forked from ITISFoundation/osparc-simcore
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
136 lines (94 loc) · 3.05 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
FROM python:3.6-alpine as base
#
# USAGE:
# cd sercices/sidecar
# docker build -f Dockerfile -t sidecar:prod --target production ../../
# docker run sidecar:prod
#
# REQUIRED: context expected at ``osparc-simcore/`` folder because we need access to osparc-simcore/packages
LABEL maintainer=mguidon
# simcore-user uid=8004(scu) gid=8004(scu) groups=8004(scu)
RUN adduser -D -u 8004 -s /bin/sh -h /home/scu scu
RUN apk add --no-cache \
su-exec
ENV PATH "/home/scu/.local/bin:$PATH"
# All SC_ variables are customized
ENV SC_PIP pip3 --no-cache-dir
ENV SC_BUILD_TARGET base
EXPOSE 8080
VOLUME /home/scu/input
VOLUME /home/scu/output
VOLUME /home/scu/log
# -------------------------- Build stage -------------------
# Installs build/package management tools and third party dependencies
#
# + /build WORKDIR
#
FROM base as build
ENV SC_BUILD_TARGET build
RUN apk add --no-cache \
postgresql-dev \
gcc \
libc-dev
RUN $SC_PIP install --upgrade \
pip \
wheel \
setuptools
WORKDIR /build
# install base 3rd party dependencies
COPY --chown=scu:scu services/sidecar/requirements/*.txt \
tmp/sidecar/requirements/
RUN $SC_PIP install \
-r tmp/sidecar/requirements/base.txt
# --------------------------Cache stage -------------------
# CI in master buils & pushes this target to speed-up image build
#
# + /build
# + services/sidecar [scu:scu] WORKDIR
#
FROM build as cache
ENV SC_BUILD_TARGET cache
COPY --chown=scu:scu packages /build/packages
COPY --chown=scu:scu services/sidecar /build/services/sidecar
COPY --chown=scu:scu services/storage/client-sdk /build/services/storage/client-sdk
WORKDIR /build/services/sidecar
RUN $SC_PIP install -r requirements/prod.txt &&\
$SC_PIP list -v
# --------------------------Production stage -------------------
# Final cleanup up to reduce image size and startup setup
# Runs as scu (non-root user)
#
# + /home/scu $HOME = WORKDIR
# + services/sidecar [scu:scu]
#
FROM cache as production
ENV SC_BUILD_TARGET production
ENV SC_BOOT_MODE production
WORKDIR /home/scu
RUN mkdir -p services/sidecar &&\
chown scu:scu services/sidecar &&\
mv /build/services/sidecar/docker services/sidecar/docker &&\
rm -rf /build
RUN apk del --no-cache\
gcc
ENTRYPOINT [ "/bin/sh", "services/sidecar/docker/entrypoint.sh" ]
CMD ["/bin/sh", "services/sidecar/docker/boot.sh"]
# --------------------------Development stage -------------------
# Source code accessible in host but runs in container
# Runs as scu with same gid/uid as host
# Placed at the end to speed-up the build if images targeting production
#
# + /devel WORKDIR
# + services (mounted volume)
#
FROM build as development
ENV SC_BUILD_TARGET development
ENV SC_BOOT_MODE development
# TODO: consider installing tooling in a separate virtualenv?
# TODO: really necesary???
WORKDIR /build
WORKDIR /devel
VOLUME /devel/packages
VOLUME /devel/services/sidecar/
ENTRYPOINT [ "/bin/sh", "services/sidecar/docker/entrypoint.sh" ]
CMD ["/bin/sh", "services/sidecar/docker/boot.sh"]