This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
Sam Chow 13293ecdea Fix dockerfile being able to pass in params
Change config directory to local config_app one
2018-06-12 14:45:00 -04:00

142 lines
4.8 KiB

# vim:ft=dockerfile
FROM phusion/baseimage:0.10.0
ENV DEBIAN_FRONTEND noninteractive
ENV HOME /root
ENV QUAYDIR /quay-registry
ENV QUAYCONF /quay-registry/conf
# This is so we don't break http golang/go#17066
# When Ubuntu has nginx >= 1.11.0 we can switch back.
RUN add-apt-repository ppa:nginx/development
# Add Yarn repository until it is officially added to Ubuntu
RUN curl -fsSL | apt-key add - \
&& echo "deb stable main" | tee /etc/apt/sources.list.d/yarn.list
RUN curl -fsSL | bash -
# Install system packages
RUN apt-get update && apt-get upgrade -y \
&& apt-get install -y \
dnsmasq \
g++ \
gdb \
gdebi-core \
git \
jpegoptim \
libevent-2.0.5 \
libevent-dev \
libffi-dev \
libfreetype6-dev \
libgpgme11 \
libgpgme11-dev \
libjpeg62 \
libjpeg62-dev \
libjpeg8 \
libldap-2.4-2 \
libldap2-dev \
libmagic1 \
libpq-dev \
libpq5 \
libsasl2-dev \
libsasl2-modules \
memcached \
monit \
nginx \
nodejs \
optipng \
openssl \
python-dbg \
python-dev \
python-pip \
python-virtualenv \
yarn=0.22.0-1 \
w3m # 27MAR2018
# Install cfssl
RUN curl -fsSL -o /bin/cfssljson \
&& curl -fsSL -o /bin/cfssl \
&& chmod 0755 /bin/cfssl /bin/cfssljson
# Install jwtproxy
RUN curl -fsSL -o /usr/local/bin/jwtproxy \
&& chmod +x /usr/local/bin/jwtproxy
# Install prometheus-aggregator
RUN curl -fsSL -o /usr/local/bin/prometheus-aggregator \
&& chmod +x /usr/local/bin/prometheus-aggregator
# Install python dependencies
COPY requirements.txt requirements-tests.txt ./
RUN virtualenv --distribute venv \
&& venv/bin/pip install -r requirements.txt \
&& venv/bin/pip install -r requirements-tests.txt \
&& venv/bin/pip freeze
# Install front-end dependencies
COPY static/ package.json tsconfig.json webpack.config.js tslint.json yarn.lock ./
RUN yarn install --ignore-engines
RUN mkdir -p /etc/my_init.d /etc/systlog-ng /usr/local/bin /etc/monit $QUAYDIR/static/fonts $QUAYDIR/static/ldn /usr/local/nginx/logs/
RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache
VOLUME ["/var/log", "/datastorage", "/tmp"]
RUN adduser memcached --disabled-login --system
# Check python dependencies for the GPL
# Due to the following bug, pip results must be piped to a file before grepping:
RUN cat requirements.txt | grep -v "^-e" | awk -F'==' '{print $1}' | xargs venv/bin/pip --disable-pip-version-check show > pipinfo.txt && \
test -z "$(cat pipinfo.txt | grep GPL | grep -v LGPL)" && \
rm pipinfo.txt
# JS compile
COPY static static
RUN yarn build \
&& jpegoptim static/img/**/*.jpg \
&& optipng -clobber -quiet static/img/**/*.png
COPY . .
RUN PYTHONPATH=$QUAYPATH venv/bin/python -m external_libraries
# Update local copy of AWS IP Ranges.
RUN curl -fsSL -o util/ipresolver/aws-ip-ranges.json
# Set up the init system
RUN mkdir -p /etc/my_init.d /etc/systlog-ng /usr/local/bin /etc/monit static/fonts static/ldn /usr/local/nginx/logs/ \
&& cp $QUAYCONF/init/*.sh /etc/my_init.d/ \
&& cp $QUAYCONF/init/syslog-ng.conf /etc/syslog-ng/ \
&& cp $QUAYCONF/ /usr/local/bin/ \
&& cp $QUAYCONF/monitrc /etc/monit/monitrc \
&& chmod 0600 /etc/monit/monitrc \
&& cp $QUAYCONF/init/logrotate.conf /etc/logrotate.conf \
&& cp .git/HEAD GIT_HEAD \
&& rm -rf /etc/service/syslog-forwarder
RUN ln -s $QUAYCONF /conf
# Cleanup any NPM-related stuff.
# RUN apt-get remove -y --auto-remove python-dev g++ libjpeg62-dev libevent-dev libldap2-dev libsasl2-dev libpq-dev libffi-dev libgpgme11-dev nodejs jpegoptim optipng w3m \
# && apt-get autoremove -y \
# && apt-get clean
# && rm -rf /root/.npm /.npm /usr/local/lib/node_modules /usr/share/yarn/node_modules \
# /root/node_modules /node_modules /grunt
RUN PYTHONPATH=$QUAYPATH venv/bin/alembic heads | grep -E '^[0-9a-f]+ \(head\)$' > ALEMBIC_HEAD
RUN ./scripts/
EXPOSE 443 8443 80
ENTRYPOINT [ "/bin/bash", "./"]