Mercurial > p > roundup > code

annotate scripts/Docker/Dockerfile @ 7237:f636acd7d63c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hadolint fixes/best practices added Enable -o pipefail for RUN commands with pipes so any errors in the pipeline cause a failure. use wget -q to reduce log size for large file downloads. Run all apk with --no-cache so I don't need to remove /var/cache/apk/*. Quote variables in RUN shell scripts unless they need to be expanded. Don't use direct variable substitution in printf. Update comment for installing python packages using apk. Remove --use-feature=in-tree-build from local_pip pip command. This feature is the default with newer pips and is now an error if used.
author John Rouillard <rouilj@ieee.org>
date Thu, 30 Mar 2023 19:35:08 -0400
parents 282ba72a5615
children bb070f559a80
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
1 # hadolint global ignore=DL3003
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
2 # build in root dir using:
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
3 #
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
4 # docker build -t roundup-app --rm -f scripts/Dockerfile .
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
5 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
6 # run using:
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
7 #
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
8 # docker run --rm -v /.../issue.tracker:/usr/src/app/tracker \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
9 # -p 9017:8080 roundup-app:latest
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
10
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
11
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
12 # Global vars for all build stages
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
13
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
14 # application directory
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
15 ARG appdir=/usr/src/app
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
16
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
17 # support roundup install from 'local' directory,
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
18 # 'local_pip' local directory using pip to install or
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
19 # latest release from 'pypi'
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
20 ARG source=local
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
21
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
22 # Python version as a.b Used for installation directory and
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
23 # COPY from install dir in second stage.
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
24 ARG pythonversion=3.11
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
25
7149
282ba72a5615 pin python image versions using sha256 sum
John Rouillard <rouilj@ieee.org>
parents: 7119
diff changeset
26 #FROM python:3-alpine
282ba72a5615 pin python image versions using sha256 sum
John Rouillard <rouilj@ieee.org>
parents: 7119
diff changeset
27 FROM python@sha256:1c7b5a998076ab7aa0a8745ab1461441a5bdc61e366985b9bfe3f4044c2b4503 as build
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
28
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
29 # Inherit global values https://github.com/moby/moby/issues/37345
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
30 ARG appdir
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
31
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
32 WORKDIR $appdir
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
33
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
34 # Update to get security and other improvements;
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
35 RUN apk --no-cache upgrade
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
36
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
37 # Add packages needed to compile mysql, pgsql and other python modules.
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
38 # Can't use apk to add python packages as it installs 3.9 python version.
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
39 # g++ installs cc1plus needed by pip install
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
40 RUN apk --no-cache add \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
41 g++ \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
42 gcc \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
43 gpgme-dev \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
44 libxapian \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
45 linux-headers \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
46 make \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
47 musl-dev \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
48 mysql-dev \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
49 postgresql-dev \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
50 swig \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
51 xapian-core-dev
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
52
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
53 ARG pythonversion
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
54 # verify that pythonversion matches the one in the image.
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
55 RUN image_python_version=$(python -c 'import sys; print("%s.%s"%sys.version_info[0:2])'); \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
56 if [ "${pythonversion}" != "${image_python_version}" ]; then \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
57 printf "\n\n*****\npythonversion does not match.\n" ; \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
58 printf "Add:\n --build-arg=\"pythonversion=%s\"\nto docker build\n******\n\n" "${image_python_version}"; \
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
59 exit 1; \
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
60 fi
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
61
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
62 # build xapian bindings:
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
63 # file with sphinx build dependencies to remove after build
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
64 # they are over 70MB of space.
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
65 COPY scripts/Docker/sphinxdeps.txt .
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
66
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
67 # suppress warning when running pip as root
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
68 ENV PIP_ROOT_USER_ACTION=ignore
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
69
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
70 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
71 RUN set -xv && CWD=$PWD && \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
72 upgrades=$(python3 -m pip --no-cache --disable-pip-version-check \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
73 list --outdated | awk 'NR > 2 {print $1}'); \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
74 if [ -n "$upgrades" ]; then \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
75 echo "Pip updating $upgrades"; \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
76 python -m pip --no-cache --disable-pip-version-check \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
77 install -U $upgrades < /dev/null; \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
78 else \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
79 echo Nothing to pip update; \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
80 fi; \
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
81 ls -l /usr/local/lib/python3.11/site-packages; \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
82 VER=$(apk list -I 'xapian-core-dev' | \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
83 sed 's/^xapian-core-dev-\([0-9.]*\)-.*/\1/') && \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
84 cd /tmp && \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
85 wget -q "https://oligarchy.co.uk/xapian/$VER/xapian-bindings-$VER.tar.xz" && \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
86 tar -Jxvf "xapian-bindings-$VER.tar.xz" && \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
87 cd xapian-bindings-$VER/ && \
6686
2eadad009010 Remove sphinx 1.8.5 limit. Use current pipy version.
