From 8990b0e76e28cc4dae2602fa1fcd0884bc01c0b6 Mon Sep 17 00:00:00 2001 From: zubairshakoorarbisoft Date: Thu, 22 Sep 2022 15:30:44 +0500 Subject: [PATCH] feat!: enhance local Dockerfile to use with devstack too --- .dockerignore | 1 + .github/workflows/push-docker-images.yml | 49 ++++++++++++++++++ Dockerfile | 63 ++++++++++++++---------- requirements/pip-tools.txt | 6 ++- requirements/travis.txt | 11 +++++ 5 files changed, 103 insertions(+), 27 deletions(-) create mode 100644 .dockerignore create mode 100644 .github/workflows/push-docker-images.yml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..94143827 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +Dockerfile diff --git a/.github/workflows/push-docker-images.yml b/.github/workflows/push-docker-images.yml new file mode 100644 index 00000000..2c5fef6d --- /dev/null +++ b/.github/workflows/push-docker-images.yml @@ -0,0 +1,49 @@ +name: Build and Push Docker Images + +on: + push: + branches: + - master + tags: + - open-release/* +jobs: + push: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v2 + + # Use the release name as the image tag if we're building an open release tag. + # Examples: if we're building 'open-release/maple.1', tag the image as 'maple.1'. + # Otherwise, we must be building from a push to master, so use 'latest'. + - name: Get tag name + id: get-tag-name + uses: actions/github-script@v5 + with: + script: | + const releasePrefix = 'refs/tags/open-release/'; + const tagName = context.ref.split(releasePrefix)[1] || 'latest'; + console.log('Will use tag: ' + tagName); + return tagName; + result-encoding: string + + - name: Build and push Dev Docker image + uses: docker/build-push-action@v1 + with: + push: true + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + target: dev + repository: edxops/edx-notes-api-dev + tags: ${{ steps.get-tag-name.outputs.result }},${{ github.sha }} + + # - name: Build and push prod Docker image + # uses: docker/build-push-action@v1 + # with: + # push: true + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_PASSWORD }} + # target: prod + # repository: edxops/edx-notes-api-dev + # tags: ${{ steps.get-tag-name.outputs.result }},${{ github.sha }} diff --git a/Dockerfile b/Dockerfile index 2c2ad6a3..b1ec9e06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,9 +4,6 @@ FROM ubuntu:focal as app # git; Used to pull in particular requirements from github rather than pypi, # and to check the sha of the code checkout. -# ppa:deadsnakes/ppa; since Ubuntu doesn't ship with python 3.8 till 20, we need deadsnakes to install -# python 3.8 on older ubuntu versions - # language-pack-en locales; ubuntu locale support so that system utilities have a consistent # language and time zone. @@ -17,8 +14,7 @@ FROM ubuntu:focal as app # libmysqlclient-dev; to install header files needed to use native C implementation for # MySQL-python for performance gains. -# software-properties-common; to get apt-add-repository -# deadsnakes PPA to install Python 3.8 + # If you add a package here please include a comment above describing what it is used for RUN apt-get update && \ @@ -34,44 +30,61 @@ RUN apt-get update && \ build-essential \ python3.8-dev \ python3.8-distutils \ - python3.8-venv -qy && \ + python3-virtualenv -qy && \ rm -rf /var/lib/apt/lists/* -ENV VIRTUAL_ENV=/edx/app/edx-notes-api/venvs/edx-notes-api -RUN python3.8 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" - RUN locale-gen en_US.UTF-8 ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 -ENV EDXNOTES_CONFIG_ROOT /edx/etc -ENV DJANGO_SETTINGS_MODULE notesserver.settings.yaml_config -EXPOSE 8120 + +# ENV variables lifetime is bound to the container whereas ARGS variables lifetime is bound to the image building process only +# Also ARGS provide us an option of compatibility of Path structure for Tutor and other OpenedX installations +ARG COMMON_CFG_DIR "/edx/etc" +ARG COMMON_APP_DIR="/edx/app" +ARG NOTES_APP_DIR="${COMMON_APP_DIR}/notes" +ARG NOTES_VENV_DIR="${COMMON_APP_DIR}/venvs/notes" + +ENV NOTES_APP_DIR ${NOTES_APP_DIR} +ENV PATH="$NOTES_VENV_DIR/bin:$PATH" + RUN useradd -m --shell /bin/false app -WORKDIR /edx/app/notes +RUN virtualenv -p python3.8 --always-copy ${NOTES_VENV_DIR} -# Copy the requirements explicitly even though we copy everything below -# this prevents the image cache from busting unless the dependencies have changed. -COPY requirements/base.txt /edx/app/notes/requirements/base.txt -COPY requirements/pip.txt /edx/app/notes/requirements/pip.txt +COPY requirements ${NOTES_APP_DIR}/requirements -# Dependencies are installed as root so they cannot be modified by the application user. -RUN pip install -r requirements/pip.txt -RUN pip install -r requirements/base.txt +WORKDIR ${NOTES_APP_DIR} + +# edx_notes_api service config commands below +RUN pip install --no-cache-dir -r ${NOTES_APP_DIR}/requirements/base.txt +RUN pip install --no-cache-dir -r ${NOTES_APP_DIR}/requirements/pip.txt RUN mkdir -p /edx/var/log +COPY . ${NOTES_APP_DIR} + +EXPOSE 8120 + +FROM app as dev + +ENV DJANGO_SETTINGS_MODULE "notesserver.settings.devstack" + +# Backwards compatibility with devstack +RUN touch "${COMMON_APP_DIR}/edx_notes_api_env" + +CMD while true; do python ./manage.py runserver 0.0.0.0:8120; sleep 2; done + +FROM app as production + +ENV EDXNOTES_CONFIG_ROOT /edx/etc +ENV DJANGO_SETTINGS_MODULE "notesserver.settings.yaml_config" + # Code is owned by root so it cannot be modified by the application user. # So we copy it before changing users. USER app # Gunicorn 19 does not log to stdout or stderr by default. Once we are past gunicorn 19, the logging to STDOUT need not be specified. CMD gunicorn --workers=2 --name notes -c /edx/app/notes/notesserver/docker_gunicorn_configuration.py --log-file - --max-requests=1000 notesserver.wsgi:application - -# This line is after the requirements so that changes to the code will not -# bust the image cache -COPY . /edx/app/notes diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt index baf1aa51..0c9d503e 100644 --- a/requirements/pip-tools.txt +++ b/requirements/pip-tools.txt @@ -4,19 +4,21 @@ # # make upgrade # +build==0.10.0 build==0.10.0 # via pip-tools click==8.1.3 # via pip-tools +packaging==23.0 packaging==23.0 # via build -pip-tools==6.12.3 +pip-tools==6.12.2 # via -r requirements/pip-tools.in pyproject-hooks==1.0.0 # via build tomli==2.0.1 # via build -wheel==0.40.0 +wheel==0.38.4 # via pip-tools # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/travis.txt b/requirements/travis.txt index 73376843..c306609b 100644 --- a/requirements/travis.txt +++ b/requirements/travis.txt @@ -4,10 +4,21 @@ # # make upgrade # +cachetools==5.3.0 + # via tox +certifi==2022.12.7 certifi==2022.12.7 # via requests +chardet==5.1.0 + # via tox +charset-normalizer==3.0.1 chardet==3.0.4 # via requests +codecov==2.1.12 + # via -r requirements/travis.in +colorama==0.4.6 + # via tox +coverage==7.1.0 coverage==7.2.1 # via codecov distlib==0.3.6