feat(docker): add docker compose setup for api-tools#46
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a Docker-based workflow for running the API-tools FastAPI service via docker compose, alongside the existing uv-based local run flow, with supporting docs and environment templates.
Changes:
- Introduces a multi-stage
Dockerfilethat installs deps viauv syncand runsuvicornin a slim runtime image. - Adds
docker-compose.yml,.env.example, and.dockerignoreto support one-command local startup. - Updates
README.mdwith standalone local-dev and Docker run instructions.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
README.md |
Documents local uv workflow and new docker compose workflow. |
Dockerfile |
Adds multi-stage build for a slim runtime image using uv dependency sync. |
docker-compose.yml |
Adds a single api-tools service with .env loading and localhost-only port binding. |
.env.example |
Provides a template for required runtime environment variables. |
.dockerignore |
Reduces Docker build context by excluding VCS and local/dev artifacts. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- ignore .env/.env.* in build context to prevent secret leakage - pin uv to 0.9.0 for reproducible builds - scope compileall + .py deletion to app code, skipping .venv - consolidate uvicorn invocation in README (single dev command) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
@codex review |
|
Codex Review: Didn't find any major issues. 🎉 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
X_API_KEY, ALLOW_ORIGINS, and ALLOWED_HOSTS are no longer read by the service after the auth/CORS/TrustedHost middleware was removed; only YAHOO_API_KEY (asserted at startup) and API_TOOLS_PORT (compose host-side bind) remain. Sync the docs to match the code. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Lets the sibling jpcorrect-backend container reach api-tools by name without exposing port 8000 on the host's non-loopback interfaces.
🛡️ PR Quality Check Summary✅ PR Title: Passed (Length: 52/75, Format: OK). 🎉 All checks passed! |
目的
Provide a Docker-based workflow for running the
API-toolsPython service standalone, alongside the existinguv runflow, so contributors can spin it up with a singledocker compose up.方法/實作說明
新增 Docker 相關設定檔,並在 README 補上對應的執行說明與
.env.example範本。額外從feat/disable-auth(remote 分支已於 cherry-pick 後刪除)cherry-pick 兩個 commit —f3e708d→36748e6(移除 auth middleware)與ac5e346→7b8a0a6(移除slowapi)— 把API-tools內既有的X-API-KEY驗證、CORS/TrustedHost/rate-limit middleware 全數移除,與上游 backend 端「停用驗證」的方向對齊;連帶把.env.example與 README 的 env 區塊收斂到實際還會被讀的兩個變數。Docker 設定:
Dockerfile: multi-stage build usingpython:3.11-slim+uv sync --frozen --no-dev, compiles.py→.pycand drops sources in the runtime imagedocker-compose.yml: singleapi-toolsservice, binds127.0.0.1:${API_TOOLS_PORT:-8000}:8000, loads.env.dockerignore: excludes git/venv/cache/deploy-only files from the build contextREADME.md: documents both the localuv run uvicornworkflow and the newdocker compose up -d --buildworkflow關鍵實作:
uv sync --no-install-projectso the venv layer is cached independently of source changes.venv, compiledmain.pyc, and theapi/configpackages — keeps the image lean127.0.0.1only, matching the existing local-dev conventionAuth/middleware 移除(cherry-picked from
feat/disable-auth,原 remote 分支已刪除;本分支 commit36748e6+7b8a0a6):main.py: 移除APIKeyHeader(X-API-KEY)驗證、CORSMiddleware、TrustedHostMiddleware、SlowAPIMiddleware/Limiter等所有 middleware 設定;五個 router (accent_marker、furigana_marker、usage_query、dict_query、sentence_query) 不再帶Depends(get_api_key)config/settings.py: 移除X_API_KEY、ALLOW_ORIGINS、ALLOWED_HOSTS三個 env 讀取與assert,僅保留YAHOO_API_KEYpyproject.toml/uv.lock: 移除slowapi(連帶limits、deprecated、wrapt、packaging等遞迴相依套件)CLIENT_API_KEYmiddleware) 以及 compose 預設127.0.0.1bind 把外網阻擋掉Docs/env 收斂:
.env.example: 只保留YAHOO_API_KEY(app 啟動會assert)與API_TOOLS_PORT(compose host-side bind,預設 8000);移除已不再被讀的X_API_KEY/ALLOW_ORIGINS/ALLOWED_HOSTSREADME.md: 同步 env 範例區塊,並補一行說明這個服務已不再做驗證/CORS/trusted-host,預期跑在 parent backend 後面或私網內關聯 Issue
Refs sessatakuma/jpcorrect-backend#37 — parent-repo issue covering self-host on tuf + CD build. This PR provides the standalone Docker setup that the parent repo's deploy stack relies on. Closing happens from the parent repo's PR (sessatakuma/jpcorrect-backend#38), since GitHub does not auto-close cross-repo references.
附註
API-toolsonly; the Go backend stack lives in the parent repo'scompose.deploy.yml.🤖 Generated with Claude Code