docker image size reduced by 50%

Author: pintu4146

.github/workflows/ci.yml

@@ -0,0 +1,43 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches: [ "main" ]
+    paths:
+      - 'microservices/**'
+  pull_request:
+    branches: [ "main" ]
+    paths:
+      - 'microservices/**'
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./microservices/fastapi/monolith
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v4
+      with:
+        python-version: "3.10"
+
+    - name: Install Poetry
+      run: |
+        pip install poetry
+
+    - name: Install dependencies
+      run: |
+        poetry install
+
+    - name: Run Tests
+      # For now, we just check if the code is syntactically correct
+      run: |
+        poetry run python -m compileall app/
+
+    - name: Build Docker Image
+      run: |
+        docker build -t monolith-service-alpine .

.gitignore

@@ -1,2 +1,50 @@
-fastapi_service/venv
-microservices/fastapi/monolith/myvenv
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+microservices/fastapi/monolith/app/__pycache__
+microservices/fastapi/monolith/app/services/__pycache__
+microservices/fastapi/monolith/app/routers/__pycache__
+
+
+
+microservices/fastapi/monolith/app/__pycache__
+
+# Virtual Environments
+venv/
+env/
+ENV/
+.venv
+myvenv/
+
+microservices/fastapi/monolith/myvenv
+
+# IDEs
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Environment variables
+.env
+.env.local
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Poetry (do NOT ignore poetry.lock!)
+# poetry.lock should be committed
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+
+# Build artifacts
+dist/
+build/
+*.egg-info/

microservices/fastapi/monolith/Dockerfile

@@ -1,11 +1,72 @@
-FROM python:3.10-slim
+# Stage 1: Builder
+FROM python:3.10-alpine as builder
+
+# Set environment variables
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1
 
 WORKDIR /code
 
-COPY ./requirements.txt /code/requirements.txt
+# Install system dependencies required for building python packages
+# libffi-dev and build-base are often needed for python wheels on alpine
+RUN apk add --no-cache libffi-dev build-base
+
+# Install poetry and export plugin
+RUN pip install poetry poetry-plugin-export
+
+# Copy poetry configuration
+COPY pyproject.toml poetry.lock .
+
+# Generate lock file and export requirements.txt
+RUN poetry lock && \
+    poetry export -f requirements.txt --output requirements.txt --without-hashes
+
+# Install python dependencies
+RUN pip wheel --no-cache-dir --no-deps --wheel-dir /code/wheels -r requirements.txt
 
-RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
+# Stage 2: Runner
+FROM python:3.10-alpine as runner
+
+# Metadata
+LABEL maintainer="Monolith Team" \
+      description="Monolithic FastAPI Service" \
+      version="1.0"
+
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1
+
+WORKDIR /code
 
+# Create a non-root user for security
+# Alpine uses adduser -D (no password)
+RUN addgroup -S appuser && adduser -S appuser -G appuser
+
+# Install system dependencies (curl for healthcheck)
+RUN apk add --no-cache curl
+
+# Copy wheels from builder stage
+COPY --from=builder /code/wheels /code/wheels
+COPY --from=builder /code/requirements.txt .
+
+# Install dependencies from wheels
+RUN pip install --no-cache-dir --no-index --find-links=/code/wheels -r requirements.txt && \
+    rm -rf /code/wheels
+
+# Copy application code
 COPY ./app /code/app
 
+# Change ownership to non-root user
+RUN chown -R appuser:appuser /code
+
+# Switch to non-root user
+USER appuser
+
+# Expose the port
+EXPOSE 8000
+
+# Healthcheck to ensure the service is running
+HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
+  CMD curl -f http://localhost:8000/ || exit 1
+
+# Command to run the application
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]