From e502c3ecf4ba3553e1a5af1c019ab0092ae161fc Mon Sep 17 00:00:00 2001 From: Anton Smorodskyi Date: Fri, 2 Feb 2024 15:40:42 +0100 Subject: [PATCH] Create dedicated folder for containers and add base image --- .dockerignore | 4 ++ .github/workflows/container.yml | 56 +++++++++++++++---- .github/workflows/lint.yml | 14 +++-- Makefile | 14 ++--- README.md | 2 +- Dockerfile => containers/Dockerfile | 9 +-- containers/Dockerfile_base | 6 ++ containers/Dockerfile_base_k8s | 11 ++++ Dockerfile_dev => containers/Dockerfile_dev | 0 Dockerfile_k8s => containers/Dockerfile_k8s | 0 .../Dockerfile_k8s_dev | 0 .../container-startup | 0 tests/test_webui.py | 2 +- 13 files changed, 89 insertions(+), 29 deletions(-) rename Dockerfile => containers/Dockerfile (88%) create mode 100644 containers/Dockerfile_base create mode 100644 containers/Dockerfile_base_k8s rename Dockerfile_dev => containers/Dockerfile_dev (100%) rename Dockerfile_k8s => containers/Dockerfile_k8s (100%) rename Dockerfile_k8s_dev => containers/Dockerfile_k8s_dev (100%) rename container-startup => containers/container-startup (100%) diff --git a/.dockerignore b/.dockerignore index f2f3a83c..c6cdb049 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,7 +1,11 @@ # Ignore git, data and cache files .git +.github .cache +.pytest_cache + __pycache__ /db +/tests # Also ignore templates /templates diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 57d26252..3d87af17 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - suffix: [main, k8s] + suffix: [main, k8s, base_main, base_k8s] permissions: contents: read packages: write @@ -48,26 +48,44 @@ jobs: uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 with: context: . - file: Dockerfile + file: containers/Dockerfile push: false tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - name: Build Docker image (K8S_GCE) + - name: Build Docker image (K8S) if: ${{ matrix.suffix == 'k8s' }} uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 with: context: . - file: Dockerfile_${{ matrix.suffix }} + file: containers/Dockerfile_${{ matrix.suffix }} push: false tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + labels: ${{ steps.meta.outputs.labels }} + - name: Build Docker image (PCW Base) + if: ${{ matrix.suffix == 'base_main' }} + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 + with: + context: . + file: containers/Dockerfile_base + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Build Docker image (K8S Base) + if: ${{ matrix.suffix == 'base_k8s' }} + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 + with: + context: . + file: containers/Dockerfile_${{ matrix.suffix }} + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-and-push: if: ${{ github.event_name == 'release' }} runs-on: ubuntu-latest strategy: matrix: - suffix: [main, k8s] + suffix: [main, k8s, base_main, base_k8s] permissions: contents: read packages: write @@ -94,16 +112,34 @@ jobs: uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 with: context: . - file: Dockerfile + file: containers/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - name: Build and push Docker image (K8S_GCE) + - name: Build and push Docker image (K8S) if: ${{ matrix.suffix == 'k8s' }} uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 with: context: . - file: Dockerfile_${{ matrix.suffix }} + file: containers/Dockerfile_${{ matrix.suffix }} push: true tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + labels: ${{ steps.meta.outputs.labels }} + - name: Build and push Docker image (PCW Base) + if: ${{ matrix.suffix == 'base_main' }} + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 + with: + context: . + file: containers/Dockerfile_base + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Build and push Docker image (K8S) + if: ${{ matrix.suffix == 'base_k8s' }} + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 + with: + context: . + file: containers/Dockerfile_${{ matrix.suffix }} + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9dafc912..02eb713f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -41,13 +41,19 @@ jobs: - uses: actions/checkout@v4 - uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: 'Dockerfile' + dockerfile: 'containers/Dockerfile' - uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: 'Dockerfile_dev' + dockerfile: 'containers/Dockerfile_dev' - uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: 'Dockerfile_k8s' + dockerfile: 'containers/Dockerfile_k8s' - uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: 'Dockerfile_k8s_dev' + dockerfile: 'containers/Dockerfile_k8s_dev' + - uses: hadolint/hadolint-action@v3.1.0 + with: + dockerfile: 'containers/Dockerfile_base' + - uses: hadolint/hadolint-action@v3.1.0 + with: + dockerfile: 'containers/Dockerfile_base_k8s' diff --git a/Makefile b/Makefile index 1adb23d0..b17fbece 100644 --- a/Makefile +++ b/Makefile @@ -28,17 +28,17 @@ codecov: # Build containers docker-container: - docker build . -t ${CONT_TAG} + docker build . -t ${CONT_TAG} -f containers/Dockerfile podman-container: - podman build . -t ${CONT_TAG} + podman build . -t ${CONT_TAG} -f containers/Dockerfile podman-container-devel: - podman build -f Dockerfile_dev -t pcw-devel + podman build . -f containers/Dockerfile_dev -t pcw-devel podman-container-k8s: - podman build -f Dockerfile_k8s -t pcw-k8s-cleaner + podman build . -f containers/Dockerfile_k8s -t pcw-k8s-cleaner podman-container-k8s-devel: - podman build -f Dockerfile_k8s_dev -t pcw-k8s-cleaner-devel + podman build . -f containers/Dockerfile_k8s_dev -t pcw-k8s-cleaner-devel # Container linting .PHONY: container-lint -container-lint: Dockerfile* - hadolint Dockerfile* +container-lint: containers/Dockerfile* + hadolint containers/Dockerfile* diff --git a/README.md b/README.md index ff355abf..d9210347 100644 --- a/README.md +++ b/README.md @@ -128,7 +128,7 @@ podman exec pcw /pcw/container-startup createuser admin USE_A_STRONG_PASSWORD ## Devel version of container -There is [devel version](Dockerfile_dev) of container file. Main difference is that source files are not copied into image but expected to be mounted via volume. This ease development in environment close as much as possible to production run. +There is [devel version](containers/Dockerfile_dev) of container file. Main difference is that source files are not copied into image but expected to be mounted via volume. This ease development in environment close as much as possible to production run. Expected use would be : diff --git a/Dockerfile b/containers/Dockerfile similarity index 88% rename from Dockerfile rename to containers/Dockerfile index e7dda81f..3f3638e0 100644 --- a/Dockerfile +++ b/containers/Dockerfile @@ -1,10 +1,5 @@ FROM registry.suse.com/bci/python:3.11 -ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 UWSGI_WSGI_FILE=/pcw/webui/wsgi.py UWSGI_MASTER=1 -ENV UWSGI_HTTP_AUTO_CHUNKED=1 UWSGI_HTTP_KEEPALIVE=1 UWSGI_LAZY_APPS=1 UWSGI_WSGI_ENV_BEHAVIOR=holy - -## System preparation steps ################################################# ## - # We do the whole installation and configuration in one layer: COPY requirements.txt /pcw/ # * Install system requirements @@ -17,7 +12,7 @@ RUN source /etc/os-release && zypper addrepo -G -cf "https://download.opensuse.o # Copy program files only COPY ocw /pcw/ocw/ COPY webui /pcw/webui/ -COPY container-startup manage.py LICENSE README.md setup.cfg pyproject.toml /pcw/ +COPY containers/container-startup manage.py LICENSE /pcw/ WORKDIR /pcw @@ -32,6 +27,8 @@ EXPOSE 8000/tcp # Required to use system certs in python-requests ENV REQUESTS_CA_BUNDLE=/etc/ssl/ca-bundle.pem +ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 UWSGI_WSGI_FILE=/pcw/webui/wsgi.py UWSGI_MASTER=1 +ENV UWSGI_HTTP_AUTO_CHUNKED=1 UWSGI_HTTP_KEEPALIVE=1 UWSGI_LAZY_APPS=1 UWSGI_WSGI_ENV_BEHAVIOR=holy # Once we are certain that this runs nicely, replace this with ENTRYPOINT. ENTRYPOINT ["/pcw/container-startup", "run"] diff --git a/containers/Dockerfile_base b/containers/Dockerfile_base new file mode 100644 index 00000000..3cacfe6c --- /dev/null +++ b/containers/Dockerfile_base @@ -0,0 +1,6 @@ +FROM registry.suse.com/bci/python:3.11 + +COPY requirements.txt /pcw/ +RUN source /etc/os-release && zypper addrepo -G -cf "https://download.opensuse.org/repositories/SUSE:/CA/$VERSION_ID/SUSE:CA.repo" && \ + zypper -n in ca-certificates-suse gcc libffi-devel && \ + pip install --no-cache-dir wheel && pip install --no-cache-dir -r /pcw/requirements.txt && zypper clean && rm -rf /var/cache diff --git a/containers/Dockerfile_base_k8s b/containers/Dockerfile_base_k8s new file mode 100644 index 00000000..ec4d590a --- /dev/null +++ b/containers/Dockerfile_base_k8s @@ -0,0 +1,11 @@ +FROM registry.suse.com/bci/python:3.11 + +RUN zypper -n in gcc tar gzip kubernetes1.24-client aws-cli && zypper clean && rm -rf /var/cache + +# Google cli installation +RUN curl -sf https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-415.0.0-linux-x86_64.tar.gz | tar -zxf - -C /opt \ +&& /opt/google-cloud-sdk/bin/gcloud components install gke-gcloud-auth-plugin + +# Install python dependences +COPY requirements_k8s.txt /pcw/ +RUN pip install --no-cache-dir wheel && pip install --no-cache-dir -r /pcw/requirements_k8s.txt \ No newline at end of file diff --git a/Dockerfile_dev b/containers/Dockerfile_dev similarity index 100% rename from Dockerfile_dev rename to containers/Dockerfile_dev diff --git a/Dockerfile_k8s b/containers/Dockerfile_k8s similarity index 100% rename from Dockerfile_k8s rename to containers/Dockerfile_k8s diff --git a/Dockerfile_k8s_dev b/containers/Dockerfile_k8s_dev similarity index 100% rename from Dockerfile_k8s_dev rename to containers/Dockerfile_k8s_dev diff --git a/container-startup b/containers/container-startup similarity index 100% rename from container-startup rename to containers/container-startup diff --git a/tests/test_webui.py b/tests/test_webui.py index c80b5cef..aaa784a7 100644 --- a/tests/test_webui.py +++ b/tests/test_webui.py @@ -59,7 +59,7 @@ def image(random_port, client): try: client.images.build( path=".", - dockerfile="Dockerfile", + dockerfile="containers/Dockerfile", tag=image_name, ) except APIError as exc: