move from pdm to uv

unicef · Oct 31, 2024 · 003f412 · 003f412
1 parent 49a94cc
commit 003f412
Show file tree

Hide file tree

Showing 33 changed files with 603 additions and 193 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -13,5 +13,4 @@ node_modules
 src/*.egg-info
 src/aurora/staticfiles/
 Makefile
-README.md
 manage.py
diff --git a/MANIFEST.in b/MANIFEST.in
@@ -0,0 +1,21 @@
+exclude *
+
+include README.md
+include MANIFEST.in
+include LICENSE.md
+include pyproject.toml
+include *.py
+include uv.lock
+
+recursive-include src/aurora *
+recursive-include src/aurora *.html
+recursive-include src/dbtemplates *
+recursive-include src/dbtemplates *.html
+
+recursive-exclude tests *
+
+prune **/~*
+global-exclude .*
+global-exclude *~
+global-exclude ~*
+exclude manage.py
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,77 +1,112 @@
 FROM python:3.12-slim-bookworm AS base
 ARG BUILD_DATE
 ARG VERSION
-
-WORKDIR /code/
+ARG GIT_SHA
 
 RUN apt-get update \
     && apt-get install -y --no-install-recommends \
-                build-essential \
-                locales \
-                nginx \
-                locales-all \
+                gdal-bin \
                 gettext \
-                libjpeg-dev \
-                zlib1g-dev \
                 git-core \
+                locales \
+                locales-all \
+                nginx \
                 postgresql-client \
-                libpq-dev \
-                python3-psycopg2 \
                 python3-gdal \
-                redis-server \
-                gdal-bin \
-                curl \
+                python3-psycopg2 \
     && locale-gen --no-purge uk_UA.UTF-8 \
-    && apt-get clean
-
-ENV PATH="${PATH}:/root/.local/bin:/code/__pypackages__/3.12/bin" \
-    ADMINS="" \
-    BUILD_DATE=${BUILD_DATE} \
-    CONSTANCE_DATABASE_CACHE_BACKEND="" \
-    CSRF_TRUSTED_ORIGINS="" \
-    CSRF_COOKIE_NAME="aurora" \
-    CSRF_COOKIE_SECURE="true" \
-    DATABASE_URL="" \
-    DEFAULT_ORGANIZATION="UNICEF"\
-    DEBUG="false"\
-    DJANGO_SETTINGS_MODULE="aurora.config.settings" \
-    IPSTACK_KEY="" \
-    LOG_LEVEL="ERROR" \
-    MAINTENANCE_MODE="off" \
-    NGINX_CACHE_DIR="/data/nginx/cache" \
-    NGINX_MAX_BODY_SIZE=30M \
-    REDIS_LOGLEVEL="warning" \
-    REDIS_MAXMEMORY="100Mb" \
-    REDIS_MAXMEMORY_POLICY="volatile-ttl" \
-    PYTHONPATH="/code/src/:/code/__pypackages__/3.12/lib" \
+    && apt-get clean \
+    && pip install uv
+
+FROM base AS builder
+RUN set -x \
+    && buildDeps="build-essential \
+cmake \
+curl \
+gcc \
+git \
+libfontconfig1 \
+libgconf-2-4 \
+libglib2.0-0 \
+libnss3 \
+libssl-dev \
+libjpeg-dev \
+libpq-dev \
+libxml2-dev  \
+python3-dev \
+zlib1g-dev  \
+" \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends $buildDeps \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+
+# ------- production only deps-------
+FROM builder AS production
+
+WORKDIR /app
+COPY uv.lock README.md MANIFEST.in pyproject.toml /app/
+COPY src /app/src/
+
+RUN --mount=type=cache,target=/root/.uv-cache \
+    uv sync --cache-dir=/root/.uv-cache \
+        --python=/usr/local/bin/python \
+        --python-preference=system \
+        --no-dev --no-editable --frozen --extra distribution
+
+
+FROM base AS dist
+ARG BUILD_DATE
+ARG VERSION
+ARG GIT_SHA
+
+ENV PATH=/app/.venv/bin:/usr/local/bin/:/usr/bin:/bin:/usr/sbin/:/usr/local/sbin/ \
+    DJANGO_SETTINGS_MODULE=aurora.config.settings \
     PYTHONUNBUFFERED=1 \
-    SECRET_KEY="secret-key-just-for-build" \
-    SENTRY_DSN="" \
-    STATIC_ROOT="/var/static" \
+    PYTHONDONTWRITEBYTECODE=1 \
     STATIC_URL="/static/" \
-    UWSGI_PROCESSES=4 \
-    VERSION=${VERSION} \
-    POETRY_VERSION=${POETRY_VERSION}
+    BUILD_DATE="${BUILD_DATE}" \
+    VERSION="${VERSION}" \
+    GIT_SHA="${GIT_SHA}" \
+    PYTHONPATH=""\
+    PGSSLCERT="/tmp/postgresql.crt" \
+    UWSGI_PROCESSES=4
 
