Create dedicated folder for containers and add base image

SUSE · Feb 4, 2024 · e502c3e · e502c3e
1 parent 8542270
commit e502c3e
Show file tree

Hide file tree

Showing 13 changed files with 89 additions and 29 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,7 +1,11 @@
 # Ignore git, data and cache files
 .git
+.github
 .cache
+.pytest_cache
+
 __pycache__
 /db
+/tests
 # Also ignore templates
 /templates
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        suffix: [main, k8s]
+        suffix: [main, k8s, base_main, base_k8s]
     permissions:
       contents: read
       packages: write
@@ -48,26 +48,44 @@ jobs:
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
         with:
           context: .
-          file: Dockerfile
+          file: containers/Dockerfile
           push: false
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-      - name: Build Docker image (K8S_GCE)
+      - name: Build Docker image (K8S)
         if: ${{ matrix.suffix == 'k8s' }}
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
         with:
           context: .
-          file: Dockerfile_${{ matrix.suffix }}
+          file: containers/Dockerfile_${{ matrix.suffix }}
           push: false
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}  
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Build Docker image (PCW Base)
+        if: ${{ matrix.suffix == 'base_main' }}
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
+        with:
+          context: .
+          file: containers/Dockerfile_base
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Build Docker image (K8S Base)
+        if: ${{ matrix.suffix == 'base_k8s' }}
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
+        with:
+          context: .
+          file: containers/Dockerfile_${{ matrix.suffix }}
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
 
   build-and-push:
     if: ${{ github.event_name == 'release' }}
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        suffix: [main, k8s]
+        suffix: [main, k8s, base_main, base_k8s]
     permissions:
       contents: read
       packages: write
@@ -94,16 +112,34 @@ jobs:
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
         with:
           context: .
-          file: Dockerfile
+          file: containers/Dockerfile
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-      - name: Build and push Docker image (K8S_GCE)
+      - name: Build and push Docker image (K8S)
         if: ${{ matrix.suffix == 'k8s' }}
         uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
         with:
           context: .
-          file: Dockerfile_${{ matrix.suffix }}
+          file: containers/Dockerfile_${{ matrix.suffix }}
           push: true
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}  
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Build and push Docker image (PCW Base)
+        if: ${{ matrix.suffix == 'base_main' }}
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
+        with:
+          context: .
+          file: containers/Dockerfile_base
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Build and push Docker image (K8S)
+        if: ${{ matrix.suffix == 'base_k8s' }}
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
+        with:
+          context: .
+          file: containers/Dockerfile_${{ matrix.suffix }}
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -41,13 +41,19 @@ jobs:
       - uses: actions/checkout@v4
       - uses: hadolint/[email protected]
         with:
-          dockerfile: 'Dockerfile'
+          dockerfile: 'containers/Dockerfile'
       - uses: hadolint/[email protected]
         with:
-          dockerfile: 'Dockerfile_dev'
+          dockerfile: 'containers/Dockerfile_dev'
       - uses: hadolint/[email protected]
         with:
-          dockerfile: 'Dockerfile_k8s'
+          dockerfile: 'containers/Dockerfile_k8s'
       - uses: hadolint/[email protected]
         with:
-          dockerfile: 'Dockerfile_k8s_dev'
+          dockerfile: 'containers/Dockerfile_k8s_dev'
+      - uses: hadolint/[email protected]
+        with:
+          dockerfile: 'containers/Dockerfile_base'
+      - uses: hadolint/[email protected]
+        with:
+          dockerfile: 'containers/Dockerfile_base_k8s'
diff --git a/Makefile b/Makefile
@@ -28,17 +28,17 @@ codecov:
 
 # Build containers
 docker-container:
-	docker build . -t ${CONT_TAG}
+	docker build . -t ${CONT_TAG} -f containers/Dockerfile
 podman-container:
-	podman build . -t ${CONT_TAG}
+	podman build . -t ${CONT_TAG} -f containers/Dockerfile
 podman-container-devel:
-	podman build -f Dockerfile_dev -t pcw-devel
+	podman build . -f containers/Dockerfile_dev -t pcw-devel
 podman-container-k8s:
-	podman build -f Dockerfile_k8s -t pcw-k8s-cleaner
+	podman build . -f containers/Dockerfile_k8s -t pcw-k8s-cleaner
 podman-container-k8s-devel:
-	podman build -f Dockerfile_k8s_dev -t pcw-k8s-cleaner-devel
+	podman build . -f containers/Dockerfile_k8s_dev -t pcw-k8s-cleaner-devel
 
 # Container linting
 .PHONY: container-lint
-container-lint: Dockerfile*
-	hadolint Dockerfile*
+container-lint: containers/Dockerfile*
+	hadolint containers/Dockerfile*
diff --git a/README.md b/README.md
@@ -128,7 +128,7 @@ podman exec pcw /pcw/container-startup createuser admin USE_A_STRONG_PASSWORD
 
 ## Devel version of container
 
-There is [devel version](Dockerfile_dev) of container file. Main difference is that source files are not copied into image but expected to be mounted via volume. This ease development in environment close as much as possible to production run.
+There is [devel version](containers/Dockerfile_dev) of container file. Main difference is that source files are not copied into image but expected to be mounted via volume. This ease development in environment close as much as possible to production run.
 
