diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..94143827 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +Dockerfile diff --git a/.github/workflows/push-docker-image.yml b/.github/workflows/push-docker-image.yml index dda3d84e..94b358db 100644 --- a/.github/workflows/push-docker-image.yml +++ b/.github/workflows/push-docker-image.yml @@ -1,9 +1,10 @@ -name: Build and Push Docker Image +name: Build and Push Docker Images on: push: branches: - master + - open-release/** jobs: push: runs-on: ubuntu-latest @@ -11,15 +12,38 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - - name: Build and push Docker images + # Use the release name as the image tag if we're building an open release tag. + # Examples: if we're building 'open-release/olive.master', tag the image as 'olive.master'. + # Otherwise, we must be building from a push to master, so use 'latest'. + - name: Get tag name + id: get-tag-name + uses: actions/github-script@v5 + with: + script: | + const branchName = context.ref.split('/').slice(-1)[0]; + const tagName = branchName === 'master' ? 'latest' : branchName; + console.log('Will use tag: ' + tagName); + return tagName; + result-encoding: string + + - name: Build and push Dev Docker image uses: docker/build-push-action@v1 with: - push: ${{ github.event_name != 'pull_request' }} + push: true username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - cache-from: type=gha - cache-to: type=gha,mode=max - repository: openedx/edx-notes-api - tags: latest,${{ github.sha }} + target: dev + repository: openedx/edx-notes-api-dev + tags: ${{ steps.get-tag-name.outputs.result }},${{ github.sha }} + + # - name: Build and push prod Docker image + # uses: docker/build-push-action@v1 + # with: + # push: true + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_PASSWORD }} + # target: prod + # repository: openedx/edx-notes-api + # tags: ${{ steps.get-tag-name.outputs.result }},${{ github.sha }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 2c2ad6a3..b1ec9e06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,9 +4,6 @@ FROM ubuntu:focal as app # git; Used to pull in particular requirements from github rather than pypi, # and to check the sha of the code checkout. -# ppa:deadsnakes/ppa; since Ubuntu doesn't ship with python 3.8 till 20, we need deadsnakes to install -# python 3.8 on older ubuntu versions - # language-pack-en locales; ubuntu locale support so that system utilities have a consistent # language and time zone. @@ -17,8 +14,7 @@ FROM ubuntu:focal as app # libmysqlclient-dev; to install header files needed to use native C implementation for # MySQL-python for performance gains. -# software-properties-common; to get apt-add-repository -# deadsnakes PPA to install Python 3.8 + # If you add a package here please include a comment above describing what it is used for RUN apt-get update && \ @@ -34,44 +30,61 @@ RUN apt-get update && \ build-essential \ python3.8-dev \ python3.8-distutils \ - python3.8-venv -qy && \ + python3-virtualenv -qy && \ rm -rf /var/lib/apt/lists/* -ENV VIRTUAL_ENV=/edx/app/edx-notes-api/venvs/edx-notes-api -RUN python3.8 -m venv $VIRTUAL_ENV -ENV PATH="$VIRTUAL_ENV/bin:$PATH" - RUN locale-gen en_US.UTF-8 ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 -ENV EDXNOTES_CONFIG_ROOT /edx/etc -ENV DJANGO_SETTINGS_MODULE notesserver.settings.yaml_config -EXPOSE 8120 + +# ENV variables lifetime is bound to the container whereas ARGS variables lifetime is bound to the image building process only +# Also ARGS provide us an option of compatibility of Path structure for Tutor and other OpenedX installations +ARG COMMON_CFG_DIR "/edx/etc" +ARG COMMON_APP_DIR="/edx/app" +ARG NOTES_APP_DIR="${COMMON_APP_DIR}/notes" +ARG NOTES_VENV_DIR="${COMMON_APP_DIR}/venvs/notes" + +ENV NOTES_APP_DIR ${NOTES_APP_DIR} +ENV PATH="$NOTES_VENV_DIR/bin:$PATH" + RUN useradd -m --shell /bin/false app -WORKDIR /edx/app/notes +RUN virtualenv -p python3.8 --always-copy ${NOTES_VENV_DIR} -# Copy the requirements explicitly even though we copy everything below -# this prevents the image cache from busting unless the dependencies have changed. -COPY requirements/base.txt /edx/app/notes/requirements/base.txt -COPY requirements/pip.txt /edx/app/notes/requirements/pip.txt +COPY requirements ${NOTES_APP_DIR}/requirements -# Dependencies are installed as root so they cannot be modified by the application user. -RUN pip install -r requirements/pip.txt -RUN pip install -r requirements/base.txt +WORKDIR ${NOTES_APP_DIR} + +# edx_notes_api service config commands below +RUN pip install --no-cache-dir -r ${NOTES_APP_DIR}/requirements/base.txt +RUN pip install --no-cache-dir -r ${NOTES_APP_DIR}/requirements/pip.txt RUN mkdir -p /edx/var/log +COPY . ${NOTES_APP_DIR} + +EXPOSE 8120 + +FROM app as dev + +ENV DJANGO_SETTINGS_MODULE "notesserver.settings.devstack" + +# Backwards compatibility with devstack +RUN touch "${COMMON_APP_DIR}/edx_notes_api_env" + +CMD while true; do python ./manage.py runserver 0.0.0.0:8120; sleep 2; done + +FROM app as production + +ENV EDXNOTES_CONFIG_ROOT /edx/etc +ENV DJANGO_SETTINGS_MODULE "notesserver.settings.yaml_config" + # Code is owned by root so it cannot be modified by the application user. # So we copy it before changing users. USER app # Gunicorn 19 does not log to stdout or stderr by default. Once we are past gunicorn 19, the logging to STDOUT need not be specified. CMD gunicorn --workers=2 --name notes -c /edx/app/notes/notesserver/docker_gunicorn_configuration.py --log-file - --max-requests=1000 notesserver.wsgi:application - -# This line is after the requirements so that changes to the code will not -# bust the image cache -COPY . /edx/app/notes