-RUN pip install pdm==2.15.1
-ADD pyproject.toml pdm.toml pdm.lock ./
-RUN sed -i 's/use_venv = true/use_venv = false/' pdm.toml
-RUN pdm sync --prod --no-editable --no-self
+WORKDIR app/
 
-RUN mkdir -p /var/nginx/system
+COPY docker/conf /conf/
+COPY docker/bin/* /usr/local/bin/
+COPY LICENSE README.md /
+COPY --from=production /app/.venv /app/.venv
+COPY --from=builder /usr/local/bin/uv /usr/local/bin/
 
-ADD . ./
-ADD ./docker/conf/nginx/* /var/nginx/
-ADD ./docker/conf/* /conf/
-ADD ./docker/bin/* /usr/local/bin/
+RUN --mount=type=cache,target=/root/.uv-cache \
+    --mount=type=bind,source=uv.lock,target=/app/uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=/app/pyproject.toml \
+    --mount=type=bind,source=MANIFEST.in,target=/app/MANIFEST.in \
+    --mount=type=bind,source=README.md,target=/app/README.md \
+    --mount=type=bind,source=./src/aurora,target=/app/src/aurora \
+    --mount=type=bind,source=./src/dbtemplates,target=/app/src/dbtemplates \
+    uv --cache-dir=/root/.uv-cache pip install --no-deps .
 
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-CMD ["run"]
 
-EXPOSE 80
 EXPOSE 8000
+ENTRYPOINT exec entrypoint.sh "$0" "$@"
+CMD ["run"]
 
-FROM base AS dev
-RUN pdm sync --dev
+LABEL distro="final"
+LABEL maintainer="[email protected]"
+LABEL cheksum="$CHECKSUM"
 
-FROM base AS dist
+LABEL org.opencontainers.image.authors="[email protected]"
+LABEL org.opencontainers.image.created="$BUILD_DATE"
+LABEL org.opencontainers.image.description="Bitcaster"
+LABEL org.opencontainers.image.documentation="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}"
+LABEL org.opencontainers.image.licenses="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/blob/${GIT_SHA:-master}/LICENSE.md"
+LABEL org.opencontainers.image.revision=$GIT_SHA
+LABEL org.opencontainers.image.source="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/tree/${GIT_SHA:-master}/"
+LABEL org.opencontainers.image.title="Aurora"
+LABEL org.opencontainers.image.version="$VERSION"
+LABEL org.opencontainers.image.url="https://register.unicef.org/"
+LABEL org.opencontainers.image.vendor="UNICEF"
diff --git a/docker/Makefile b/docker/Makefile
@@ -1,125 +1,82 @@
 # envs to set before use this script
 .ONESHELL:
-
-DEVELOP?=0
-DOCKER_PASS?=
-DOCKER_USER?=
-VERSION?=0.1.0
-BASE?=$(shell echo "${VERSION}" | sed "s/\([0-9]*\)\.\([0-9]*\)\.\(.*\)/\1.\2/g" )
-PUSH_BASE?=0
-DEVELOP?=1
+VERSION := $(shell grep -m 1 version ../pyproject.toml | tr -s ' ' | tr -d '"' | tr -d "'" | cut -d' ' -f3)
 BUILD_DATE:="$(shell date +"%Y-%m-%d %H:%M")"
-# below vars are used internally
-POETRY_VERSION=1.2.2
-BUILD_OPTIONS?=--squash
-CMD?=run
-WORKER?='??'
-CONTAINER_NAME?=flex-form-cnt
-LAZO?=$(shell which lazo)
+SOURCE_COMMIT=$(shell git rev-parse --short HEAD)
+STAGE?=dist
 
