-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
migrate docker image to ubuntu slim and uses multistage to drop the i…
…mage size
- Loading branch information
Showing
2 changed files
with
68 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,44 @@ | ||
FROM maestroserver/maestro-python-gcc | ||
FROM python:3.8-slim AS compile | ||
|
||
RUN apk add --no-cache --virtual .build-dependencies pkgconfig graphviz-dev && \ | ||
apk del --no-cache --purge .build-dependencies \ | ||
RUN rm -rf /var/cache/apk/* | ||
RUN apt-get -y update && \ | ||
apt-get -y install --no-install-recommends \ | ||
curl \ | ||
gcc \ | ||
openssl \ | ||
build-essential \ | ||
libcurl4-openssl-dev \ | ||
libssl-dev \ | ||
pkg-config \ | ||
graphviz-dev \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
ENV APP_PATH=/opt/application | ||
WORKDIR $APP_PATH | ||
ENV PYTHONDONTWRITEBYTECODE=1 | ||
WORKDIR /opt/application | ||
|
||
RUN python3 -m venv /home/app/venv | ||
ENV PATH="/home/app/venv/bin:$PATH" | ||
|
||
COPY requirements.txt requirements.txt | ||
RUN pip install --upgrade pip gunicorn && \ | ||
pip3 install --no-cache-dir -r requirements.txt | ||
|
||
|
||
# production image | ||
FROM python:3.8-slim | ||
RUN useradd --create-home app | ||
|
||
COPY --from=compile /home/app/venv /home/app/venv | ||
|
||
ENV PATH="/home/app/venv/bin:$PATH" | ||
|
||
WORKDIR /home/app | ||
USER app | ||
|
||
COPY docker-entrypoint.sh /usr/local/bin/ | ||
COPY ./app app/ | ||
COPY ./instance instance/ | ||
COPY ./assets assets/ | ||
COPY requirements.txt requirements.txt | ||
COPY package.json package.json | ||
COPY run.py run.py | ||
COPY gunicorn_config.py gunicorn_config.py | ||
|
||
RUN chmod +x /usr/local/bin/docker-entrypoint.sh | ||
RUN addgroup -S app && adduser -S app -G app | ||
RUN pip3 install --upgrade pip gunicorn && \ | ||
pip3 install -r requirements.txt | ||
|
||
ENTRYPOINT ["/sbin/tini","-g","--"] | ||
CMD ["docker-entrypoint.sh"] | ||
CMD ["gunicorn", "--config", "./gunicorn_config.py", "run:app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,43 @@ | ||
FROM maestroserver/maestro-python-gcc | ||
FROM python:3.8-slim AS compile | ||
|
||
RUN apk add --no-cache --virtual .build-dependencies pkgconfig graphviz-dev && \ | ||
apk del --no-cache --purge .build-dependencies && \ | ||
rm -rf /var/cache/apk/* | ||
RUN apt-get -y update && \ | ||
apt-get -y install --no-install-recommends \ | ||
curl \ | ||
gcc \ | ||
openssl \ | ||
build-essential \ | ||
libcurl4-openssl-dev \ | ||
libssl-dev \ | ||
pkg-config \ | ||
graphviz-dev \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
ENV APP_PATH=/opt/application | ||
ENV PYCURL_SSL_LIBRARY=openssl | ||
ENV PYTHONDONTWRITEBYTECODE=1 | ||
WORKDIR /opt/application | ||
|
||
WORKDIR $APP_PATH | ||
RUN python3 -m venv /home/app/venv | ||
ENV PATH="/home/app/venv/bin:$PATH" | ||
|
||
COPY requirements.txt requirements.txt | ||
RUN pip install --upgrade pip && \ | ||
pip3 install --no-cache-dir -r requirements.txt | ||
|
||
|
||
# production image | ||
FROM python:3.8-slim | ||
RUN useradd --create-home app | ||
|
||
COPY --from=compile /home/app/venv /home/app/venv | ||
|
||
ENV PATH="/home/app/venv/bin:$PATH" | ||
|
||
WORKDIR /home/app | ||
USER app | ||
|
||
COPY ./app app/ | ||
COPY ./instance instance/ | ||
COPY requirements.txt requirements.txt | ||
COPY ./assets assets/ | ||
COPY package.json package.json | ||
COPY run.py run.py | ||
COPY docker-entrypoint-workers.sh /usr/local/bin/ | ||
|
||
RUN chmod +x /usr/local/bin/docker-entrypoint-workers.sh | ||
RUN addgroup app && adduser -S app | ||
RUN pip3 install --upgrade pip cython && \ | ||
pip3 install -r requirements.txt | ||
|
||
ENTRYPOINT ["/sbin/tini","-g","--"] | ||
CMD ["docker-entrypoint-workers.sh"] | ||
CMD ["celery", "-A", "app.celery", "worker", "-l", "info"] |