <rouilj@ieee.org>
parents: 7634
diff changeset
11 # parameterize the sha256 sum to pin version of python:3-alpine
d745a6eb0604 build: update python:3-alpine version
John Rouillard <rouilj@ieee.org>
parents: 7634
diff changeset
12 ARG SHA256=5d769f990397afbb2aca24b0655e404c0f2806d268f454b052e81e39d87abf42
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
13
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
14 # Global vars for all build stages
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
15 ARG VERBOSE=
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
16
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
17 # application directory
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
18 ARG appdir=/usr/src/app
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
19
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
20 # support roundup install from 'local' directory,
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
21 # 'pypi' to install latest final or version specified release
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
22 # from PyPI,
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
23 # 'pip_local' local directory using pip to install, or
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
24 # 'pip_sdist' to install dist/newest_version-tarball
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
25 ARG source=local
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
26
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
27 # Python version as a.b Used for installation directory and
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
28 # COPY from install dir in second stage.
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
29 ARG pythonversion=3.11
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
30
7637
d745a6eb0604 build: update python:3-alpine version
John Rouillard <rouilj@ieee.org>
parents: 7634
diff changeset
31 #FROM python:3-alpine via SHA256 sum
d745a6eb0604 build: update python:3-alpine version
John Rouillard <rouilj@ieee.org>
parents: 7634
diff changeset
32 FROM python@sha256:$SHA256 as build
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
33
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
34 # Inherit global values https://github.com/moby/moby/issues/37345
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
35 ARG appdir
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
36
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
37 WORKDIR $appdir
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
38
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
39 # Update to get security and other improvements;
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
40 RUN apk --no-cache upgrade
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
41
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
42 # Add packages needed to compile mysql, pgsql and other python modules.
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
43 # Can't use apk to add python packages as it installs 3.9 python version.
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
44 # g++ installs cc1plus needed by pip install
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
45 RUN apk --no-cache add \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
46 g++ \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
47 gcc \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
48 gpgme-dev \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
49 libxapian \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
50 linux-headers \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
51 make \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
52 musl-dev \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
53 mysql-dev \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
54 postgresql-dev \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
55 swig \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
56 xapian-core-dev
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
57
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
58 ARG pythonversion
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
59 # verify that pythonversion matches the one in the image.
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
60 RUN image_python_version=$(python -c 'import sys; print("%s.%s"%sys.version_info[0:2])'); \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
61 if [ "${pythonversion}" != "${image_python_version}" ]; then \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
62 printf "\n\n*****\npythonversion does not match.\n" ; \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
63 printf "Add:\n --build-arg=\"pythonversion=%s\"\nto docker build\n******\n\n" "${image_python_version}"; \
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
64 exit 1; \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
65 fi
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
66
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
67 # build xapian bindings:
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
68 # file with sphinx build dependencies to remove after build
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
69 # they are over 70MB of space.
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
70 COPY scripts/Docker/sphinxdeps.txt .
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
71
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
72 # suppress warning when running pip as root
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
73 ENV PIP_ROOT_USER_ACTION=ignore
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
74
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
75 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
76 ARG VERBOSE
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
77
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
78 RUN [ -z "${VERBOSE}" ] || set -xv; \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
79 CWD="$PWD" && \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
80 upgrades=$(python3 -m pip --no-cache --disable-pip-version-check \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
81 list --outdated | awk 'NR > 2 {print $1}'); \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
82 if [ -n "$upgrades" ]; then \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
83 echo "Pip updating $upgrades"; \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
84 python -m pip --no-cache --disable-pip-version-check \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
85 install -U $upgrades < /dev/null; \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
86 else \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
87 echo "Nothing to pip update"; \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
88 fi; \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
89 ls -l /usr/local/lib/python3.11/site-packages; \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
90 VER=$(apk list -I 'xapian-core-dev' | \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
91 sed 's/^xapian-core-dev-\([0-9.]*\)-.*/\1/') && \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
92 cd /tmp && \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
93 wget -q "https://oligarchy.co.uk/xapian/$VER/xapian-bindings-$VER.tar.xz" && \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
94 tar -Jxvf "xapian-bindings-$VER.tar.xz" && \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
95 cd "xapian-bindings-$VER/" && \
6686
2eadad009010 Remove sphinx 1.8.5 limit. Use current pipy version.
John Rouillard <rouilj@ieee.org>
parents: 6575
diff changeset
96 pip --no-cache-dir install sphinx && \
7040
60ea33643a01 Anchore Container Scan docker bulld is failing.
John Rouillard <rouilj@ieee.org>
parents: 6994
diff changeset
97 sed -i -e '/PYTHON3_SO=/s/distutils\.//g' \
60ea33643a01 Anchore Container Scan docker bulld is failing.
