Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Alpine Dockerfile, tweak HealthCheckMiddleware, bump dependencies. #410

Merged
merged 5 commits into from
Sep 24, 2024
Merged

Alpine Dockerfile, tweak HealthCheckMiddleware, bump dependencies. #410

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
49fe38f
Update sentry-sdk
ropable Sep 10, 2024
38404cb
Tweak HealthCheckMiddleware.readiness to close DB cursor.
ropable Sep 17, 2024
77a7649
Bump psycopg minor version
ropable Sep 24, 2024
5092d37
Alpine-based Dockerfile.
ropable Sep 24, 2024
9d21bbb
Increment project minor version.
ropable Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions .flake8
View file
Open in desktop

This file was deleted.

2 changes: 0 additions & 2 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,6 @@ updates:
interval: "weekly"
target-branch: "master"
- package-ecosystem: "github-actions"
# Workflow files stored in the
# default location of `.github/workflows`
directory: "/"
schedule:
interval: "weekly"
Expand Down
52 changes: 34 additions & 18 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,36 +1,52 @@
# syntax=docker/dockerfile:1
# Prepare the base environment.
FROM python:3.12.4-slim AS builder_base_prs
FROM python:3.12.6-alpine AS builder_base
LABEL [email protected]
LABEL org.opencontainers.image.source=https://github.com/dbca-wa/prs

RUN apt-get update -y \
&& apt-get upgrade -y \
&& apt-get install -y libmagic-dev gcc binutils gdal-bin proj-bin python3-dev libpq-dev gzip curl \
&& rm -rf /var/lib/apt/lists/* \
&& pip install --root-user-action=ignore --upgrade pip
# Install system requirements to build Python packages.
RUN apk add --no-cache \
gcc \
libressl-dev \
musl-dev \
libffi-dev
# Create a non-root user to run the application.
ARG UID=10001
ARG GID=10001
RUN addgroup -g ${GID} appuser \
&& adduser -H -D -u ${UID} -G appuser appuser

# Install Python libs using Poetry.
FROM builder_base_prs AS python_libs_prs
FROM builder_base AS python_libs_prs
# Add system dependencies required to use GDAL
# Ref: https://stackoverflow.com/a/59040511/14508
RUN apk add --no-cache \
gdal \
geos \
proj \
binutils \
libmagic \
&& ln -s /usr/lib/libproj.so.25 /usr/lib/libproj.so \
&& ln -s /usr/lib/libgdal.so.35 /usr/lib/libgdal.so \
&& ln -s /usr/lib/libgeos_c.so.1 /usr/lib/libgeos_c.so
WORKDIR /app
ARG POETRY_VERSION=1.8.3
RUN pip install --root-user-action=ignore poetry=="${POETRY_VERSION}"
COPY poetry.lock pyproject.toml ./
RUN poetry config virtualenvs.create false \
ARG POETRY_VERSION=1.8.3
RUN pip install --no-cache-dir --root-user-action=ignore poetry==${POETRY_VERSION} \
&& poetry config virtualenvs.create false \
&& poetry install --no-interaction --no-ansi --only main

# Create a non-root user.
ARG UID=10001
ARG GID=10001
RUN groupadd -g "${GID}" appuser \
&& useradd --no-create-home --no-log-init --uid "${UID}" --gid "${GID}" appuser
# Remove system libraries, no longer required.
RUN apk del \
gcc \
libressl-dev \
musl-dev \
libffi-dev

# Install the project.
FROM python_libs_prs
FROM python_libs_prs AS project_prs
COPY gunicorn.py manage.py ./
COPY prs2 ./prs2
RUN python manage.py collectstatic --noinput

USER ${UID}
EXPOSE 8080
CMD ["gunicorn", "prs2.wsgi", "--config", "gunicorn.py"]
36 changes: 36 additions & 0 deletions Dockerfile.debian
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# syntax=docker/dockerfile:1
# Prepare the base environment.
FROM python:3.12.4-slim AS builder_base_prs
LABEL [email protected]
LABEL org.opencontainers.image.source=https://github.com/dbca-wa/prs

RUN apt-get update -y \
&& apt-get upgrade -y \
&& apt-get install -y libmagic-dev gcc binutils gdal-bin proj-bin python3-dev libpq-dev gzip curl \
&& rm -rf /var/lib/apt/lists/* \
&& pip install --root-user-action=ignore --upgrade pip

# Install Python libs using Poetry.
FROM builder_base_prs AS python_libs_prs
WORKDIR /app
ARG POETRY_VERSION=1.8.3
RUN pip install --root-user-action=ignore poetry==${POETRY_VERSION}
COPY poetry.lock pyproject.toml ./
RUN poetry config virtualenvs.create false \
&& poetry install --no-interaction --no-ansi --only main

# Create a non-root user.
ARG UID=10001
ARG GID=10001
RUN groupadd -g ${GID} appuser \
&& useradd --no-create-home --no-log-init --uid ${UID} --gid ${GID} appuser

# Install the project.
FROM python_libs_prs
COPY gunicorn.py manage.py ./
COPY prs2 ./prs2
RUN python manage.py collectstatic --noinput

USER ${UID}
EXPOSE 8080
CMD ["gunicorn", "prs2.wsgi", "--config", "gunicorn.py"]
16 changes: 8 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
This project is the Department of Biodiversity, Conservation and Attractions
[Planning Referral System](https://prs.dbca.wa.gov.au/) corporate application.

# Installation
## Installation

The recommended way to set up this project for development is using
[Poetry](https://python-poetry.org/docs/) to install and manage a virtual Python
Expand All @@ -23,9 +23,9 @@ Manage new or updating project dependencies with Poetry also, like so:

poetry add newpackage==1.0

# Environment variables
## Environment variables

This project uses **django-confy** to set environment variables (in a `.env` file).
This project uses **python-dotenv** to set environment variables (in a `.env` file).
The following variables are required for the project to run:

DATABASE_URL="postgis://USER:PASSWORD@HOST:5432/DATABASE_NAME"
Expand Down Expand Up @@ -53,7 +53,7 @@ Variables below may also need to be defined in production (context-dependent):
SLIP_PASSWORD="slip_password"
SLIP_ESRI_FS_URL="https://wfs.slip.url.au/endpoint"

# Media uploads
## Media uploads

By default, PRS assumes that user-uploaded media will be saved to Azure blob
storage. To use local storage, set the environment variable `LOCAL_MEDIA_STORAGE=True`
Expand All @@ -65,7 +65,7 @@ Credentials for Azure should be defined in the following environment variables:
AZURE_ACCOUNT_KEY=key
AZURE_CONTAINER=container_name

# Running
## Running

Use `runserver` to run a local copy of the application:

Expand All @@ -85,7 +85,7 @@ should contain the broker URL value. Reference:

<https://docs.celeryq.dev/en/stable/getting-started/backends-and-brokers/redis.html#broker-redis>

# Testing
## Testing

Run unit tests as follows:

Expand All @@ -100,13 +100,13 @@ To obtain coverage reports:
coverage run --source='.' manage.py test --keepdb -v2 --settings prs2.test-settings
coverage report -m

# Docker image
## Docker image

To build a new Docker image from the `Dockerfile`:

docker image build -t ghcr.io/dbca-wa/prs .

# Pre-commit hooks
## Pre-commit hooks

This project includes the following pre-commit hooks:

Expand Down
2 changes: 1 addition & 1 deletion kustomize/overlays/prod/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,4 @@ patches:
- path: typesense_service_patch.yaml
images:
- name: ghcr.io/dbca-wa/prs
newTag: 2.5.56
newTag: 2.5.57
Loading