@@ -7,10 +7,9 @@ ARG DOCKER_GID_ARG=1001
77RUN apk add --no-cache \
88 su-exec
99
10- # create user ' scu' and adds it to host's docker group
10+ # create user ` scu` and `docker` group (with same id as in host)
1111RUN adduser -D -u 8004 scu &&\
12- addgroup -g $DOCKER_GID_ARG docker &&\
13- addgroup scu docker
12+ addgroup -g $DOCKER_GID_ARG docker
1413
1514ENV HOME /home/scu
1615ENV PIP /home/scu/.venv/bin/pip3
@@ -19,10 +18,12 @@ EXPOSE 8000
1918VOLUME /home/scu/input
2019VOLUME /home/scu/output
2120VOLUME /home/scu/log
22- # VOLUME /var/run/docker.sock DO NOT EXPOSE .. fails!
21+
22+ WORKDIR /home/scu
2323
2424# -------------------------- Build stage -------------------
25- # Keeps same folder structure as in repo so we can reuse relative paths
25+ #
26+ # - Preserves relative folder structure
2627#
2728# + /home/scu/ $HOME
2829# + services/sidecar
@@ -42,21 +43,21 @@ RUN python3 -m venv $HOME/.venv &&\
4243 wheel \
4344 setuptools
4445
45- WORKDIR /home/scu
46-
47- # Build context set at repo's root
48- COPY --chown=scu:scu services/sidecar/requirements $HOME/requirements
49- COPY services/sidecar/.docker $HOME/.docker
46+ # TODO: check if scu:scu copy is necessary!?
47+ COPY --chown=scu:scu services/sidecar/requirements/base.txt requirements-base.txt
48+ RUN $PIP install --no-cache-dir -r requirements-base.txt &&\
49+ rm requirements-base.txt
5050
51- RUN $PIP install --no-cache-dir -r requirements/base.txt &&\
52- rm -rf requirements
51+ COPY --chown=scu:scu services/sidecar/.docker .docker
52+ COPY --chown=scu:scu services/sidecar/boot.sh boot.sh
5353
5454# --------------------------Development stage -------------------
5555FROM build as development
5656
5757ARG HOST_GID_ARG=1000
5858
5959# in dev-mode we give access to `scu` to host's mapped volumes
60+ # FIXME: files created by scu cannot be deleted by host! we need to do the same group in host?
6061RUN addgroup -g $HOST_GID_ARG hgrp &&\
6162 addgroup scu hgrp && \
6263 chown -R scu:scu $HOME/.venv
@@ -65,15 +66,15 @@ VOLUME /home/scu/packages
6566VOLUME /home/scu/services/sidecar
6667
6768ENV DEBUG 1
68- WORKDIR /home/scu
69+ USER root
6970ENTRYPOINT [ "/bin/sh" , ".docker/entrypoint.sh" ]
70- CMD $HOME /boot.sh
71+ CMD . /boot.sh
7172
7273
7374# --------------------------Production multi-stage -------------------
7475FROM build as build-production
7576
76- # Buil context set at repo's root
77+ # TODO: check if scu:scu copy is necessary in all cases!? since we are just installing?
7778COPY --chown=scu:scu packages $HOME/packages
7879COPY --chown=scu:scu services/sidecar $HOME/services/sidecar
7980
@@ -86,13 +87,13 @@ FROM base as production
8687
8788# TODO: PC->MaG some postgresql missing? install non-dev package!?
8889
89- COPY --from=build-production --chown=scu:scu $HOME/services/sidecar/ boot.sh $HOME
90- COPY --from=build-production --chown=scu:scu $HOME/.venv $HOME/ .venv
91- COPY --from=build-production --chown=scu:scu $HOME/.docker $HOME/ .docker
90+ COPY --from=build-production --chown=scu:scu $HOME/boot.sh boot.sh
91+ COPY --from=build-production --chown=scu:scu $HOME/.venv .venv
92+ COPY --from=build-production --chown=scu:scu $HOME/.docker .docker
9293
9394RUN . $HOME/.venv/bin/activate; pip list
9495
9596ENV DEBUG 0
96- WORKDIR /home/scu
97+ USER root
9798ENTRYPOINT [ "/bin/sh" , ".docker/entrypoint.sh" ]
9899CMD ./boot.sh
0 commit comments