John Rouillard <rouilj@ieee.org>
parents: 6994
diff changeset
98 -e '/PYTHON3_SO=/s/"SO"/"EXT_SUFFIX"/g' configure && \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
99 ./configure --prefix=/usr/local --with-python3 --disable-documentation && \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
100 make && make install && \
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
101 pip uninstall --no-cache-dir -y sphinx && \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
102 pip uninstall --no-cache-dir -y -r "$CWD/sphinxdeps.txt" && \
7604
d117ddcb0ed1 Update dockerfile build: new python base image, reduce disk space use
John Rouillard <rouilj@ieee.org>
parents: 7530
diff changeset
103 rm -rf /usr/local/share/doc/xapian-bindings
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
104
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
105 # add requirements for pip here, e.g. Whoosh, gpg, zstd or other
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
106 # modules not installed in the base library.
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
107 # ignore warnings from pip to use virtualenv
6555
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
108 COPY scripts/Docker/requirements.txt .
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
109 RUN pip install --no-cache-dir -r requirements.txt
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
110
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
111 # copy the elements of the release directory to the docker image
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
112 COPY setup.py install/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
113 COPY doc install/doc/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
114 COPY frontends install/frontends/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
115 COPY locale install/locale/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
116 COPY roundup install/roundup/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
117 COPY share install/share/
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
118 # dist is optional so include README.txt so we don't get an error
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
119 COPY README.txt dist/* install/dist/
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
120
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
121 # verify source has one of two valid values then
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
122 # install in python3 standard directories from local copy
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
123 # or install in python3 standard directories from pypi using pip
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
124 # import from global/command line
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
125 ARG source
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
126
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
127 RUN [ -z "${VERBOSE}" ] || set -xv; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
128 case "$source" in \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
129 "local") \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
130 cd install && ./setup.py install;; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
131 "pypi"*) \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
132 version_spec=$( printf "%s" "$source" | \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
133 sed -ne 's/^pypi\([~=!<>].*\)/\1/p'); \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
134 pip install --no-cache-dir "roundup${version_spec}"; \
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
135 cp -ril /usr/local/lib/"python${pythonversion}"/site-packages/usr/local/share/* \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
136 /usr/local/share;; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
137 "pip_local") \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
138 cd install && \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
139 pip -V && \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
140 pip install --no-cache-dir . ;; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
141 "pip_sdist") \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
142 dist=$(find install/dist | sed -ne '/roundup-[0-9].*\.tar\.gz$/p' | tail -n 1); \
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
143 if [ -z "$dist" ] ; then \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
144 printf "Unable to find a source distribution file in dist\n"; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
145 printf "Exiting\n"; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
146 exit 1; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
147 fi; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
148 printf "Building with distribution: %s\n" "$dist"; \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
149 pip install --no-cache-dir "install/dist/$dist";; \
7441
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
150 *) \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
151 echo "invalid value for source: $source"; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
152 echo "must be local, pypi, pip_local or pip_sdist"; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
153 exit 1;; \
e7df82ae137d Cleanup docker before 2.3.0b1 release
John Rouillard <rouilj@ieee.org>
parents: 7330
diff changeset
154 esac
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
155
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
156 # Allow user to add more modules during build
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
157 ARG pip_mod
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
158 RUN if [ -n "$pip_mod" ]; then pip install --no-cache-dir ${pip_mod}; fi
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
159
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
160 # build a new smaller docker image for execution. Build image above
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
161 # is 1G in size.
7149
282ba72a5615 pin python image versions using sha256 sum
John Rouillard <rouilj@ieee.org>
parents: 7119
diff changeset
162 # FROM python:3-alpine
7637
d745a6eb0604 build: update python:3-alpine version
John Rouillard <rouilj@ieee.org>
parents: 7634
diff changeset
163 FROM python@sha256:$SHA256
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
164
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
165 # import from global
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
166 ARG appdir
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
167
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
168 WORKDIR $appdir
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
169
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
170 # suppress warning when running pip as root
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
171 ENV PIP_ROOT_USER_ACTION=ignore
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
172
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
173 # upgrade to get any security updates; bundle with
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
174 # rest of apk actions to reduce layers/wasted space
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
175 # add libraries needed to run gpg/mysql/pgsql/brotli
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
176 # clean out any caches to save space
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
177 # upgrade pip packages to get security and other updates
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
178 # bundle with apk updates
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
179 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
180 RUN apk --no-cache upgrade; \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
181 apk --no-cache add \
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
182 brotli-libs \
7308
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
183 dumb-init \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
184 gpgme \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
185 mariadb-connector-c \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
186 libpq \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
187 libstdc++ \
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
188 libxapian \
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
189 zstd-libs; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
190 upgrades=$(python3 -m pip --no-cache --disable-pip-version-check \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
191 list --outdated | awk 'NR > 2 {print $1}'); \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
192 if [ -n "$upgrades" ]; then \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
193 echo "Pip updating $upgrades"; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
194 python -m pip --no-cache --disable-pip-version-check \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
195 install -U $upgrades < /dev/null; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
196 else \
7634
3f268f7157f3 fix: hadolint fixups
John Rouillard <rouilj@ieee.org>
parents: 7604
diff changeset
197 echo "Nothing to pip update"; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
198 fi
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
199
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
200 ARG source
7517
207a7eca41ed Add labels for ARGS that can change as part of build.
