From e3e2e1de647c452f90e5926f184b72823b312f01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Bournhonesque?= Date: Thu, 22 Aug 2024 17:01:02 +0200 Subject: [PATCH] chore: Improve devops (#395) --- .env | 2 +- .github/workflows/container-deploy.yml | 8 ++++++-- Dockerfile | 11 ++++++----- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/.env b/.env index 7150c5ce..85d9f22b 100644 --- a/.env +++ b/.env @@ -9,7 +9,7 @@ SECRET_KEY=key DEBUG=True -ALLOWED_HOSTS="localhost,localhost:8000,localhost:5173" +ALLOWED_HOSTS="localhost,127.0.0.1" API_PORT=127.0.0.1:8000 diff --git a/.github/workflows/container-deploy.yml b/.github/workflows/container-deploy.yml index f98eb3c0..7f6b24c4 100644 --- a/.github/workflows/container-deploy.yml +++ b/.github/workflows/container-deploy.yml @@ -3,7 +3,9 @@ name: Container Image Deployment CI on: push: branches: - - main + # Temporarily use django rewrite branch, + # we should switch back to main once the migration to Django is done + - raphodn/django-5-rewrite - deploy-* tags: - v*.*.* @@ -115,8 +117,10 @@ jobs: echo "RESTART_POLICY=always" >> .env # Set App variables echo "API_PORT=8190" >> .env - echo 'CORS_ALLOW_ORIGINS=["https://openfoodfacts-explorer.vercel.app", "https://prices.openfoodfacts.net", "https://prices.openfoodfacts.org"]' >> .env + echo "DEBUG=False" >> .env + echo 'ALLOWED_HOSTS=openfoodfacts-explorer.vercel.app,prices.openfoodfacts.net,prices.openfoodfacts.org' >> .env echo "OAUTH2_SERVER_URL=https://world.openfoodfacts.org/cgi/auth.pl" >> .env + echo "SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" >> .env echo "SENTRY_DNS=${{ secrets.SENTRY_DSN }}" >> .env echo "POSTGRES_EXPOSE=127.0.0.1:5433" >> .env echo "POSTGRES_HOST=postgres.open_prices_default" >> .env diff --git a/Dockerfile b/Dockerfile index ce4c3535..e28af230 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG PYTHON_VERSION=3.11 # base python setup # ----------------- -FROM python:$PYTHON_VERSION-slim as python-base +FROM python:$PYTHON_VERSION-slim AS python-base RUN apt-get update && \ apt-get install --no-install-suggests --no-install-recommends -y curl && \ apt-get autoremove --purge && \ @@ -23,7 +23,7 @@ ENV PYTHONUNBUFFERED=1 \ # building packages # ----------------- -FROM python-base as builder-base +FROM python-base AS builder-base RUN curl -sSL https://install.python-poetry.org | python3 - WORKDIR $PYSETUP_PATH COPY poetry.lock pyproject.toml ./ @@ -31,7 +31,7 @@ RUN poetry install --without dev # This is our final image # ------------------------ -FROM python-base as runtime +FROM python-base AS runtime COPY --from=builder-base $VENV_PATH $VENV_PATH COPY --from=builder-base $POETRY_HOME $POETRY_HOME RUN poetry config virtualenvs.create false @@ -43,6 +43,7 @@ ARG USER_GID=$USER_UID RUN groupadd -g $USER_GID off && \ useradd -u $USER_UID -g off -m off && \ mkdir -p /home/off && \ + mkdir -p /home/off/.cache && \ mkdir -p /opt/open-prices && \ mkdir -p /opt/open-prices/data && \ mkdir -p /opt/open-prices/img && \ @@ -67,7 +68,7 @@ CMD ["gunicorn", "config.wsgi", "--bind", "0.0.0.0:8000", "--workers", "1"] # building dev packages # ---------------------- -FROM builder-base as builder-dev +FROM builder-base AS builder-dev WORKDIR $PYSETUP_PATH COPY poetry.lock pyproject.toml ./ # full install, with dev packages @@ -76,7 +77,7 @@ RUN poetry install # image with dev tooling # ---------------------- # This image will be used by default, unless a target is specified in docker-compose.yml -FROM runtime as runtime-dev +FROM runtime AS runtime-dev COPY --from=builder-dev $VENV_PATH $VENV_PATH COPY --from=builder-dev $POETRY_HOME $POETRY_HOME # Handle possible issue with Docker being too eager after copying files