-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
271 additions
and
133 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,44 +1,133 @@ | ||
| FROM fedora:33 as base | ||
| LABEL app=kg-prototypes | ||
| # ======================================== | ||
| # Base image | ||
| # ======================================== | ||
| FROM python:3.10-slim as base | ||
|
|
||
| ENV LANG C.UTF-8 | ||
| ENV LC_ALL C.UTF-8 | ||
| ENV PYTHONDONTWRITEBYTECODE 1 | ||
| ENV PYTHONFAULTHANDLER 1 | ||
|
|
||
| # Install dependencies | ||
| RUN dnf install htop postgresql graphviz python-pip python3-devel vim net-tools which -y \ | ||
| && dnf groupinstall 'Development Tools' -y \ | ||
| && dnf clean packages | ||
| RUN pip install pipenv | ||
|
|
||
| ENV N4J_USER n4j | ||
| ENV N4J_HOME /home/$N4J_USER | ||
| ENV UID 1000 | ||
| ENV GID 1000 | ||
|
|
||
| # User and group creation | ||
| RUN groupadd -g $GID $N4J_USER && \ | ||
| useradd -u $UID -g $GID -G wheel --create-home --home-dir $N4J_HOME --shell /bin/bash $N4J_USER | ||
| # ======================================== | ||
| # Build dependencies stage | ||
| # ======================================== | ||
| FROM base as build-deps | ||
|
|
||
| # Install build dependencies | ||
| RUN apt-get update \ | ||
| && apt-get install -y liblmdb-dev python3-dev libxml2-dev libxslt-dev build-essential \ | ||
| && apt-get clean | ||
|
|
||
| # Copy Pipfiles | ||
| COPY Pipfile Pipfile.lock ./ | ||
|
|
||
| # Install Python dependencies | ||
| ARG DEV | ||
| RUN PIPENV_VENV_IN_PROJECT=1 pipenv install --deploy $(if [ "$DEV" ]; then echo --dev; fi) | ||
|
|
||
|
|
||
| # ======================================== | ||
| # Runtime stage | ||
| # ======================================== | ||
| FROM base | ||
| LABEL org.opencontainers.image.source https://github.com/SBRG/lifelike | ||
|
|
||
| # Install runtime system dependencies | ||
| RUN apt-get update \ | ||
| && apt-get install -y libmagic-dev graphviz libgraphviz-dev curl \ | ||
| && apt-get clean | ||
|
|
||
| # Copy Python virtual environment | ||
| COPY --from=build-deps /.venv /.venv | ||
| ENV PATH="/.venv/bin:$PATH" | ||
|
|
||
| # Set user and workdir | ||
| WORKDIR /app | ||
| RUN useradd -m -d /app app | ||
| USER app | ||
|
|
||
| # Copy application code | ||
| COPY --chown=app . . | ||
|
|
||
| # Set to 1 to automatically apply any pending DB migrations at startup | ||
| ENV MIGRATE_DB= | ||
|
|
||
| # Create an initial admin user | ||
| ENV INITIAL_ADMIN_EMAIL= | ||
|
|
||
| # LMDB database volume | ||
| ENV LMDB_DATA_DIR=/lmdb | ||
| VOLUME /lmdb | ||
|
|
||
| # LMDB download cloud storage | ||
| # ENV AZURE_ACCOUNT_STORAGE_NAME= | ||
| # ENV AZURE_ACCOUNT_STORAGE_KEY= | ||
|
|
||
| # JWT Authendication | ||
| ENV JWT_SECRET=secret | ||
|
|
||
| # Base URL of this app, reachable by external services | ||
| ENV APPSERVER_URL=http://localhost:5000 | ||
|
|
||
| # Base URL of the frontend app, for link generation | ||
| ENV FRONTEND_URL=http://localhost:4242 | ||
|
|
||
| # PostgreSQL configuration | ||
| ENV POSTGRES_HOST=postgres | ||
| ENV POSTGRES_PORT=5432 | ||
| ENV POSTGRES_USER=postgres | ||
| ENV POSTGRES_PASSWORD=postgres | ||
| ENV POSTGRES_DB=postgres | ||
|
|
||
| # Neo4j configuration | ||
| ENV NEO4J_HOST=neo4j | ||
| ENV NEO4J_PORT=7687 | ||
| ENV NEO4J_AUTH=neo4j/password | ||
| ENV NEO4J_DATABASE=neo4j | ||
| ENV NEO4J_SCHEME=bolt | ||
|
|
||
| # Elasticsearch configuration | ||
| ENV ELASTICSEARCH_URL=http://elasticsearch:9200 | ||
| ENV ELASTICSEARCH_FILE_INDEX=file | ||
|
|
||
| # Statistical enrichment service | ||
| ENV STATISTICAL_ENRICHMENT_URL=http://statistical-enrichment:5000 | ||
|
|
||
| # PDFParser service | ||
| ENV PDFPARSER_URL=http://pdfparser:7600 | ||
|
|
||
| WORKDIR $N4J_HOME | ||
| # NLP Processing service | ||
| ENV NLP_URL=https://nlp-api.lifelike.bio/v1/predict | ||
| ENV NLP_SECRET=secret | ||
|
|
||
| # Copy Pipfiles and install dependencies FIRST to better apply Docker layer cache | ||
| COPY --chown=1000:1000 Pipfile . | ||
| COPY --chown=1000:1000 Pipfile.lock . | ||
| RUN pipenv install --dev --deploy --system | ||
| # Mailserver configuration | ||
| ENV [email protected] | ||
|
|
||
| # ...then copy everything else | ||