John Rouillard <rouilj@ieee.org>
parents: 7496
diff changeset
201 ARG pythonversion
207a7eca41ed Add labels for ARGS that can change as part of build.
John Rouillard <rouilj@ieee.org>
parents: 7496
diff changeset
202 ARG pip_mod
7495
12674129a45c Dockerfile label updates, change version string in RELEASE.txt
John Rouillard <rouilj@ieee.org>
parents: 7491
diff changeset
203 LABEL "org.opencontainers.image.vendor"="Roundup Issue Tracker Team" \
12674129a45c Dockerfile label updates, change version string in RELEASE.txt
John Rouillard <rouilj@ieee.org>
parents: 7491
diff changeset
204 "org.opencontainers.image.title"="Roundup Issue Tracker" \
7517
207a7eca41ed Add labels for ARGS that can change as part of build.
John Rouillard <rouilj@ieee.org>
parents: 7496
diff changeset
205 "org.opencontainers.image.description"="Roundup Issue Tracker with multi-backend support installed via $source with python version $pythonversion" \
7530
ed2bc951277b Updates for 2.3.0 release.
John Rouillard <rouilj@ieee.org>
parents: 7517
diff changeset
206 "org.opencontainers.image.version"="2.3.0" \
7495
12674129a45c Dockerfile label updates, change version string in RELEASE.txt
John Rouillard <rouilj@ieee.org>
parents: 7491
diff changeset
207 "org.opencontainers.image.authors"="roundup-devel@lists.sourceforge.net" \
7496
ec738682874d Fix missing escaped newline.
John Rouillard <rouilj@ieee.org>
parents: 7495
diff changeset
208 "org.opencontainers.image.licenses"="MIT AND ZPL-2.0 AND Python-2.0" \
7517
207a7eca41ed Add labels for ARGS that can change as part of build.
John Rouillard <rouilj@ieee.org>
parents: 7496
diff changeset
209 "org.opencontainers.image.documentation"="https://www.roundup-tracker.org/docs/installation.html" \
207a7eca41ed Add labels for ARGS that can change as part of build.
John Rouillard <rouilj@ieee.org>
parents: 7496
diff changeset
210 "pip-modules"="$pip_mod"
7495
12674129a45c Dockerfile label updates, change version string in RELEASE.txt
John Rouillard <rouilj@ieee.org>
parents: 7491
diff changeset
211
6566
8f1fddb71422 Add maintainer address (via label) to rounduo-devel list.
John Rouillard <rouilj@ieee.org>
parents: 6555
diff changeset
212
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
213 ARG pythonversion
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
214 # pull over built assets
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
215 COPY --from=build /usr/local/lib/python${pythonversion}/site-packages /usr/local/lib/python${pythonversion}/site-packages/
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
216 COPY --from=build /usr/local/bin/roundup* /usr/local/bin/
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
217 COPY --from=build /usr/local/share /usr/local/share/
7604
d117ddcb0ed1 Update dockerfile build: new python base image, reduce disk space use
John Rouillard <rouilj@ieee.org>
parents: 7530
diff changeset
218 COPY scripts/Docker/roundup_start scripts/Docker/roundup_healthcheck ./
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
219
7308
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
220 # Do not run roundup as root. This creates roundup user and group.
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
221 ARG roundup_uid
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
222 RUN adduser -D -h ${appdir} -u ${roundup_uid:-1000} roundup
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
223
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
224 # make roundup scripts execuable and mount a trackerdir on tracker location
7308
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
225 RUN chmod +x roundup_start roundup_healthcheck; \
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
226 mkdir tracker; chown ${roundup_uid:-1000}:${roundup_uid:-1000} tracker
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
227 VOLUME $appdir/tracker
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
228
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
229 # map port 8080 to your local port
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
230 EXPOSE 8080/tcp
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
231
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
232 HEALTHCHECK --start-period=1m \
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
233 CMD ./roundup_healthcheck
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
234
7308
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
235 # switch to using roundup user
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
236 USER roundup
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
237
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
238 # run the server, disable output buffering so we can see logs.
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
239 ENV PYTHONUNBUFFERED=1
6555
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
240 #ENTRYPOINT [ "roundup-server", "-n", "0.0.0.0" ]
7308
24cbf3a41e8a Use dumb-init in Dockerfile; chown tracker directory to proper uid
John Rouillard <rouilj@ieee.org>
parents: 7305
diff changeset
241 ENTRYPOINT [ "/usr/bin/dumb-init", "./roundup_start" ]
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
242
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
243 # allow the invoker to override cmd with multiple trackers
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
244 # in each subdirectory under $appdir/tracker. E.G.
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
245 # docker run .... \
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
246 # issues=tracker/issues foo=tracker/foo
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
247 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
248 # note using "issue=$appdir/tracker" results in error:
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
249 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
250 # No valid configuration files found in directory /usr/src/app/$appdir/tracker
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
251 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
252 # so $appdir not expanded and $PWD prefixed onto the (relative path)
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
253 # $appdir/tracker. Hence use relative path for spec.
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
254 CMD [ "issues=tracker" ]
Roundup Issue Tracker: http://roundup-tracker.org/