updated deploy preview workflow and docker files accordingly (test Nginx config)

.github/workflows/deploy-previews.yml

@@ -1186,17 +1186,14 @@ jobs:
 
       - name: Deploy to Cloud Run
         run: |-
-          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-website-preview \
-            --region=${{ secrets.REGION }} \
+          gcloud run deploy website-backend-nginix-website-preview \
+            --region=${REGION} \
             --max-instances=10 \
             --timeout=60 \
             --concurrency=10 \
-            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} \
-            --port=8000 \
+            --image=${REGISTRY_URL}/${PROJECT_ID}/pr-previews/website-pr-previews:${GITHUB_SHA} \
             --cpu=1000m \
             --memory=1024Mi \
-            --update-secrets=/etc/env/.env=sta-env-website-backend:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
-            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; /app/entrypoint.sh" \
             --allow-unauthenticated
 
       - name: Get preview service url
@@ -1221,5 +1218,5 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: 'website changes in this PR available for preview [here](${{ needs.website.outputs.url }})'
-            })           
+              body: 'website changes in this PR available for preview [here](${needs.website.outputs.url})'
+            })

src/website/Dockerfile

@@ -5,27 +5,40 @@ FROM python:3.11-slim
 ENV PYTHONDONTWRITEBYTECODE 1
 ENV PYTHONUNBUFFERED 1
 
-# Set the working directory inside the container
 WORKDIR /app
 
 # Install system dependencies
 RUN apt-get update && apt-get install -y \
     gcc \
     libpq-dev \
+    nginx \
+    supervisor \
     && apt-get clean
 
-# Copy requirements file and install dependencies
-COPY requirements.txt ./
+# Copy requirements and install
+COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 
-# Copy the rest of the backend code into the container
+# Copy the rest of the code
 COPY . .
 
-# Expose the port the Django app will run on
-EXPOSE 8000
+# Remove default Nginx config
+RUN rm /etc/nginx/conf.d/default.conf
 
-# Add execution permissions to entrypoint.sh
+# Make sure we have a directory for static files (to serve them via Nginx)
+RUN mkdir -p /usr/share/nginx/html/static/
+
+# Add execute permission to entrypoint.sh
 RUN chmod +x /app/entrypoint.sh
 
-# Set the entrypoint for the container
+# Copy custom Nginx config
+COPY nginx.conf /etc/nginx/nginx.conf
+
+# Copy supervisor config
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# Default port for Cloud Run is 8080, ensure Nginx listens on this port
+ENV PORT 8080
+EXPOSE 8080
+
 ENTRYPOINT ["/app/entrypoint.sh"]

src/website/entrypoint.sh

@@ -1,16 +1,13 @@
 #!/bin/sh
 
-# Exit immediately if a command exits with a non-zero status
+# Exit on error
 set -e
 
-# Run Django migrations
 echo "Running migrations..."
 python manage.py migrate --noinput
 
-# Collect static files (ensure the static files directory exists)
 echo "Collecting static files..."
 python manage.py collectstatic --noinput
 
-# Start Gunicorn server to serve the Django application
-echo "Starting Gunicorn server..."
-exec gunicorn core.wsgi:application --bind 0.0.0.0:8000 --timeout 600 --workers 3 --log-level info
+echo "Starting Supervisor (which runs Nginx + Gunicorn)..."
+exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

src/website/nginx.conf

@@ -0,0 +1,48 @@
+user nginx;
+worker_processes auto;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    client_max_body_size 10M;
+
+    upstream django_app {
+        # Gunicorn will be running on 127.0.0.1:8000 inside the same container
+        server 127.0.0.1:8000;
+    }
+
+    server {
+        listen ${PORT};
+        server_name _;
+
+        location /static/ {
+            alias /usr/share/nginx/html/static/;
+            expires 1y;
+            access_log off;
+            add_header Cache-Control "public";
+        }
+
+        location / {
+            proxy_pass http://django_app;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}

src/website/supervisord.conf

@@ -0,0 +1,13 @@
+[supervisord]
+nodaemon=true
+
+[program:gunicorn]
+command=gunicorn core.wsgi:application --bind 0.0.0.0:8000 --timeout 600 --workers 3 --log-level info
+directory=/app
+autostart=true
+autorestart=true
+
+[program:nginx]
+command=/usr/sbin/nginx -g "daemon off;"
+autostart=true
+autorestart=true