-
-
Notifications
You must be signed in to change notification settings - Fork 232
Expand file tree
/
Copy pathDockerfile_incl
More file actions
82 lines (68 loc) · 2.66 KB
/
Dockerfile_incl
File metadata and controls
82 lines (68 loc) · 2.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# syntax=docker/dockerfile:1
# Dockerfile_incl is built as the `commcarehq_incl` image, and is used
# for running a simple but complete CommCare HQ environment that
# includes Pillowtop and Celery containers.
FROM ghcr.io/astral-sh/uv:0.7.17-python3.13-bookworm-slim
LABEL org.opencontainers.image.authors="Dimagi <devops@dimagi.com>"
ENV PYTHONUNBUFFERED=1 \
PYTHONUSERBASE=/vendor \
PATH=/vendor/bin:$PATH \
NODE_VERSION=24.11.1 \
# Compile bytecode during installation to improve startup time. Also
# suppresses a couchdbkit syntax error that happens during bytecode
# compilation.
UV_COMPILE_BYTECODE=1 \
# Copy from the cache instead of linking since it's a mounted volume
UV_LINK_MODE=copy \
UV_PROJECT_ENVIRONMENT=/vendor
RUN mkdir /vendor
RUN apt-get update \
&& apt-get install -y --no-install-recommends curl gnupg \
&& curl https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
&& sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
# allows uv to build dependencies; increases image size by 240 MB
build-essential \
bzip2 \
default-jre \
gettext \
git \
google-chrome-stable \
libmagic1 \
libpq5 \
# for xmlsec on Python 3.13
libxml2 libxmlsec1 libxmlsec1-openssl \
make \
&& rm -rf /var/lib/apt/lists/* /src/*.deb
# Deletes all package sources, so don't apt-get install anything after this:
RUN rm -rf /var/lib/apt/lists/* /src/*.deb
# Install Node
RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.gz" && \
tar -xzf "node-v$NODE_VERSION-linux-x64.tar.gz" -C /usr/local --strip-components=1 && \
rm "node-v$NODE_VERSION-linux-x64.tar.gz"
RUN npm -g install \
yarn \
bower \
grunt-cli \
uglify-js
# prefer https for git checkouts made by pip
RUN git config --global url."https://".insteadOf git://
WORKDIR /vendor
# setup venv
COPY .python-version pyproject.toml uv.lock /tmp-project/
RUN --mount=type=cache,target=/root/.cache/uv \
uv sync --locked --group=prod --no-dev --project=/tmp-project --no-install-project \
&& rm -rf /tmp-project
RUN mkdir /sharedfiles
RUN groupadd -r cchq && \
useradd -r -m -g cchq cchq && \
chown cchq:cchq /vendor /sharedfiles
USER cchq:cchq
COPY --chown=cchq:cchq package.json /vendor/
RUN npm shrinkwrap && \
yarn global add phantomjs-prebuilt
COPY --chown=cchq:cchq . /vendor/
COPY --chown=cchq:cchq docker/min_settings.py /vendor/localsettings.py
RUN mkdir /vendor/log
RUN python manage.py collectstatic --noinput