From d1a3843ba90b41a51b0939447a0afaa16cb7d9a4 Mon Sep 17 00:00:00 2001 From: Sam Doran Date: Mon, 6 Jan 2025 17:43:15 -0500 Subject: [PATCH] Add containerfile Build container image based on UBI-9 minimal with Python 3.11. Creates a non-root account for running the application. --- .gitignore | 1 + Containerfile | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 Containerfile diff --git a/.gitignore b/.gitignore index d005e61..e2a8336 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ __pycache__ +.coverage .install .ruff_cache /.venv* diff --git a/Containerfile b/Containerfile new file mode 100644 index 0000000..fe7e1bc --- /dev/null +++ b/Containerfile @@ -0,0 +1,40 @@ +FROM registry.access.redhat.com/ubi9-minimal:latest + +LABEL com.redhat.component=rhel-roadmap-api +LABEL description="Red Hat Enterprise Linux Roadmap API" +LABEL distribution-scope=private +LABEL io.k8s.description="Red Hat Enterprise Linux Roadmap API" +LABEL io.k8s.display-name="RHEL Roadmap API" +LABEL io.openshift.tags="rhel,lightspeed,roadmap" +LABEL name=rhel-roadmap-api +LABEL release=0.0.1 +LABEL summary="Red Hat Enterprise Linux Roadmap API" +LABEL url="https://github.com/RedHatInsights/digital-roadmap-backend" +LABEL vendor="Red Hat, Inc." +LABEL version=0.0.1 + +ENV VENV=/opt/venvs/rhel_roadmap +ENV PYTHON="${VENV}/bin/python" +ENV PATH="${VENV}/bin:$PATH" +ENV PYTHON_VERSION="3.11" + +COPY LICENSE /licenses/Apache-2.0.txt + +RUN microdnf install -y \ + libpq \ + "python${PYTHON_VERSION}" \ + && rm -rf /var/cache/yum/* + +COPY "requirements/requirements-${PYTHON_VERSION}.txt" /usr/share/container-setup/requirements.txt +RUN "python${PYTHON_VERSION}" -m venv "$VENV" \ + && "$PYTHON" -m pip install --no-cache-dir --upgrade pip setuptools \ + && "$PYTHON" -m pip install --no-cache-dir --requirement /usr/share/container-setup/requirements.txt + +COPY app/ /srv/rhel_roadmap/app/ + +RUN useradd --system --create-home --home-dir /srv/rhel_roadmap roady + +USER roady +WORKDIR /srv/rhel_roadmap + +CMD ["fastapi", "run", "app/main.py", "--proxy-headers", "--port", "80"]