-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
124 lines (101 loc) · 3.93 KB
/
Dockerfile
File metadata and controls
124 lines (101 loc) · 3.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# ---- builder ----
FROM ghcr.io/astral-sh/uv:0.9-python3.13-bookworm-slim AS builder
WORKDIR /app
ARG USER=chapkit UID=10001
RUN useradd -u ${UID} -m -s /bin/bash ${USER}
# UV configuration for better build performance
ENV UV_COMPILE_BYTECODE=1
ENV UV_LINK_MODE=copy
ENV UV_PROJECT_ENVIRONMENT=/app/.venv
ENV UV_PIP_EXTRA_ARGS="--only-binary=:all:"
# Copy project files needed for wheel build
COPY pyproject.toml uv.lock README.md ./
COPY src/ ./src/
COPY alembic/ ./alembic/
COPY alembic.ini ./
# Install git (needed for some dependencies) and build chapkit wheel
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && apt-get upgrade -y && \
apt-get install -y --no-install-recommends git && \
apt-get clean && rm -rf /var/lib/apt/lists/*
# Build chapkit wheel
RUN uv build
# Create venv and install chapkit wheel (includes gunicorn as dependency)
RUN --mount=type=cache,target=/root/.cache/uv \
uv venv && \
uv pip install dist/*.whl
# Cleanup Python cache files
RUN find /app/.venv -type d -name '__pycache__' -prune -exec rm -rf {} + && \
find /app/.venv -type f -name '*.py[co]' -delete || true
# ---- runtime ----
FROM python:3.13-slim AS runtime
# OCI labels for container metadata
LABEL org.opencontainers.image.title="Chapkit Examples"
LABEL org.opencontainers.image.description="Production examples for Chapkit async SQLAlchemy library with FastAPI"
LABEL org.opencontainers.image.vendor="Chapkit"
LABEL org.opencontainers.image.source="https://github.com/yourusername/chapkit"
WORKDIR /app
ARG USER=chapkit UID=10001
RUN useradd -u ${UID} -m -s /bin/bash ${USER}
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && apt-get upgrade -y && \
apt-get install -y --no-install-recommends ca-certificates tini && \
apt-get clean && rm -rf /var/lib/apt/lists/*
# Copy venv from builder
COPY --from=builder --chown=${USER}:${USER} /app/.venv /app/.venv
# Copy examples and migration files
COPY --chown=${USER}:${USER} examples/ ./examples/
COPY --chown=${USER}:${USER} alembic/ ./alembic/
COPY --chown=${USER}:${USER} alembic.ini ./
COPY --chown=${USER}:${USER} gunicorn.conf.py ./
ENV VIRTUAL_ENV=/app/.venv
ENV PATH=/app/.venv/bin:${PATH}
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
ENV PYTHONFAULTHANDLER=1
# Server configuration
ENV PORT=8000
ENV TIMEOUT=60
ENV GRACEFUL_TIMEOUT=30
ENV KEEPALIVE=5
ENV FORWARDED_ALLOW_IPS="*"
# Worker configuration
ENV MAX_REQUESTS=1000
ENV MAX_REQUESTS_JITTER=200
# Logging configuration
ENV LOG_FORMAT=json
ENV LOG_LEVEL=INFO
# Default example to run (can be overridden)
ENV EXAMPLE_MODULE=examples.config_api:app
USER ${USER}
EXPOSE 8000
# Health check to verify the API is responding
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:${PORT}/health').read()" || exit 1
ENTRYPOINT ["/usr/bin/tini","--"]
CMD ["sh","-c", "\
effective_cpus() { \
base=$(nproc 2>/dev/null || getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1); \
if read -r quota period < /sys/fs/cgroup/cpu.max 2>/dev/null; then \
if [ \"$quota\" != \"max\" ]; then \
echo $(( (quota + period - 1) / period )); return; \
fi; \
fi; \
echo \"$base\"; \
}; \
: ${FORWARDED_ALLOW_IPS:='*'}; \
CPUS=$(effective_cpus); \
: ${WORKERS:=$(( CPUS * 2 + 1 ))}; \
exec gunicorn -k uvicorn.workers.UvicornWorker ${EXAMPLE_MODULE} \
--bind 0.0.0.0:${PORT} \
--workers ${WORKERS} \
--timeout ${TIMEOUT} \
--graceful-timeout ${GRACEFUL_TIMEOUT} \
--keep-alive ${KEEPALIVE} \
--forwarded-allow-ips=${FORWARDED_ALLOW_IPS} \
--max-requests ${MAX_REQUESTS} \
--max-requests-jitter ${MAX_REQUESTS_JITTER} \
--worker-tmp-dir /dev/shm \
"]