John Rouillard <rouilj@ieee.org>
parents: 6575
diff changeset
88 pip --no-cache-dir install sphinx && \
7040
60ea33643a01 Anchore Container Scan docker bulld is failing.
John Rouillard <rouilj@ieee.org>
parents: 6994
diff changeset
89 sed -i -e '/PYTHON3_SO=/s/distutils\.//g' \
60ea33643a01 Anchore Container Scan docker bulld is failing.
John Rouillard <rouilj@ieee.org>
parents: 6994
diff changeset
90 -e '/PYTHON3_SO=/s/"SO"/"EXT_SUFFIX"/g' configure && \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
91 ./configure --prefix=/usr/local --with-python3 --disable-documentation && \
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
92 make && make install && \
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
93 pip uninstall --no-cache-dir -y sphinx && \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
94 pip uninstall --no-cache-dir -y -r $CWD/sphinxdeps.txt
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
95
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
96 # add requirements for pip here, e.g. Whoosh, gpg, zstd or other
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
97 # modules not installed in the base library.
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
98 # ignore warnings from pip to use virtualenv
6555
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
99 COPY scripts/Docker/requirements.txt .
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
100 RUN pip install --no-cache-dir -r requirements.txt
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
101
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
102 # copy the elements of the release directory to the docker image
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
103 COPY setup.py install/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
104 COPY doc install/doc/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
105 COPY frontends install/frontends/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
106 COPY locale install/locale/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
107 COPY roundup install/roundup/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
108 COPY share install/share/
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
109
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
110 # verify source has one of two valid values then
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
111 # install in python3 standard directories from local copy
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
112 # or install in python3 standard directories from pypi using pip
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
113 # import from global/command line
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
114 ARG source
6527
5ad7fb912227 issue2551167 - update wheel support.
John Rouillard <rouilj@ieee.org>
parents: 6523
diff changeset
115 RUN set -xv && if [ "$source" = "local" ] || \
5ad7fb912227 issue2551167 - update wheel support.
John Rouillard <rouilj@ieee.org>
parents: 6523
diff changeset
116 [ "$source" = "pypi" ] || \
5ad7fb912227 issue2551167 - update wheel support.
John Rouillard <rouilj@ieee.org>
parents: 6523
diff changeset
117 [ "$source" = "local_pip" ]; then :; \
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
118 else echo "invalid value for source: $source"; \
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
119 echo "must be local or pypi"; exit 1; fi; \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
120 if [ "$source" = "local" ]; then cd install && ./setup.py install; fi; \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
121 if [ "$source" = "local_pip" ]; then cd install && \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
122 pip -V && \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
123 pip install --no-cache-dir . ; \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
124 fi; \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
125 if [ "$source" = "pypi" ]; then pip install --no-cache-dir roundup; \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
126 cp -ril /usr/local/lib/"python${pythonversion}"/site-packages/usr/local/share/* \
6523
49d26e77d173 issue2551163 Docker/containerization support - pypi fix
John Rouillard <rouilj@ieee.org>
parents: 6522
diff changeset
127 /usr/local/share; fi
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
128
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
129 # Allow user to add more modules during build
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
130 ARG pip_mod
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
131 RUN if [ -n "$pip_mod" ]; then pip install --no-cache-dir ${pip_mod}; fi
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
132
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
133 # build a new smaller docker image for execution. Build image above
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
134 # is 1G in size.
7149
282ba72a5615 pin python image versions using sha256 sum
John Rouillard <rouilj@ieee.org>
parents: 7119
diff changeset
135 # FROM python:3-alpine
282ba72a5615 pin python image versions using sha256 sum
John Rouillard <rouilj@ieee.org>
parents: 7119
diff changeset
136 FROM python@sha256:1c7b5a998076ab7aa0a8745ab1461441a5bdc61e366985b9bfe3f4044c2b4503
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
137
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
138 # import from global
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
139 ARG appdir
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
140
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
141 WORKDIR $appdir
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
142
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
143 # suppress warning when running pip as root
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
144 ENV PIP_ROOT_USER_ACTION=ignore
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
145
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
146 # upgrade to get any security updates; bundle with
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
147 # rest of apk actions to reduce layers/wasted space
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
148 # add libraries needed to run gpg/mysql/pgsql/brotli
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
149 # clean out any caches to save space
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
150 # upgrade pip packages to get security and other updates
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
151 # bundle with apk updates
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
152 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
153 RUN apk --no-cache upgrade; \
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
154 apk --no-cache add \
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
155 brotli-libs \
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
156 gpgme \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
157 mariadb-connector-c \
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
158 libpq \
6575
c3c636feace3 Ass support for xapian indexer.
