Skip to content

Commit

Permalink
feat: Various codejail improvements for devstack usage
Browse files Browse the repository at this point in the history 
A collection of improvements to enable the usual live-reloading workflow.
Running as app meant we couldn't recompile files, modify the container
environment, etc.

- Run as root in dev target, for convenience and matching other images
- Fail RUN commands if there's an error
- Use gunicorn for both targets, since in devstack we can specify the CMD
  in the docker-compose file anyhow.
- Install make, less, and some editors in the dev target
- Set up virtualenv for dev environment
  • Loading branch information
@timmc-edx
timmc-edx committed Jan 30, 2025
1 parent c3b489b commit a38e7df
Showing 1 changed file with 17 additions and 5 deletions.
22 changes: 17 additions & 5 deletions dockerfiles/codejail.Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ ARG PYVER=3.12
# - python*-dev: Header files for python extensions, required by many source wheels
# - python*-venv: Allow creation of virtualenvs
RUN <<EOF
set -eu
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install \
--quiet --yes --no-install-recommends \
Expand Down Expand Up @@ -61,19 +62,32 @@ python${PYVER} -m venv /venv
EOF

EXPOSE 8080
CMD /venv/bin/gunicorn -c /app/codejail_service/docker_gunicorn_configuration.py \
--bind '0.0.0.0:8080' --workers=10 --max-requests=1000 --name codejail \
codejail_service.wsgi:application


FROM app AS dev

# Developers will want some additional packages for interactive debugging.
RUN <<EOF
set -eu
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install \
--quiet --yes --no-install-recommends \
make less nano emacs-nox
rm -rf /var/lib/apt/lists/*
EOF

RUN /venv/bin/pip-sync requirements/dev.txt
RUN python${PYVER} -m compileall /venv

# Add code changes after deps installation so it won't bust the image cache
ADD https://github.com/${GITHUB_REPO}.git#${VERSION} .
RUN python${PYVER} -m compileall /app

USER app
CMD echo $PATH; while true; do /venv/bin/python ./manage.py runserver 0.0.0.0:8080; sleep 2; done
# Set up virtualenv for developer
ENV PATH="/venv/bin:$PATH"


FROM app AS prod
Expand All @@ -85,7 +99,5 @@ RUN python${PYVER} -m compileall /venv
ADD https://github.com/${GITHUB_REPO}.git#${VERSION} .
RUN python${PYVER} -m compileall /app

# Drop to unprivileged user for running service
USER app
CMD /venv/bin/gunicorn -c /app/codejail_service/docker_gunicorn_configuration.py \
--bind '0.0.0.0:8080' --workers=2 --max-requests=1000 --name codejail \
codejail_service.wsgi:application

0 comments on commit a38e7df

Please sign in to comment.