-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create a Dockerfile for serving the app via gunicorn - with GitHub ac…
…tion (#3053) * Created a dedicated Dockerfile for running a prod server * modify docker compose to run server from gunicorn Dockerfile * add action to push to docker hub the server dockerfile (stage) * updated changelog * Push the prod server image to Docker Hub whenever a new release is created * fix port on readme file * Fixed documentation and updated changelog * Set hide alamut link to True * Fix a test accordimng to modified demo config file * Update docs/admin-guide/server.md Co-authored-by: Daniel Nilsson <daniel.k.nilsson@gmail.com> Co-authored-by: Daniel Nilsson <daniel.k.nilsson@gmail.com>
- Loading branch information
1 parent
6a4332f
commit 8a6cd6a
Showing
11 changed files
with
257 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
name: Publish to Docker stage | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
docker-stage-push: | ||
name: Create staging docker image | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out git repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Get branch name | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5 | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKER_USERNAME }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v1 | ||
|
||
- name: Build and push | ||
if: steps.branch-name.outputs.is_default == 'false' | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: ./ | ||
file: ./Dockerfile-server | ||
push: true | ||
tags: "clinicalgenomics/scout-server-stage:${{steps.branch-name.outputs.current_branch}}, clinicalgenomics/scout-server-stage:latest" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
########### | ||
# BUILDER # | ||
########### | ||
FROM clinicalgenomics/python3.8-cyvcf2-venv:1.0 AS python-builder | ||
|
||
ENV PATH="/venv/bin:$PATH" | ||
|
||
WORKDIR /app | ||
|
||
# Install Scout dependencies | ||
COPY requirements.txt . | ||
RUN pip install --no-cache-dir -r requirements.txt gunicorn | ||
|
||
######### | ||
# FINAL # | ||
######### | ||
FROM python:3.8-slim | ||
|
||
LABEL about.home="https://github.com/Clinical-Genomics/scout" | ||
LABEL about.documentation="https://clinical-genomics.github.io/scout" | ||
LABEL about.tags="WGS,WES,Rare diseases,VCF,variants,SNP,Next generation sequencing" | ||
LABEL about.license="MIT License (MIT)" | ||
|
||
# Install base dependencies | ||
RUN apt-get update && \ | ||
apt-get -y upgrade && \ | ||
apt-get -y install -y --no-install-recommends libpango-1.0-0 libpangocairo-1.0-0 && \ | ||
apt-get clean && \ | ||
rm -rf /var/lib/apt/lists/* | ||
|
||
# Do not upgrade to the latest pip version to ensure more reproducible builds | ||
ENV PIP_DISABLE_PIP_VERSION_CHECK=1 | ||
ENV PATH="/venv/bin:$PATH" | ||
RUN echo export PATH="/venv/bin:\$PATH" > /etc/profile.d/venv.sh | ||
|
||
# Create a non-root user to run commands | ||
RUN groupadd --gid 1000 worker && useradd -g worker --uid 1000 --shell /usr/sbin/nologin --create-home worker | ||
|
||
# Copy virtual environment from builder | ||
COPY --chown=worker:worker --from=python-builder /venv /venv | ||
|
||
WORKDIR /home/worker/app | ||
COPY . /home/worker/app | ||
|
||
# Install only Scout app | ||
RUN pip install --no-cache-dir --editable .[coverage] | ||
|
||
# Run the app as non-root user | ||
USER worker | ||
|
||
ENV GUNICORN_WORKERS=1 | ||
ENV GUNICORN_THREADS=1 | ||
ENV GUNICORN_BIND="0.0.0.0:8000" | ||
ENV GUNICORN_TIMEOUT=400 | ||
|
||
CMD gunicorn \ | ||
--workers=$GUNICORN_WORKERS \ | ||
--bind=$GUNICORN_BIND \ | ||
--threads=$GUNICORN_THREADS \ | ||
--timeout=$GUNICORN_TIMEOUT \ | ||
--proxy-protocol \ | ||
--forwarded-allow-ips="10.0.2.100,127.0.0.1" \ | ||
--log-syslog \ | ||
--access-logfile - \ | ||
--error-logfile - \ | ||
--log-level="debug" \ | ||
scout.server.auto:app |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.