| COPY --chown=1000:1000 . . | ||
| # Sendgrid integration | ||
| ENV SENDGRID_API_KEY= | ||
|
|
||
| # TODO: We should consider breaking this apart into dev and prod | ||
| # builds, so we don't build unnecessary packages | ||
| # Optional Sentry logging configuration | ||
| ENV SENTRY_DSN= | ||
|
|
||
| # Don't lose stdin, stdout and stderr output due to buffering | ||
| ENV PYTHONUNBUFFERED 1 | ||
| ENV PYTHONPATH $N4J_HOME | ||
| # Optional Elastic APM configuration. | ||
| # To enable, at least ELASTIC_APM_SERVER_URL must be set | ||
| # Other available variables: https://www.elastic.co/guide/en/apm/agent/python/master/configuration.html | ||
| ENV ELASTIC_APM_SERVER_URL= | ||
| ENV ELASTIC_APM_SERVICE_NAME=appserver | ||
|
|
||
| # Set Python3 as the default when running "python" | ||
| RUN echo 'alias python=python3' >> ~/.bashrc && source ~/.bashrc | ||
| # Flask env (development, testing, production) | ||
| ENV FLASK_ENV=production | ||
|
|
||
| USER $N4J_USER | ||
| # Listen port | ||
| ENV PORT=5000 | ||
| EXPOSE $PORT | ||
|
|
||
| # Setup flask application environment vars | ||
| ENV MAX_ALLOWED_LOGIN_FAILURES 6 | ||
| # Health check by requesting system info to /meta endpoint | ||
| HEALTHCHECK --start-period=30s \ | ||
| CMD curl -f localhost:$PORT/meta || exit 1 | ||
|
|
||
| CMD [ "bin/startup.sh" ] | ||
| RUN chmod +x bin/docker-entrypoint.sh | ||
| ENTRYPOINT ["bin/docker-entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,33 +1,64 @@ | ||
| # ======================================== | ||
| # Base image | ||
| # ======================================== | ||
| FROM python:3.10-slim as base | ||
| LABEL app=kg-prototypes | ||
|
|
||
| # Install dependencies | ||
| RUN apt-get update && apt-get install -y curl && apt-get clean | ||
| ENV LANG C.UTF-8 | ||
| ENV LC_ALL C.UTF-8 | ||
| ENV PYTHONDONTWRITEBYTECODE 1 | ||
| ENV PYTHONFAULTHANDLER 1 | ||
|
|
||
| RUN pip install pipenv | ||
|
|
||
| ENV APP_USER lifelike | ||
| ENV APP_HOME /home/$APP_USER | ||
| ENV UID 1000 | ||
| ENV GID 1000 | ||
|
|
||
| # User and group creation | ||
| RUN groupadd -g $GID $APP_USER && \ | ||
| useradd -u $UID -g $GID -G sudo --create-home --home-dir $APP_HOME --shell /bin/bash $APP_USER | ||
| # ======================================== | ||
| # Build dependencies stage | ||
| # ======================================== | ||
| FROM base as build-deps | ||
|
|
||
| # Copy Pipfiles | ||
| COPY Pipfile Pipfile.lock ./ | ||
|
|
||
| # Install Python dependencies | ||
| ARG DEV | ||
| RUN PIPENV_VENV_IN_PROJECT=1 pipenv install --deploy $(if [ "$DEV" ]; then echo --dev; fi) | ||
|
|
||
|
|
||
| # ======================================== | ||
| # Runtime stage | ||
| # ======================================== | ||
| FROM base | ||
| LABEL org.opencontainers.image.source https://github.com/SBRG/lifelike | ||
|
|
||
| # Copy Python virtual environment | ||
| COPY --from=build-deps /.venv /.venv | ||
| ENV PATH="/.venv/bin:$PATH" | ||
|
|
||
| # Set user and working directory | ||
| WORKDIR /app | ||
| RUN useradd -m -d /app app | ||
| USER app | ||
|
|
||
| WORKDIR $APP_HOME | ||
| # Copy application code | ||
| COPY --chown=app main.py ./ | ||
|
|
||
| # Copy Pipfiles and install dependencies FIRST to better apply Docker layer cache | ||
| COPY --chown=1000:1000 Pipfile . | ||
| COPY --chown=1000:1000 Pipfile.lock . | ||
| RUN pipenv install --deploy --dev --system | ||
| # Neo4j configuration | ||
| ENV NEO4J_HOST=neo4j | ||
| ENV NEO4J_PORT=7687 | ||
| ENV NEO4J_AUTH=neo4j/password | ||
| ENV NEO4J_SCHEME=bolt | ||
| ENV NEO4J_DATABASE=neo4j | ||
|
|
||
| # ...then copy everything else | ||
| COPY --chown=1000:1000 . . | ||
| # Redis cache configuration | ||
| ENV REDIS_HOST=redis | ||
| ENV REDIS_PORT=6379 | ||
| ENV REDIS_PASSWORD=password | ||
| ENV REDIS_DB=0 | ||
|
|
||
| # Don't lose stdin, stdout and stderr output due to buffering | ||
| ENV PYTHONUNBUFFERED 1 | ||
| ENV PYTHONPATH $APP_HOME | ||
| # Default TTL for cache | ||
| ENV CACHE_TTL=86400 | ||
|
|
||
| USER $APP_USER | ||
| # Logging level | ||
| ENV LOG_LEVEL=INFO | ||
|
|
||
| CMD [ "bin/startup.sh" ] | ||
| CMD ["python", "main.py"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.