|
1 | 1 | # Dockerfile for uWSGI wrapped Giftless Git LFS Server |
| 2 | +# Shared build ARGs among stages |
| 3 | +ARG WORKDIR=/app |
| 4 | +ARG VENV="$WORKDIR/.venv" |
| 5 | +ARG UV_VERSION=0.5.16 |
2 | 6 |
|
3 | | -### --- Build Depdendencies --- |
4 | | - |
5 | | -FROM python:3.12 as builder |
6 | | -MAINTAINER "Shahar Evron <[email protected]>" |
7 | | - |
8 | | -# Build wheels for uWSGI and all requirements |
9 | | -RUN DEBIAN_FRONTEND=noninteractive apt-get update \ |
10 | | - && apt-get install -y build-essential libpcre3 libpcre3-dev git |
11 | | -RUN pip install -U pip |
12 | | -RUN mkdir /wheels |
| 7 | +### Distroless uv version layer to be copied from (because COPY --from does not interpolate variables) |
| 8 | +FROM ghcr.io/astral-sh/uv:$UV_VERSION AS uv |
13 | 9 |
|
| 10 | +### --- Build Depdendencies --- |
| 11 | +FROM python:3.12 AS builder |
14 | 12 | ARG UWSGI_VERSION=2.0.23 |
15 | | -RUN pip wheel -w /wheels uwsgi==$UWSGI_VERSION |
16 | | - |
17 | | -COPY requirements/main.txt /requirements.txt |
18 | | -RUN pip wheel -w /wheels -r /requirements.txt |
| 13 | +# Common WSGI middleware modules to be pip-installed |
| 14 | +# These are not required in every Giftless installation but are common enough |
| 15 | +ARG EXTRA_PACKAGES="wsgi_cors_middleware" |
| 16 | +# expose shared ARGs |
| 17 | +ARG WORKDIR |
| 18 | +ARG VENV |
| 19 | + |
| 20 | +# Set WORKDIR (also creates the dir) |
| 21 | +WORKDIR $WORKDIR |
| 22 | + |
| 23 | +# Install packages to build wheels for uWSGI and other requirements |
| 24 | +RUN set -eux ;\ |
| 25 | + export DEBIAN_FRONTEND=noninteractive ;\ |
| 26 | + apt-get update ;\ |
| 27 | + apt-get install -y --no-install-recommends build-essential libpcre3 libpcre3-dev git ;\ |
| 28 | + rm -rf /var/lib/apt/lists/* |
| 29 | + |
| 30 | +# Install uv to replace pip & friends |
| 31 | +COPY --from=uv /uv /uvx /bin/ |
| 32 | + |
| 33 | +# Set a couple uv-related settings |
| 34 | +# Wait a bit longer for slow connections |
| 35 | +ENV UV_HTTP_TIMEOUT=100 |
| 36 | +# Don't cache packages |
| 37 | +ENV UV_NO_CACHE=1 |
| 38 | + |
| 39 | +# Create virtual env to store dependencies, "activate" it |
| 40 | +RUN uv venv "$VENV" |
| 41 | +ENV VIRTUAL_ENV="$VENV" PATH="$VENV/bin:$PATH" |
| 42 | + |
| 43 | +# Install runtime dependencies |
| 44 | +RUN --mount=target=/build-ctx \ |
| 45 | + uv pip install -r /build-ctx/requirements/main.txt |
| 46 | +RUN uv pip install uwsgi==$UWSGI_VERSION |
| 47 | +# Install extra packages into the virtual env |
| 48 | +RUN uv pip install ${EXTRA_PACKAGES} |
| 49 | + |
| 50 | +# Copy project contents necessary for an editable install |
| 51 | +COPY .git .git/ |
| 52 | +COPY giftless giftless/ |
| 53 | +COPY pyproject.toml . |
| 54 | +# Editable-install the giftless package (add a kind of a project path reference in site-packages) |
| 55 | +# To detect the package version dynamically, setuptools-scm needs the git binary |
| 56 | +RUN uv pip install -e . |
19 | 57 |
|
20 | 58 | ### --- Build Final Image --- |
21 | | - |
22 | | -FROM python:3.12-slim |
23 | | - |
24 | | -RUN DEBIAN_FRONTEND=noninteractive apt-get update \ |
25 | | - && apt-get install -y libpcre3 libxml2 tini git \ |
26 | | - && apt-get clean \ |
27 | | - && apt -y autoremove |
28 | | - |
29 | | -RUN mkdir /app |
30 | | - |
31 | | -# Install dependencies |
32 | | -COPY --from=builder /wheels /wheels |
33 | | -RUN pip install /wheels/*.whl |
34 | | - |
35 | | -# Copy project code |
36 | | -COPY . /app |
37 | | -RUN pip install -e /app |
| 59 | +FROM python:3.12-slim AS final |
| 60 | +LABEL org.opencontainers.image.authors= "Shahar Evron <[email protected]>" |
38 | 61 |
|
39 | 62 | ARG USER_NAME=giftless |
| 63 | +# Writable path for local LFS storage |
40 | 64 | ARG STORAGE_DIR=/lfs-storage |
41 | | -ENV GIFTLESS_TRANSFER_ADAPTERS_basic_options_storage_options_path $STORAGE_DIR |
42 | | - |
43 | | -RUN useradd -d /app $USER_NAME |
44 | | -RUN mkdir $STORAGE_DIR |
45 | | -RUN chown $USER_NAME $STORAGE_DIR |
46 | | - |
47 | | -# Pip-install some common WSGI middleware modules |
48 | | -# These are not required in every Giftless installation but are common enough |
49 | | -ARG EXTRA_PACKAGES="wsgi_cors_middleware" |
50 | | -RUN pip install ${EXTRA_PACKAGES} |
51 | | - |
| 65 | +# expose shared ARGs |
| 66 | +ARG WORKDIR |
| 67 | +ARG VENV |
| 68 | + |
| 69 | +# Set WORKDIR (also creates the dir) |
| 70 | +WORKDIR $WORKDIR |
| 71 | + |
| 72 | +# Create a user and set local storage write permissions |
| 73 | +RUN set -eux ;\ |
| 74 | + useradd -d "$WORKDIR" "$USER_NAME" ;\ |
| 75 | + mkdir "$STORAGE_DIR" ;\ |
| 76 | + chown "$USER_NAME" "$STORAGE_DIR" |
| 77 | + |
| 78 | +# Install runtime dependencies |
| 79 | +RUN set -eux ;\ |
| 80 | + export DEBIAN_FRONTEND=noninteractive ;\ |
| 81 | + apt-get update ;\ |
| 82 | + apt-get install -y libpcre3 libxml2 tini ;\ |
| 83 | + rm -rf /var/lib/apt/lists/* |
| 84 | + |
| 85 | +# Use the virtual env with dependencies from builder stage |
| 86 | +COPY --from=builder "$VENV" "$VENV" |
| 87 | +ENV VIRTUAL_ENV="$VENV" PATH="$VENV/bin:$PATH" |
| 88 | +# Copy project source back into the same path referenced by the editable install |
| 89 | +COPY --from=builder "$WORKDIR/giftless" "giftless" |
| 90 | + |
| 91 | +# Set runtime properties |
52 | 92 | USER $USER_NAME |
| 93 | +ENV GIFTLESS_TRANSFER_ADAPTERS_basic_options_storage_options_path="$STORAGE_DIR" |
| 94 | +ENV UWSGI_MODULE="giftless.wsgi_entrypoint" |
53 | 95 |
|
54 | | -WORKDIR /app |
55 | | - |
56 | | -ENV UWSGI_MODULE "giftless.wsgi_entrypoint" |
57 | | - |
58 | | -ENTRYPOINT ["tini", "uwsgi", "--"] |
| 96 | +ENTRYPOINT ["tini", "--", "uwsgi"] |
59 | 97 | CMD ["-s", "127.0.0.1:5000", "-M", "-T", "--threads", "2", "-p", "2", \ |
60 | 98 | "--manage-script-name", "--callable", "app"] |
61 | 99 |
|
|
0 commit comments