-DOCKER_REGISTRY?=ghcr.io
-DOCKER_IMAGE_NAME?=saxix/aurora
-DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:${VERSION}
-DOCKER_TARGET=${DOCKER_REGISTRY}/${DOCKER_IMAGE}
-DOCKERFILE?=Dockerfile
+.build:
+	DOCKER_BUILDKIT=1 cd .. && docker build \
+			--build-arg VERSION=${VERSION} \
+			--build-arg BUILD_DATE=${BUILD_DATE} \
+			--build-arg GIT_SHA=${SOURCE_COMMIT} \
+			--target ${STAGE} \
+			${BUILD_OPTIONS} \
+			-t ${DOCKER_IMAGE} \
+			-f docker/Dockerfile .
+	docker images | grep "${DOCKER_IMAGE_NAME}" | grep ${VERSION}
+	docker inspect ${DOCKER_IMAGE} | jq -r '.[0].Config.Labels'
 
-RUN_OPTIONS?=
-PIPENV_ARGS?=
 
-ISDIRTY=$(shell git status --porcelain)
-IMAGE_EXISTS=$(shell docker ps -a | grep "${DOCKER_REGISTRY}/${DOCKER_IMAGE}")
+build:
+	DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:${VERSION} \
+	$(MAKE) .build ## build image
 
-.PHONY: help runlocal
-.DEFAULT_GOAL := help
+.build-stage:
+	DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:${VERSION}-${STAGE} \
+	$(MAKE) .build
 
-define PRINT_HELP_PYSCRIPT
-import re, sys
+base:
+	STAGE=base $(MAKE) .build-stage
 
-for line in sys.stdin:
-	match = re.match(r'^([a-zA-Z_-]+):.*?## (.*)$$', line)
-	if match:
-		target, help = match.groups()
-		print("%-20s %s" % (target, help))
-endef
-export PRINT_HELP_PYSCRIPT
+builder:
+	STAGE=builder $(MAKE) .build-stage
 
-BROWSER := python -c "$$BROWSER_PYSCRIPT"
 
-help:
-	@python -c "$$PRINT_HELP_PYSCRIPT" < $(MAKEFILE_LIST)
+production:
+	STAGE=production $(MAKE) .build-stage
 
-check:
-	@[ -z "`git status --porcelain`" ] || ( git status ; echo "Uncommited changes"; exit 1 )
-	export IMAGE_EXISTS=`curl --silent --header "PRIVATE-TOKEN: ${GITLAB_API_TOKEN}" https://gitlab.com/api/v4/projects/22122245/registry/repositories/1473455/tags/${VERSION} | jq '.location'`
-	@[ "${IMAGE_EXISTS}" != null ] || ( echo "Docker image '${DOCKER_TARGET}' already exists"; exit 1 )
-	@[ -n "`git tag -l ${VERSION}`" ] || git tag -m "v${VERSION}"  ${VERSION}
+dist:
+	STAGE=dist $(MAKE) .build-stage
 
-.build:
-	cd .. && docker build \
-			--build-arg VERSION=${VERSION} \
-			--build-arg BUILD_DATE=${BUILD_DATE} \
-			-t ${DOCKER_REGISTRY}/${DOCKER_IMAGE} \
-			-f docker/${DOCKERFILE} .
-	docker tag ${DOCKER_REGISTRY}/${DOCKER_IMAGE} ${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:latest
-	docker images | grep "${DOCKER_IMAGE_NAME}" | grep ${VERSION}
 
