-
Notifications
You must be signed in to change notification settings - Fork 11
Expand file tree
/
Copy pathDockerfile
More file actions
85 lines (66 loc) · 2.83 KB
/
Dockerfile
File metadata and controls
85 lines (66 loc) · 2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# The devcontainer should use the developer target and run as root with podman
# or docker with user namespaces.
FROM ghcr.io/diamondlightsource/ubuntu-devcontainer:noble AS developer
# Add any system dependencies for the developer/build environment here
RUN apt-get update -y && apt-get install -y --no-install-recommends \
graphviz \
&& apt-get dist-clean
# Install helm for the dev container. This is the recommended
# approach per the docs: https://helm.sh/docs/intro/install
RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3; \
chmod 700 get_helm.sh; \
./get_helm.sh; \
rm get_helm.sh
RUN helm plugin install https://github.com/losisin/helm-values-schema-json.git --version 2.3.1
# The build stage installs the context into the venv
FROM developer AS build
# Change the working directory to the `app` directory
# and copy in the project
WORKDIR /app
COPY . /app
RUN chmod o+wrX .
# Tell uv sync to install python in a known location so we can copy it out later
ENV UV_PYTHON_INSTALL_DIR=/python
RUN uv add debugpy
# Sync the project without its dev dependencies
RUN --mount=type=cache,target=/root/.cache/uv \
uv sync --locked --no-editable --no-dev
# The runtime stage copies the built venv into a runtime container
FROM ubuntu:noble AS runtime
# Add apt-get system dependecies for runtime here if needed
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install -y --no-install-recommends \
# Git required for installing packages at runtime
git \
# gdb required for attaching debugger
gdb \
# May be required if attaching devcontainer
libnss-ldapd \
&& apt-get dist-clean
# Install uv to allow setup-scratch to run
COPY --from=ghcr.io/astral-sh/uv:0.10 /uv /uvx /bin/
# For this pod to understand finding user information from LDAP
RUN sed -i 's/files/ldap files/g' /etc/nsswitch.conf
# Set the MPLCONFIGDIR environment variable to a temporary directory to avoid
# writing to the home directory. This is necessary because the home directory
# is read-only in the runtime container.
# https://matplotlib.org/stable/install/environment_variables_faq.html#envvar-MPLCONFIGDIR
ENV MPLCONFIGDIR=/tmp/matplotlib
# Copy the python installation from the build stage
COPY --from=build /python /python
# Copy the environment, but not the source code
COPY --chown=1000:1000 --from=build /app/.venv /app/.venv
RUN chmod o+wrX /app/.venv
ENV PATH=/app/.venv/bin:$PATH
# Add copy of blueapi source to container for debugging
WORKDIR /workspaces
COPY --chown=1000:1000 . blueapi
# Make allowance for non-1000 uid
RUN chmod o+wrX blueapi
# Make invariant symlink to site-packages for debugging
# /app/.venv/lib/python/site-packages/blueapi:/workspaces/blueapi
WORKDIR /app/.venv/lib
RUN ln -s python* python
# Switch user 1000
USER ubuntu
ENTRYPOINT ["blueapi"]
CMD ["serve"]