Add nginx python base image

Author: jawadqur

Dockerfile

@@ -1,41 +1,23 @@
 ARG AZLINUX_BASE_VERSION=master
 
-# Base stage with python-build-base
-FROM quay.io/cdis/python-build-base:${AZLINUX_BASE_VERSION} AS base
+FROM quay.io/cdis/python-nginx-al:${AZLINUX_BASE_VERSION} AS base
 
-# Comment this in, and comment out the line above, if quay is down
-# FROM 707767160287.dkr.ecr.us-east-1.amazonaws.com/gen3/python-build-base:${AZLINUX_BASE_VERSION} as base
+# FROM 707767160287.dkr.ecr.us-east-1.amazonaws.com/gen3/python-nginx-al2:feat_python-nginx AS base
 
 ENV appname=peregrine
-ENV POETRY_NO_INTERACTION=1 \
-    POETRY_VIRTUALENVS_IN_PROJECT=1 \
-    POETRY_VIRTUALENVS_CREATE=1
 
 WORKDIR /${appname}
 
-# create gen3 user
-# Create a group 'gen3' with GID 1000 and a user 'gen3' with UID 1000
-RUN groupadd -g 1000 gen3 && \
-    useradd -m -s /bin/bash -u 1000 -g gen3 gen3  && \
-    chown -R gen3:gen3 /$appname && \
-    chown -R gen3:gen3 /venv
-
-RUN dnf update && dnf install -y \
-    python3-devel \
-    postgresql15-server-devel \
-    && rm -rf /var/cache/yum
+RUN chown -R gen3:gen3 /$appname
 
 # Builder stage
 FROM base AS builder
 
 USER gen3
 
-RUN python -m venv /venv
-
 COPY poetry.lock pyproject.toml /${appname}/
 
-RUN pip install poetry && \
-    poetry install -vv --only main --no-interaction
+RUN poetry install -vv --only main --no-interaction
 
 COPY --chown=gen3:gen3 . /$appname
 COPY --chown=gen3:gen3 ./deployment/wsgi/wsgi.py /$appname/wsgi.py
@@ -49,36 +31,11 @@ RUN git config --global --add safe.directory /${appname} && COMMIT=`git rev-pars
 # Final stage
 FROM base
 
-COPY --from=builder /venv /venv
 COPY --from=builder /$appname /$appname
 
-# install nginx
-RUN yum install nginx -y
-
-# allow nginx to bind to port 80
-RUN setcap 'cap_net_bind_service=+ep' /usr/sbin/nginx
-
-# chown nginx directories
-RUN chown -R gen3:gen3 /var/log/nginx
-
-# pipe nginx logs to stdout and stderr
-RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log
-
-# create /var/lib/nginx/tmp/client_body to allow nginx to write to fence
-RUN mkdir -p /var/lib/nginx/tmp/client_body
-RUN chown -R gen3:gen3 /var/lib/nginx/
-
-# copy nginx config
-COPY ./deployment/nginx/nginx.conf /etc/nginx/nginx.conf
-
 # Switch to non-root user 'gen3' for the serving process
 USER gen3
 
-RUN source /venv/bin/activate
-
-ENV PYTHONUNBUFFERED=1 \
-    PYTHONIOENCODING=UTF-8
-
-WORKDIR /var/www/${appname}
+WORKDIR /$appname
 
-CMD ["/bin/bash", "-c", "/peregrine/dockerrun.bash"]
+CMD ["/bin/bash", "-c", "/${appname}/dockerrun.bash"]

deployment/nginx/nginx.conf

@@ -1,5 +1,3 @@
-import sys
+from peregrine.api import app
 
-sys.path.append("/var/www/peregrine/")
-sys.path.append("/peregrine/")
-from wsgi import app as application
+application = app

deployment/wsgi/wsgi.py

@@ -1,4 +1,4 @@
 #!/bin/bash
 
 nginx
-gunicorn -c /peregrine/deployment/wsgi/gunicorn.conf.py
+poetry run gunicorn -c /peregrine/deployment/wsgi/gunicorn.conf.py