-build: check .build
-
-dev:
-	cd .. && docker build -t flex-dev -f docker/Dockerfile.dev .
-	DOCKER_IMAGE=flex-dev \
-	CMD='/bin/bash' \
-	RUN_OPTIONS="-it -v ${PWD}/conf/:/conf/ -v ${PWD}/../:/code/" \
-	$(MAKE) .run
-
-.push:
-	git push
+step1: base
+step2: builder
+step3: production
+step4: dist
 
 .run:
-	mkdir -p ../${VOLUME}
 	cd .. && docker run \
 	 		--rm \
-	 		--name=${CONTAINER_NAME} \
 			-p 8000:8000 \
-			-e AUTHENTICATION_BACKENDS=\
 			-e ADMIN_EMAIL="${ADMIN_EMAIL}" \
 			-e ADMIN_PASSWORD="${ADMIN_PASSWORD}" \
-			-e DJANGO_ADMIN_URL=admin/ \
-			-e ADMINS="" \
-			-e MAINTENANCE_MODE="off" \
-			-e LANGUAGE_CODE="uk-ua" \
 			-e ALLOWED_HOSTS="*" \
+			-e CACHE_DEFAULT="redis://192.168.66.66:6379/0" \
+			-e CELERY_BROKER_URL=redis://192.168.66.66:6379/0 \
+			-e CSRF_COOKIE_SECURE=False \
+			-e CSRF_TRUSTED_ORIGINS=http://localhost \
 			-e DATABASE_URL="${DATABASE_URL}" \
-			-e DEBUG="0" \
+			-e DEBUG="1" \
+			-e DJANGO_ADMIN_URL=admin/ \
+			-e DJANGO_SETTINGS_MODULE=aurora.config.settings \
+			-e LOGGING_LEVEL="DEBUG" \
+			-e SECRET_KEY=liujhljhlkjhlkjhlkj \
+			-e SOCIAL_AUTH_REDIRECT_IS_HTTPS="False" \
 			-e SENTRY_DSN="${SENTRY_DSN}" \
-			-e REDIS_CONNSTR="${REDIS_CONNSTR}" \
-			-e VERSION="${VERSION}" \
+			-e SUPERUSERS="sax," \
 			${RUN_OPTIONS} \
-			${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:latest \
+			-t ${DOCKER_IMAGE} \
 			${CMD}
 
-#			-v ${PWD}/conf/:/conf/ \
-#			-v ${PWD}/bin/entrypoint.sh:/usr/local/bin/entrypoint.sh \
-#			-v ${PWD}/conf/nginx:/var/nginx/ \
-
-# 			-e STATICFILES_STORAGE="django.contrib.staticfiles.storage.ManifestStaticFilesStorage"\
-#docker push registry.gitlab.com/bitcaster/bitcaster
-dev:
-	RUN_OPTIONS="-v FERNET_KEY=lhlijhlkjhlkjhlkjhlkjhkjhoj -e SESSION_COOKIE_DOMAIN=aaa -e SESSION_COOKIE_SECURE=1 " \
+run:
+	DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:${VERSION} \
+ 	CMD='run' \
 	$(MAKE) .run
 
-release: .docker-login ## release version $VERSION
-	docker tag ${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:${VERSION} ${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:latest
-	docker push ${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:latest
-	docker push ${DOCKER_REGISTRY}/${DOCKER_IMAGE_NAME}:${VERSION}
 
-run:  ## run image locally
-	CMD="" $(MAKE) .run
-
-test:  ## test docker image
-	RUN_OPTIONS="-e FERNET_KEY=lhlijhlkjhlkjhlkjhlkjhkjhoj -e SESSION_COOKIE_DOMAIN=aaa -e SESSION_COOKIE_SECURE=1 " \
-	CMD='sh -c "whoami && django-admin collectstatic --no-input -v 3 && django-admin check --deploy"' \
+shell:
+	DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:${VERSION} \
+	RUN_OPTIONS="-it" \
+ 	CMD='/bin/bash' \
 	$(MAKE) .run
-
-shell:  ## run docker and spawn a shell
-	DOCKER_IMAGE=${DOCKER_IMAGE_NAME}:latest RUN_OPTIONS=-it CMD='/bin/bash' $(MAKE) .run