-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Dockerfile for improved workflow with VS Code Dev Containers
Additionally, move gunicorn config to a config file and run app under dedicated user account.
- Loading branch information
Showing
3 changed files
with
47 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,8 @@ | ||
| { | ||
| "dockerFile": "../Dockerfile", | ||
| "build": { | ||
| "target": "dev" | ||
| }, | ||
| "context": "..", | ||
| "forwardPorts": [8080,8080] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,21 +1,52 @@ | ||
| # Use an official Python runtime as a parent image | ||
| FROM python:3.12-alpine | ||
| ################ | ||
| ## Base Stage ## | ||
| ################ | ||
| # Use an official Python runtime as the base image | ||
| FROM python:3.12-alpine AS base | ||
|
|
||
| # Set the working directory in the container | ||
| # Allow stdout from python app through to docker logs | ||
| ENV PYTHONUNBUFFERED=1 | ||
|
|
||
| # Define the working directory | ||
| WORKDIR /app | ||
|
|
||
| # Copy the current directory contents into the container at /app | ||
| COPY . /app | ||
|
|
||
| # Install available updates and python packages from requirements.txt | ||
| # Install available updates, python packages from requirements.txt | ||
| # and create app user | ||
| RUN set -ex \ | ||
| && apk upgrade --available --no-cache \ | ||
| && rm -rf /var/cache/apk/* \ | ||
| && pip install --no-cache-dir -r requirements.txt \ | ||
| && pip cache purge | ||
| && pip cache purge \ | ||
| && adduser -D app | ||
|
|
||
| # Expose port 8080 | ||
| EXPOSE 8080 | ||
|
|
||
| # Run the python app with gunicorn and bind to port 8080 | ||
| CMD ["gunicorn", "-w", "2", "--error-logfile", "-", "--log-level", "debug", "-b", "0.0.0.0:8080", "app:app"] | ||
| ############### | ||
| ## Dev Stage ## | ||
| ############### | ||
| FROM base AS dev | ||
|
|
||
| # Install development tools | ||
| RUN set -ex \ | ||
| && apk add git \ | ||
| && rm -rf /var/cache/apk/* \ | ||
| && pip install --no-cache-dir pylint pytest pytest-flask \ | ||
| && pip cache purge | ||
|
|
||
| # Add environment variables | ||
| ENV PYTHONDONTWRITEBYTECODE=1 | ||
|
|
||
| ################ | ||
| ## Prod Stage ## | ||
| ################ | ||
| FROM base AS prod | ||
|
|
||
| # Run app as 'app' user | ||
| USER app | ||
|
|
||
| # Run the python app with gunicorn (settings are in gunicorn.conf.py) | ||
| CMD ["gunicorn", "app:app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| workers = 1 | ||
| accesslog = '-' | ||
| errorlog = '-' | ||
| #loglevel = 'debug' | ||
| access_log_format = '%({x-forwarded-for}i)s %(l)s %(t)s %(r)s %(s)s %(b)s %(f)s %(a)s' | ||
| bind = ['0.0.0.0:8080'] |