Sign upLogin

svthalia/concrexit

View on GitHub
Star
infra/concrexit/Dockerfile

Summary

Maintainability
Test Coverage
FROM python:3.11-alpine AS base

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    DJANGO_ENV=production \
    TZ=Europe/Amsterdam

WORKDIR /app


FROM base as build-venv
# This stage installs the dependencies that need to be installed in the final image.

ENV PIP_DISABLE_PIP_VERSION_CHECK=1 \
    PIP_NO_CACHE_DIR=1

RUN pip install "poetry==1.8.2" && pip install --upgrade setuptools

RUN --mount=type=cache,target=/var/cache/apk \
    apk update && apk add  \
    build-base libpq-dev jpeg-dev zlib-dev libwebp-dev libmagic

RUN  python -m venv /venv
ENV PATH=/venv/bin:$PATH \
    VIRTUAL_ENV=/venv

COPY pyproject.toml poetry.lock ./

RUN poetry install --only main --only postgres

ARG WITH_DEV
RUN if [ "$WITH_DEV" = "1" ]; then poetry install --only dev --only scss; fi


FROM python:3.11-slim-bookworm as build-scss
# This stage builds the SASS, using dependencies that are not needed in the final image.
ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    DJANGO_ENV=production \
    TZ=Europe/Amsterdam

WORKDIR /app

ENV PIP_DISABLE_PIP_VERSION_CHECK=1 \
    PIP_NO_CACHE_DIR=1

RUN pip install "poetry==1.8.2" && pip install --upgrade setuptools


RUN --mount=type=cache,target=/var/cache/apt \
    apt-get update && apt-get install -y --no-install-recommends  \
    build-essential libpq-dev libmagic1

RUN  python -m venv /venv
ENV PATH=/venv/bin:$PATH \
    VIRTUAL_ENV=/venv

COPY pyproject.toml poetry.lock ./

RUN poetry install --only main  --only postgres --only scss

COPY website /app/website

RUN MANAGE_PY=1 /venv/bin/python /app/website/manage.py compilescss


FROM base as final
# The final image, with only the dependencies needed in production, and compiled SASS.

EXPOSE 8000

VOLUME [ "/volumes/media", "/volumes/static" ]

ENV PATH=/venv/bin:$PATH \
    MEDIA_ROOT="/volumes/media" \
    STATIC_ROOT="/volumes/static" \
    SENDFILE_ROOT="/volumes/media"

# Install runtime dependencies.
RUN --mount=type=cache,target=/var/cache/apk\
    apk update && apk add \
    postgresql-client jpeg-dev zlib-dev libwebp-dev libmagic runuser


COPY infra/concrexit/server-entrypoint.sh /app/server-entrypoint.sh
COPY infra/concrexit/worker-entrypoint.sh /app/worker-entrypoint.sh
COPY infra/concrexit/gunicorn.conf.py /app/gunicorn.conf.py

# CMD can be set to /app/worker-entrypoint.sh for a celery worker container.
CMD [ "/app/server-entrypoint.sh" ]

COPY --from=build-venv /venv /venv
COPY --from=build-scss /app/website /app/website
WORKDIR /app/website

RUN adduser --system --uid 5678 appuser

# Persist the SOURCE_COMMIT build argument as
# environment variable in the resulting image.
ARG SOURCE_COMMIT
ENV SOURCE_COMMIT=${SOURCE_COMMIT}