2025-04-17 14:44:58 -04:00
|
|
|
FROM python:3.12.10-alpine3.21 AS base
|
2024-03-05 14:31:58 +08:00
|
|
|
ARG TARGETPLATFORM
|
2023-06-08 13:12:00 +06:00
|
|
|
|
|
|
|
|
# Create a group and user to run an app
|
|
|
|
|
ENV APP_USER=appuser
|
2023-08-29 15:03:32 +08:00
|
|
|
RUN addgroup --system --gid 2000 ${APP_USER} && \
|
|
|
|
|
adduser --system --uid 1000 --ingroup ${APP_USER} ${APP_USER}
|
|
|
|
|
|
|
|
|
|
RUN apk add bash \
|
2024-03-05 14:31:58 +08:00
|
|
|
python3-dev \
|
|
|
|
|
build-base \
|
|
|
|
|
linux-headers \
|
|
|
|
|
pcre-dev \
|
|
|
|
|
mariadb-connector-c-dev \
|
|
|
|
|
libffi-dev \
|
|
|
|
|
git \
|
|
|
|
|
postgresql-dev
|
2022-06-03 08:09:47 -06:00
|
|
|
|
|
|
|
|
WORKDIR /etc/app
|
|
|
|
|
COPY ./requirements.txt ./
|
2024-06-10 15:33:37 -04:00
|
|
|
COPY ./grpcio-1.64.1-cp312-cp312-linux_aarch64.whl ./
|
2024-03-05 14:31:58 +08:00
|
|
|
|
|
|
|
|
# grpcio is not available for arm64 on pypi, so we need to install it from a local wheel
|
|
|
|
|
# this can be removed once https://github.com/grpc/grpc/issues/34998 is resolved
|
|
|
|
|
RUN if [ "$TARGETPLATFORM" = "linux/arm64" ]; then \
|
2024-06-10 15:33:37 -04:00
|
|
|
pip install grpcio-1.64.1-cp312-cp312-linux_aarch64.whl \
|
|
|
|
|
&& rm grpcio-1.64.1-cp312-cp312-linux_aarch64.whl; \
|
2024-03-05 14:31:58 +08:00
|
|
|
fi
|
2024-02-27 14:21:53 +00:00
|
|
|
|
Fix missing `setuptools` dep (#4799)
# What this PR does
_tldr;_ I think we should install `setuptools` into our engine
`Dockerfile` + in our CI env because Python 3.12 no longer installs
`distutils` by default. This should unblock us from being able to merge
#4656 and #4555.
**More details**
I would like to be able to merge #4656 and #4555. _However_, in both of
these PRs `setuptools` is being removed from `requirements-dev.txt`
([here](https://github.com/grafana/oncall/pull/4555/files#diff-d8146d0816a943b0fa69a20399d7bbdb58e1c84c8b7933b2ba6dea7c10c410f5L113-L116)
and
[here](https://github.com/grafana/oncall/pull/4656/files#diff-d8146d0816a943b0fa69a20399d7bbdb58e1c84c8b7933b2ba6dea7c10c410f5L113-L116)).
This leads to things breaking because of:
```bash
File "/opt/hostedtoolcache/Python/3.12.3/x64/lib/python3.12/site-packages/polymorphic/__init__.py", line 9, in <module>
import pkg_resources
ModuleNotFoundError: No module named 'pkg_resources'
```
-
https://github.com/grafana/oncall/actions/runs/9865348392/job/27242117474?pr=4555#step:5:98
-
https://github.com/grafana/oncall/actions/runs/10078898966/job/27864920455?pr=4656#step:5:100
Python 3.12 made a change to no longer pre-install `distutils`
([relevant release
notes](https://docs.python.org/3/whatsnew/3.12.html#:~:text=The%20third%2Dparty%20Setuptools%20package%20continues%20to%20provide%20distutils%2C%20if%20you%20still%20require%20it%20in%20Python%203.12%20and%20beyond)):
> [PEP 632](https://peps.python.org/pep-0632/): Remove the distutils
package. See [the migration
guide](https://peps.python.org/pep-0632/#migration-advice) for advice
replacing the APIs it provided. The third-party
[Setuptools](https://setuptools.pypa.io/en/latest/deprecated/distutils-legacy.html)
package continues to provide distutils, if you still require it in
Python 3.12 and beyond.
>
> [gh-95299](https://github.com/python/cpython/issues/95299): Do not
pre-install setuptools in virtual environments created with
[venv](https://docs.python.org/3/library/venv.html#module-venv). This
means that distutils, setuptools, pkg_resources, and easy_install will
no longer available by default; to access these run pip install
setuptools in the
[activated](https://docs.python.org/3/library/venv.html#venv-explanation)
virtual environment.
Additionally, `setuptools` is in `pip-tools` `UNSAFE_PACKAGES` list
([related GitHub
issue](https://github.com/pypa/pipenv/issues/1417#issuecomment-364795745)),
hence why I think Dependabot is removing it in #4656 and #4555.
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] Added the relevant release notes label (see labels prefixed w/
`release:`). These labels dictate how your PR will
show up in the autogenerated release notes.
