Update template files and dependencies (#26)

.github/workflows/ci_release.yaml

@@ -8,6 +8,10 @@ jobs:
   push_to_docker_hub:
     name: Push to Docker Hub
 
+    strategy:
+      matrix:
+        flavor: ["", "debian"]
+
     runs-on: ubuntu-latest
 
     steps:
@@ -16,3 +20,4 @@ jobs:
           tag: ${{ github.event.release.tag_name }}
           dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
           dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }}
+          flavor: ${{ matrix.flavor }}

.pre-commit-config.yaml

@@ -45,13 +45,13 @@ repos:
       - id: no-commit-to-branch
         args: [--branch, dev, --branch, int, --branch, main]
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.5.4
+    rev: v0.5.7
     hooks:
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix]
       - id: ruff-format
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.11.0
+    rev: v1.11.1
     hooks:
       - id: mypy
         args: [--no-warn-unused-ignores]

.pyproject_generation/pyproject_custom.toml

@@ -1,6 +1,6 @@
 [project]
 name = "wps"
-version = "2.0.4"
+version = "2.0.5"
 description = "Work Package Service"
 dependencies = [
     "ghga-event-schemas~=3.3.1",

.template/mandatory_files.txt

@@ -23,6 +23,7 @@ lock/requirements-dev.txt
 lock/requirements.txt
 
 Dockerfile
+Dockerfile.debian
 config_schema.json
 example_config.yaml
 LICENSE

Dockerfile

@@ -13,36 +13,37 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-## creating building container
-FROM python:3.12-slim-bookworm AS builder
-# update and install dependencies
-RUN apt update
-RUN apt upgrade -y
+# BASE: a base image with updated packages
+FROM python:3.12-alpine AS base
+RUN apk upgrade --no-cache --available
+
+# BUILDER: a container to build the service wheel
+FROM base AS builder
 RUN pip install build
-# copy code
 COPY . /service
 WORKDIR /service
-# build wheel
 RUN python -m build
 
-# creating running container
-FROM python:3.12-slim-bookworm
-# update and install dependencies
-RUN apt update
-RUN apt upgrade -y
-# copy and install requirements and wheel
+# DEP-BUILDER: a container to (build and) install dependencies
+FROM base AS dep-builder
+RUN apk update
+RUN apk add build-base gcc g++ libffi-dev zlib-dev
+RUN apk upgrade --available
 WORKDIR /service
 COPY --from=builder /service/lock/requirements.txt /service
 RUN pip install --no-deps -r requirements.txt
-RUN rm requirements.txt
+
+# RUNNER: a container to run the service
+FROM base AS runner
+WORKDIR /service
+RUN rm -rf /usr/local/lib/python3.12
+COPY --from=dep-builder /usr/local/lib/python3.12 /usr/local/lib/python3.12
 COPY --from=builder /service/dist/ /service
 RUN pip install --no-deps *.whl
 RUN rm *.whl
-# create new user and execute as that user
-RUN useradd --create-home appuser
+RUN adduser -D appuser
 WORKDIR /home/appuser
 USER appuser
-# set environment
 ENV PYTHONUNBUFFERED=1
 
 ENTRYPOINT ["wps"]

Dockerfile.debian

@@ -0,0 +1,49 @@
+# Copyright 2021 - 2024 Universität Tübingen, DKFZ, EMBL, and Universität zu Köln
+# for the German Human Genome-Phenome Archive (GHGA)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+## creating building container
+FROM python:3.12-slim-bookworm AS builder
+# update and install dependencies
+RUN apt update
+RUN apt upgrade -y
+RUN pip install build
+# copy code
+COPY . /service
+WORKDIR /service
+# build wheel
+RUN python -m build
+
+# creating running container
+FROM python:3.12-slim-bookworm
+# update and install dependencies
+RUN apt update
+RUN apt upgrade -y
+# copy and install requirements and wheel
+WORKDIR /service
+COPY --from=builder /service/lock/requirements.txt /service
+RUN pip install --no-deps -r requirements.txt
+RUN rm requirements.txt
+COPY --from=builder /service/dist/ /service
+RUN pip install --no-deps *.whl
+RUN rm *.whl
+# create new user and execute as that user
+RUN useradd --create-home appuser
+WORKDIR /home/appuser
+USER appuser
+# set environment
+ENV PYTHONUNBUFFERED=1
+
+ENTRYPOINT ["wps"]
+CMD ["run-rest"]

README.md

@@ -52,21 +52,21 @@ We recommend using the provided Docker container.
 
 A pre-build version is available at [docker hub](https://hub.docker.com/repository/docker/ghga/work-package-service):
 ```bash
-docker pull ghga/work-package-service:2.0.4
+docker pull ghga/work-package-service:2.0.5
 ```
 
 Or you can build the container yourself from the [`./Dockerfile`](./Dockerfile):
 ```bash
 # Execute in the repo's root dir:
-docker build -t ghga/work-package-service:2.0.4 .
+docker build -t ghga/work-package-service:2.0.5 .
 ```
 
 For production-ready deployment, we recommend using Kubernetes, however,
 for simple use cases, you could execute the service using docker
 on a single server:
 ```bash
 # The entrypoint is preconfigured:
-docker run -p 8080:8080 ghga/work-package-service:2.0.4 --help
+docker run -p 8080:8080 ghga/work-package-service:2.0.5 --help
 ```
 
 If you prefer not to use containers, you may install the service from source:
@@ -87,7 +87,7 @@ The service requires the following configuration parameters:
 
 - **`service_name`** *(string)*: Default: `"wps"`.
 
-- **`service_instance_id`** *(string)*: A string that uniquely identifies this instance across all instances of this service. A globally unique Kafka client ID will be created by concatenating the service_name and the service_instance_id.
+- **`service_instance_id`** *(string, required)*: A string that uniquely identifies this instance across all instances of this service. A globally unique Kafka client ID will be created by concatenating the service_name and the service_instance_id.
 
 
   Examples:
@@ -126,7 +126,7 @@ The service requires the following configuration parameters:
 
 - **`work_package_valid_days`** *(integer)*: How many days a work package (and its access token) stays valid. Default: `30`.
 
-- **`work_package_signing_key`** *(string, format: password)*: The private key for signing work order tokens.
+- **`work_package_signing_key`** *(string, format: password, required)*: The private key for signing work order tokens.
 
 
   Examples:
@@ -136,7 +136,7 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`db_connection_str`** *(string, format: password)*: MongoDB connection string. Might include credentials. For more information see: https://naiveskill.com/mongodb-connection-string/.
+- **`db_connection_str`** *(string, format: password, required)*: MongoDB connection string. Might include credentials. For more information see: https://naiveskill.com/mongodb-connection-string/.
 
 
   Examples:
@@ -148,7 +148,7 @@ The service requires the following configuration parameters:
 
 - **`db_name`** *(string)*: Default: `"work-packages"`.
 
-- **`kafka_servers`** *(array)*: A list of connection strings to connect to Kafka bootstrap servers.
+- **`kafka_servers`** *(array, required)*: A list of connection strings to connect to Kafka bootstrap servers.
 
   - **Items** *(string)*
 
@@ -187,7 +187,22 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`dataset_change_event_topic`** *(string)*: Name of the topic for events that inform about datasets.
+- **`kafka_max_message_size`** *(integer)*: The largest message size that can be transmitted, in bytes. Only services that have a need to send/receive larger messages should set this. Exclusive minimum: `0`. Default: `1048576`.
+
+
+  Examples:
+
+  ```json
+  1048576
+  ```
+
+
+  ```json
+  16777216
+  ```
+
+
+- **`dataset_change_event_topic`** *(string, required)*: Name of the topic for events that inform about datasets.
 
 
   Examples:
@@ -197,7 +212,7 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`dataset_upsertion_event_type`** *(string)*: The type of events that inform about new and changed datasets.
+- **`dataset_upsertion_event_type`** *(string, required)*: The type of events that inform about new and changed datasets.
 
 
   Examples:
@@ -207,7 +222,7 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`dataset_deletion_event_type`** *(string)*: The type of events that inform about deleted datasets.
+- **`dataset_deletion_event_type`** *(string, required)*: The type of events that inform about deleted datasets.
 
 
   Examples:
@@ -217,7 +232,7 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`download_access_url`** *(string)*: URL pointing to the internal download access API.
+- **`download_access_url`** *(string, required)*: URL pointing to the internal download access API.
 
 
   Examples:
@@ -227,7 +242,7 @@ The service requires the following configuration parameters:
   ```
 
 
-- **`auth_key`** *(string)*: The GHGA internal public key for validating the token signature.
+- **`auth_key`** *(string, required)*: The GHGA internal public key for validating the token signature.
 
 
   Examples:

config_schema.json

@@ -1,6 +1,6 @@
 {
   "additionalProperties": false,
-  "description": "Modifies the orginal Settings class provided by the user",
+  "description": "Modifies the original Settings class provided by the user",
   "properties": {
     "log_level": {
       "default": "INFO",
@@ -154,6 +154,17 @@
       "title": "Generate Correlation Id",
       "type": "boolean"
     },
+    "kafka_max_message_size": {
+      "default": 1048576,
+      "description": "The largest message size that can be transmitted, in bytes. Only services that have a need to send/receive larger messages should set this.",
+      "examples": [
+        1048576,
+        16777216
+      ],
+      "exclusiveMinimum": 0,
+      "title": "Kafka Max Message Size",
+      "type": "integer"
+    },
     "dataset_change_event_topic": {
       "description": "Name of the topic for events that inform about datasets.",
       "examples": [

example_config.yaml

@@ -24,6 +24,7 @@ docs_url: /docs
 download_access_url: http://127.0.0.1:8080/download-access
 generate_correlation_id: true
 host: 127.0.0.1
+kafka_max_message_size: 1048576
 kafka_security_protocol: PLAINTEXT
 kafka_servers:
 - kafka:9092