-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into user_removal_mme_check
- Loading branch information
Showing
12 changed files
with
265 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
name: Publish to Docker stage | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
docker-stage-push: | ||
name: Create staging docker image | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out git repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Get branch name | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5 | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKER_USERNAME }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v1 | ||
|
||
- name: Build and push | ||
if: steps.branch-name.outputs.is_default == 'false' | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: ./ | ||
file: ./Dockerfile-server | ||
push: true | ||
tags: "clinicalgenomics/scout-server-stage:${{steps.branch-name.outputs.current_branch}}, clinicalgenomics/scout-server-stage:latest" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
########### | ||
# BUILDER # | ||
########### | ||
FROM clinicalgenomics/python3.8-cyvcf2-venv:1.0 AS python-builder | ||
|
||
ENV PATH="/venv/bin:$PATH" | ||
|
||
WORKDIR /app | ||
|
||
# Install Scout dependencies | ||
COPY requirements.txt . | ||
RUN pip install --no-cache-dir -r requirements.txt gunicorn | ||
|
||
######### | ||
# FINAL # | ||
######### | ||
FROM python:3.8-slim | ||
|
||
LABEL about.home="https://github.com/Clinical-Genomics/scout" | ||
LABEL about.documentation="https://clinical-genomics.github.io/scout" | ||
LABEL about.tags="WGS,WES,Rare diseases,VCF,variants,SNP,Next generation sequencing" | ||
LABEL about.license="MIT License (MIT)" | ||
|
||
# Install base dependencies | ||
RUN apt-get update && \ | ||
apt-get -y upgrade && \ | ||
apt-get -y install -y --no-install-recommends libpango-1.0-0 libpangocairo-1.0-0 && \ | ||
apt-get clean && \ | ||
rm -rf /var/lib/apt/lists/* | ||
|
||
# Do not upgrade to the latest pip version to ensure more reproducible builds | ||
ENV PIP_DISABLE_PIP_VERSION_CHECK=1 | ||
ENV PATH="/venv/bin:$PATH" | ||
RUN echo export PATH="/venv/bin:\$PATH" > /etc/profile.d/venv.sh | ||
|
||
# Create a non-root user to run commands | ||
RUN groupadd --gid 1000 worker && useradd -g worker --uid 1000 --shell /usr/sbin/nologin --create-home worker | ||
|
||
# Copy virtual environment from builder | ||
COPY --chown=worker:worker --from=python-builder /venv /venv | ||
|
||
WORKDIR /home/worker/app | ||
COPY . /home/worker/app | ||
|
||
# Install only Scout app | ||
RUN pip install --no-cache-dir --editable .[coverage] | ||
|
||
# Run the app as non-root user | ||
USER worker | ||
|
||
ENV GUNICORN_WORKERS=1 | ||
ENV GUNICORN_THREADS=1 | ||
ENV GUNICORN_BIND="0.0.0.0:8000" | ||
ENV GUNICORN_TIMEOUT=400 | ||
|
||
CMD gunicorn \ | ||
--workers=$GUNICORN_WORKERS \ | ||
--bind=$GUNICORN_BIND \ | ||
--threads=$GUNICORN_THREADS \ | ||
--timeout=$GUNICORN_TIMEOUT \ | ||
--proxy-protocol \ | ||
--forwarded-allow-ips="10.0.2.100,127.0.0.1" \ | ||
--log-syslog \ | ||
--access-logfile - \ | ||
--error-logfile - \ | ||
--log-level="debug" \ | ||
scout.server.auto:app |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.