-
Notifications
You must be signed in to change notification settings - Fork 48
/
Copy pathDockerfile
63 lines (45 loc) · 2.12 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# To build: docker build -t fence:latest .
# To run interactive:
# docker run -v ~/.gen3/fence/fence-config.yaml:/var/www/fence/fence-config.yaml -v ./keys/:/fence/keys/ fence:latest
# To check running container do: docker exec -it CONTAINER bash
ARG AZLINUX_BASE_VERSION=master
# ------ Base stage ------
FROM quay.io/cdis/python-nginx-al:${AZLINUX_BASE_VERSION} AS base
# Comment this in, and comment out the line above, if quay is down
# FROM 707767160287.dkr.ecr.us-east-1.amazonaws.com/gen3/python-nginx-al:${AZLINUX_BASE_VERSION} as base
ENV appname=fence
WORKDIR /${appname}
RUN chown -R gen3:gen3 /${appname}
# ------ Builder stage ------
FROM base AS builder
# Install just the deps without the code as it's own step to avoid redoing this on code changes
COPY poetry.lock pyproject.toml /${appname}/
RUN poetry lock -vv --no-update \
&& poetry install -vv --only main --no-interaction
# Move app files into working directory
COPY --chown=gen3:gen3 . /$appname
COPY --chown=gen3:gen3 ./deployment/wsgi/wsgi.py /$appname/wsgi.py
# Do the install again incase the app itself needs install
RUN poetry lock -vv --no-update \
&& poetry install -vv --only main --no-interaction
# Setup version info
RUN git config --global --add safe.directory /${appname} && COMMIT=`git rev-parse HEAD` && echo "COMMIT=\"${COMMIT}\"" > /$appname/version_data.py \
&& VERSION=`git describe --always --tags` && echo "VERSION=\"${VERSION}\"" >> /$appname/version_data.py
# ------ Final stage ------
FROM base
ENV PATH="/${appname}/.venv/bin:$PATH"
# Install ccrypt to decrypt dbgap telmetry files
RUN echo "Upgrading dnf"; \
dnf upgrade -y; \
echo "Installing Packages"; \
dnf install -y \
libxcrypt-compat-4.4.33 \
libpq-15.0 \
gcc \
tar xz; \
echo "Installing RPM"; \
rpm -i https://ccrypt.sourceforge.net/download/1.11/ccrypt-1.11-1.src.rpm && \
cd /root/rpmbuild/SOURCES/ && \
tar -zxf ccrypt-1.11.tar.gz && cd ccrypt-1.11 && ./configure --disable-libcrypt && make install && make check;
COPY --chown=gen3:gen3 --from=builder /$appname /$appname
CMD ["/bin/bash", "-c", "/fence/dockerrun.bash"]