2024-08-09 16:09:47 -04:00
|
|
|
RUN pip install uv setuptools
|
2024-04-26 11:30:38 -03:00
|
|
|
|
2024-02-27 14:21:53 +00:00
|
|
|
# TODO: figure out how to get this to work.. see comment in .github/workflows/e2e-tests.yml
|
|
|
|
|
# https://stackoverflow.com/a/71846527
|
|
|
|
|
# RUN --mount=type=cache,target=/root/.cache/pip,from=pip_cache pip install -r requirements.txt
|
2024-04-26 11:30:38 -03:00
|
|
|
RUN uv pip install --system -r requirements.txt
|
2022-06-03 08:09:47 -06:00
|
|
|
|
2022-11-07 16:34:43 +01:00
|
|
|
# we intentionally have two COPY commands, this is to have the requirements.txt in a separate build step
|
|
|
|
|
# which only invalidates when the requirements.txt actually changes. This avoids having to unneccasrily reinstall deps (which is time-consuming)
|
|
|
|
|
# https://stackoverflow.com/questions/34398632/docker-how-to-run-pip-requirements-txt-only-if-there-was-a-change/34399661#34399661
|
2022-06-03 08:09:47 -06:00
|
|
|
COPY ./ ./
|
|
|
|
|
|
2023-05-22 20:16:31 +01:00
|
|
|
# Collect static files
|
2023-01-21 21:59:20 +08:00
|
|
|
RUN DJANGO_SETTINGS_MODULE=settings.prod_without_db DATABASE_TYPE=sqlite3 DATABASE_NAME=/var/lib/oncall/oncall.db SECRET_KEY="ThEmUsTSecretKEYforBUILDstage123" SILK_PROFILER_ENABLED="True" python manage.py collectstatic --no-input
|
2023-05-22 20:16:31 +01:00
|
|
|
|
2023-06-08 13:12:00 +06:00
|
|
|
# Change permissions for the app folder, as previous commands run as root
|
|
|
|
|
RUN chown -R ${APP_USER}:${APP_USER} /etc/app
|
|
|
|
|
|
2023-05-22 20:16:31 +01:00
|
|
|
# Create SQLite database and set permissions
|
|
|
|
|
RUN mkdir -p /var/lib/oncall
|
|
|
|
|
RUN DATABASE_TYPE=sqlite3 DATABASE_NAME=/var/lib/oncall/oncall.db python manage.py create_sqlite_db
|
2023-06-08 13:12:00 +06:00
|
|
|
RUN chown -R ${APP_USER}:${APP_USER} /var/lib/oncall
|
2022-10-04 09:25:53 +01:00
|
|
|
|
2023-01-26 20:33:04 +08:00
|
|
|
# This is required for silk profilers to sync between uwsgi workers
|
|
|
|
|
RUN mkdir -p /tmp/silk_profiles;
|
2023-06-08 13:12:00 +06:00
|
|
|
RUN chown -R ${APP_USER}:${APP_USER} /tmp/silk_profiles
|
|
|
|
|
|
|
|
|
|
# This is required for prometheus_client to sync between uwsgi workers
|
|
|
|
|
RUN mkdir -p /tmp/prometheus_django_metrics;
|
|
|
|
|
RUN chown -R ${APP_USER}:${APP_USER} /tmp/prometheus_django_metrics
|
|
|
|
|
ENV prometheus_multiproc_dir "/tmp/prometheus_django_metrics"
|
2023-01-26 20:33:04 +08:00
|
|
|
|
2023-09-07 05:38:19 -06:00
|
|
|
|
2022-11-07 16:34:43 +01:00
|
|
|
FROM base AS dev
|
2023-08-29 15:03:32 +08:00
|
|
|
RUN apk add sqlite mysql-client postgresql-client
|
2024-02-27 14:21:53 +00:00
|
|
|
# TODO: figure out how to get this to work.. see comment in .github/workflows/e2e-tests.yml
|
|
|
|
|
# https://stackoverflow.com/a/71846527
|
|
|
|
|
# RUN --mount=type=cache,target=/root/.cache/pip,from=pip_cache pip install -r requirements-dev.txt
|
2024-04-26 11:30:38 -03:00
|
|
|
RUN uv pip install --system -r requirements-dev.txt
|
2022-11-07 16:34:43 +01:00
|
|
|
|
2022-11-09 07:21:33 +01:00
|
|
|
FROM dev AS dev-enterprise
|
2024-02-27 14:21:53 +00:00
|
|
|
# TODO: figure out how to get this to work.. see comment in .github/workflows/e2e-tests.yml
|
|
|
|
|
# https://stackoverflow.com/a/71846527
|
|
|
|
|
# RUN --mount=type=cache,target=/root/.cache/pip,from=pip_cache pip install -r requirements-enterprise-docker.txt
|
2024-04-26 11:30:38 -03:00
|
|
|
RUN uv pip install --system -r requirements-enterprise-docker.txt
|
2022-11-09 07:21:33 +01:00
|
|
|
|
2022-11-07 16:34:43 +01:00
|
|
|
FROM base AS prod
|
2022-06-03 08:09:47 -06:00
|
|
|
|
2023-06-08 13:12:00 +06:00
|
|
|
# Change to a non-root user (number is required by Kubernetes runAsNonRoot check)
|
|
|
|
|
USER 1000
|
2022-06-03 08:09:47 -06:00
|
|
|
|
|
|
|
|
CMD [ "uwsgi", "--ini", "uwsgi.ini" ]
|