John Rouillard <rouilj@ieee.org>
parents: 6566
diff changeset
159 libstdc++ \
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
160 libxapian \
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
161 zstd-libs; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
162 upgrades=$(python3 -m pip --no-cache --disable-pip-version-check \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
163 list --outdated | awk 'NR > 2 {print $1}'); \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
164 if [ -n "$upgrades" ]; then \
7237
f636acd7d63c hadolint fixes/best practices added
John Rouillard <rouilj@ieee.org>
parents: 7149
diff changeset
165 echo "Pip updating $upgrades"; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
166 python -m pip --no-cache --disable-pip-version-check \
7119
59908110ccc9 More changes to remove stragglers of old setuptools.
John Rouillard <rouilj@ieee.org>
parents: 7117
diff changeset
167 install -U $upgrades < /dev/null; \
7117
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
168 else \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
169 echo Nothing to pip update; \
9f3ca362a415 pip update outdated packages
John Rouillard <rouilj@ieee.org>
parents: 7042
diff changeset
170 fi
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
171
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
172 ARG source
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
173 LABEL "org.roundup-tracker.vendor"="Roundup Issue Tracker Team" \
6994
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
174 "org.roundup-tracker.description"="Roundup Issue Tracker multi-backend" \
4336e655b2be Update packages in docker image; supress pip warning; improve cache
John Rouillard <rouilj@ieee.org>
parents: 6797
diff changeset
175 "version"="2.2.0 $source" \
6566
8f1fddb71422 Add maintainer address (via label) to rounduo-devel list.
John Rouillard <rouilj@ieee.org>
parents: 6555
diff changeset
176 "org.opencontainers.image.authors"="roundup-devel@lists.sourceforge.net"
8f1fddb71422 Add maintainer address (via label) to rounduo-devel list.
John Rouillard <rouilj@ieee.org>
parents: 6555
diff changeset
177
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
178 ARG pythonversion
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
179 # pull over built assets
7042
031cdb92fa1d Replace hardcoded python version with ARG variable
John Rouillard <rouilj@ieee.org>
parents: 7041
diff changeset
180 COPY --from=build /usr/local/lib/python${pythonversion}/site-packages /usr/local/lib/python${pythonversion}/site-packages/
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
181 COPY --from=build /usr/local/bin/roundup* /usr/local/bin/
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
182 COPY --from=build /usr/local/share /usr/local/share/
6555
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
183 COPY scripts/Docker/roundup_start .
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
184 COPY scripts/Docker/roundup_healthcheck .
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
185
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
186 # make roundup scripts execuable and mount a trackerdir on tracker location
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
187 RUN chmod +x roundup_start roundup_healthcheck; mkdir tracker
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
188 VOLUME $appdir/tracker
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
189
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
190 # map port 8080 to your local port
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
191 EXPOSE 8080/tcp
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
192
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
193 HEALTHCHECK --start-period=1m \
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
194 CMD ./roundup_healthcheck
6530
6bf22b7b23fe Add local_pip source and add healthcheck.
John Rouillard <rouilj@ieee.org>
parents: 6527
diff changeset
195
6686
2eadad009010 Remove sphinx 1.8.5 limit. Use current pipy version.
John Rouillard <rouilj@ieee.org>
parents: 6575
diff changeset
196 # do not run roundup as root. This creates roundup user and group.
6797
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
197 ARG roundup_uid
a24ec63759f6 Docker fix healthcheck; allow modules; cleanup; set uid
John Rouillard <rouilj@ieee.org>
parents: 6686
diff changeset
198 RUN adduser -D -h ${appdir} -u ${roundup_uid:-1000} roundup
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
199 USER roundup
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
200
6522
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
201 # run the server, disable output buffering so we can see logs.
e6ae8188f61a issue2551163 Docker/containerization support
John Rouillard <rouilj@ieee.org>
parents: 6520
diff changeset
202 ENV PYTHONUNBUFFERED=1
6555
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
203 #ENTRYPOINT [ "roundup-server", "-n", "0.0.0.0" ]
34cbd0e633d2 Added FastCGI deployment info, updated Docker docs; docker-compose added
John Rouillard <rouilj@ieee.org>
parents: 6530
diff changeset
204 ENTRYPOINT [ "./roundup_start" ]
6520
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
205
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
206 # allow the invoker to override cmd with multiple trackers
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
207 # in each subdirectory under $appdir/tracker. E.G.
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
208 # docker run .... \
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
209 # issues=tracker/issues foo=tracker/foo
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
210 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
211 # note using "issue=$appdir/tracker" results in error:
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
212 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
213 # No valid configuration files found in directory /usr/src/app/$appdir/tracker
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
214 #
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
215 # so $appdir not expanded and $PWD prefixed onto the (relative path)
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
216 # $appdir/tracker. Hence use relative path for spec.
26babdf85067 issue2551163 - add starter docker
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
217 CMD [ "issues=tracker" ]
Roundup Issue Tracker: http://roundup-tracker.org/