Improve Docker configuration #497
Merged
Commits on Jul 23, 2021
-
Show static files in docker setup
After 312160c docker-compose doesn't load static files as the server runs in development mode without DEBUG enabled. Also, this commit makes sure it is loud and heard that running via docker is not safe. Signed-off-by: Hritik Vijay <[email protected]>
-
Remove remaining traces of DJANGO_DEV
DJANGO_DEV is obsolete and now nowhere exists in the entire codebase Signed-off-by: Hritik Vijay <[email protected]>
-
Use nginx server in docker with gunicorn support
The docker setup present earlier used django development server to host vulnerablecode, this is neither recommended nor safe. Also the server did not drop privileges. Docker environment vars are now easily configured via docker.env, also the nginx template present in etc/nginx could be used in a non docker setup with slight modifications. Signed-off-by: Hritik Vijay <[email protected]>
Commits on Jul 28, 2021
-
Inspired by ScancodeIO. This Makefile makes the installation easy as a cake. The virtualenv zipapp used in this commit is obtained from https://bootstrap.pypa.io/virtualenv/3.8/virtualenv.pyz Note: sqlite support in this makefile is not implemented yet. It will be done in next commits in this PR. Signed-off-by: Hritik Vijay <[email protected]>
-
Update CI unit tests to use Makefile
This will be essential after later commits as the existence of SECRET_KEY in .env or environment is going to be non-optional. Signed-off-by: Hritik Vijay <[email protected]>
-
Update Travis CI to use Makefile
This is not essential but promotes uniformity. Also, `collectstatic` is removed from this test as this is not really necessary. Signed-off-by: Hritik Vijay <[email protected]>
-
Make Settings consistent with scancodeio
Inspired by scancodeio, we now have a consistent ALLOWED_HOSTS environment variable support. SECRET_KEY no longer defaults to insecure values and is required to be generated. Static files are now served in /var/vulnerablecode/static which is consistent to scancodeio. Signed-off-by: Hritik Vijay <[email protected]>
-
File hierarchy inside docker container now looks similar to scancodeio. postgres data is now a docker volume, so it will persist even after recreation. .dockerignores makes sure that we don't overpopulate docker images, improving build times. A common environment variable for containers is kept in docker.env The python image we are using now explicitly states python:3.8 NOTE: We should have a postgres health check script which uses python manage.py check --database default which comes with max_retries and backoffs for `vulnerablecode` container. Currently, docker's `restart:` option is used but it has a caveat that it'll restart on non-db errors as well. Signed-off-by: Hritik Vijay <[email protected]>
-
Add Docker related documentation
This calls for a lot of changes in other parts of documentation as well. This will be done in later PRs. This commit marks the end of this PR. Signed-off-by: Hritik Vijay <[email protected]>
-
Revert Use cache for pip in CI test
This commit gets rid of using any type of cache (introduced in 135c95f) This is to ensure having no surprises in future. This was discussed in https://github.com/nexB/vulnerablecode/wiki/WeeklyMeetings#meeting-on-tuesday-2021-07-27-at-1300-utc Signed-off-by: Hritik Vijay <[email protected]>
-
These are redundant after PR# 295. Signed-off-by: Hritik Vijay <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.