 Expected use would be :
 

diff --git a/Dockerfile → containers/Dockerfile b/Dockerfile → containers/Dockerfile
@@ -1,10 +1,5 @@
 FROM registry.suse.com/bci/python:3.11
 
-ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 UWSGI_WSGI_FILE=/pcw/webui/wsgi.py UWSGI_MASTER=1
-ENV UWSGI_HTTP_AUTO_CHUNKED=1 UWSGI_HTTP_KEEPALIVE=1 UWSGI_LAZY_APPS=1 UWSGI_WSGI_ENV_BEHAVIOR=holy
-
-## System preparation steps ################################################# ##
-
 # We do the whole installation and configuration in one layer:
 COPY requirements.txt /pcw/
 # * Install system requirements
@@ -17,7 +12,7 @@ RUN source /etc/os-release && zypper addrepo -G -cf "https://download.opensuse.o
 # Copy program files only
 COPY ocw  /pcw/ocw/
 COPY webui  /pcw/webui/
-COPY container-startup manage.py LICENSE README.md setup.cfg pyproject.toml /pcw/
+COPY containers/container-startup manage.py LICENSE /pcw/
 
 WORKDIR /pcw
 
@@ -32,6 +27,8 @@ EXPOSE 8000/tcp
 
 # Required to use system certs in python-requests
 ENV REQUESTS_CA_BUNDLE=/etc/ssl/ca-bundle.pem
+ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 UWSGI_WSGI_FILE=/pcw/webui/wsgi.py UWSGI_MASTER=1
+ENV UWSGI_HTTP_AUTO_CHUNKED=1 UWSGI_HTTP_KEEPALIVE=1 UWSGI_LAZY_APPS=1 UWSGI_WSGI_ENV_BEHAVIOR=holy
 
 # Once we are certain that this runs nicely, replace this with ENTRYPOINT.
 ENTRYPOINT ["/pcw/container-startup", "run"]
diff --git a/containers/Dockerfile_base b/containers/Dockerfile_base
@@ -0,0 +1,6 @@
+FROM registry.suse.com/bci/python:3.11
+
+COPY requirements.txt /pcw/
+RUN source /etc/os-release && zypper addrepo -G -cf "https://download.opensuse.org/repositories/SUSE:/CA/$VERSION_ID/SUSE:CA.repo" && \
+    zypper -n in ca-certificates-suse gcc libffi-devel && \
+    pip install --no-cache-dir wheel && pip install --no-cache-dir -r /pcw/requirements.txt && zypper clean && rm -rf /var/cache
diff --git a/containers/Dockerfile_base_k8s b/containers/Dockerfile_base_k8s
@@ -0,0 +1,11 @@
+FROM registry.suse.com/bci/python:3.11
+
+RUN zypper -n in gcc tar gzip kubernetes1.24-client aws-cli && zypper clean && rm -rf /var/cache
+
+# Google cli installation
+RUN curl -sf https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-415.0.0-linux-x86_64.tar.gz | tar -zxf - -C /opt \
+&& /opt/google-cloud-sdk/bin/gcloud components install gke-gcloud-auth-plugin
+
+# Install python dependences
+COPY requirements_k8s.txt /pcw/
+RUN pip install --no-cache-dir wheel && pip install --no-cache-dir -r /pcw/requirements_k8s.txt
diff --git a/Dockerfile_dev → containers/Dockerfile_dev b/Dockerfile_dev → containers/Dockerfile_dev
diff --git a/Dockerfile_k8s → containers/Dockerfile_k8s b/Dockerfile_k8s → containers/Dockerfile_k8s
diff --git a/Dockerfile_k8s_dev → containers/Dockerfile_k8s_dev b/Dockerfile_k8s_dev → containers/Dockerfile_k8s_dev
diff --git a/container-startup → containers/container-startup b/container-startup → containers/container-startup
diff --git a/tests/test_webui.py b/tests/test_webui.py
@@ -59,7 +59,7 @@ def image(random_port, client):
     try:
         client.images.build(
             path=".",
-            dockerfile="Dockerfile",
+            dockerfile="containers/Dockerfile",
             tag=image_name,
         )
     except APIError as exc: