Skip to content

Commit

Permalink
Merge pull request #341 from nitekot/docker-uvicorn
Browse files Browse the repository at this point in the history 
Docker as one uvicorn service
  • Loading branch information
@olexh
olexh authored Sep 1, 2024
2 parents 56a7359 + 7c5921e commit 01bfb7d
Show file tree
Hide file tree
Showing 5 changed files with 712 additions and 625 deletions.
22 changes: 14 additions & 8 deletions .github/workflows/docker-publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,21 +28,19 @@ jobs:
# Install the cosign tool except on PR
# https://github.com/sigstore/cosign-installer
- name: Install cosign
if: github.event_name != 'pull_request'
uses: sigstore/[email protected]
uses: sigstore/[email protected]
with:
cosign-release: 'v2.3.0'
cosign-release: 'v2.4.0'

# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.5.0
uses: docker/setup-buildx-action@v3.6.1

# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY }}
Expand All @@ -61,10 +59,10 @@ jobs:
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v6.5.0
uses: docker/build-push-action@v6.7.0
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
Expand All @@ -76,11 +74,19 @@ jobs:
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
- name: Sign the published Docker image
if: ${{ github.event_name != 'pull_request' }}
env:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

# Delete old package versions
# https://github.com/actions/delete-package-versions
- name: Delete old package versions
uses: actions/delete-package-versions@v5
with:
package-name: 'hikka'
package-type: 'container'
min-versions-to-keep: 8
31 changes: 26 additions & 5 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,20 @@
FROM python:3.11-slim-buster
FROM python:3.12.5-alpine3.20 as base

Check warning on line 1 in Dockerfile

View workflow job for this annotation

GitHub Actions / Build and push Docker image

The 'as' keyword should match the case of the 'from' keyword 

FromAsCasing: 'as' and 'FROM' keywords' casing do not match
More info: https://docs.docker.com/go/dockerfile/rule/from-as-casing/

ENV VIRTUAL_ENV=/project/.venv \
PATH="/project/.venv/bin:$PATH"

RUN pip install poetry==1.8.3

FROM base as builder

Check warning on line 7 in Dockerfile

View workflow job for this annotation

GitHub Actions / Build and push Docker image

The 'as' keyword should match the case of the 'from' keyword 

FromAsCasing: 'as' and 'FROM' keywords' casing do not match
More info: https://docs.docker.com/go/dockerfile/rule/from-as-casing/

ENV POETRY_NO_INTERACTION=1 \
POETRY_VIRTUALENVS_IN_PROJECT=1 \
POETRY_VIRTUALENVS_CREATE=1 \
POETRY_CACHE_DIR=/tmp/poetry_cache
POETRY_CACHE_DIR=/tmp/poetry_cache \
PIP_ROOT_USER_ACTION=ignore

RUN apk add gcc python3-dev musl-dev linux-headers

RUN pip install poetry==1.8.3

WORKDIR /project

Expand All @@ -14,9 +23,21 @@ RUN touch README.md

RUN poetry install --no-root && rm -rf $POETRY_CACHE_DIR



FROM base as runtime

Check warning on line 28 in Dockerfile

View workflow job for this annotation

GitHub Actions / Build and push Docker image

The 'as' keyword should match the case of the 'from' keyword 

FromAsCasing: 'as' and 'FROM' keywords' casing do not match
More info: https://docs.docker.com/go/dockerfile/rule/from-as-casing/

COPY --from=builder ${VIRTUAL_ENV} ${VIRTUAL_ENV}

WORKDIR /project

# app source files
COPY sync.py .
COPY aggregator.py .
COPY alembic ./alembic
COPY app ./app

CMD poetry run alembic upgrade head && poetry run gunicorn "app:create_app()" --workers 4 --worker-class uvicorn.workers.UvicornWorker -b 0.0.0.0:8000
# db migrations files
COPY alembic ./alembic
COPY docs/alembic.example.ini ./alembic.ini

CMD uvicorn --factory app:create_app --host 0.0.0.0 --port 8000

Check warning on line 43 in Dockerfile

View workflow job for this annotation

GitHub Actions / Build and push Docker image

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals 

JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
5 changes: 4 additions & 1 deletion alembic/env.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
from alembic import context

from app.models import Base
from app.utils import get_settings


# this is the Alembic Config object, which provides
# access to the values within the .ini file in use.
Expand All @@ -28,7 +30,8 @@
# can be acquired:
# my_important_option = config.get_main_option("my_important_option")
# ... etc.

settings = get_settings()
config.set_main_option('sqlalchemy.url', settings.database.endpoint)

def run_migrations_offline() -> None:
"""Run migrations in 'offline' mode.
Expand Down
Loading

0 comments on commit 01bfb7d

Please sign in to comment.