diff --git a/Dockerfile b/Dockerfile index ddce830..9b7c01b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,20 +1,31 @@ -FROM python:3.12-slim-bullseye +FROM python:3.12-slim-bookworm +# PYTHONFAULTHANDLER: Propagate tracebacks from all threads. +# PYTHONUNBUFFERED: Write terminal output straight to docker (to not confuse Docker Compose). +# PYTHONDONTWRITEBYTECODE: Dont write *pyc files at all, making it possible for a 100% read-only container. +# PIP_NO_CACHE_DIR: Disable PIP cache, we don't need pip's cache after building the image. +# PIP_DISABLE_PIP_VERSION_CHECK: Build the image with the available pip, do not check for updates (faster!) +# PIP_DEFAULT_TIMEOUT: Allow for longer timeouts. ENV PYTHONFAULTHANDLER=1 \ PYTHONUNBUFFERED=1 \ PYTHONDONTWRITEBYTECODE=1 \ - PYTHONHASHSEED=random \ - PIP_NO_CACHE_DIR=off \ + PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=on \ PIP_DEFAULT_TIMEOUT=100 ARG BUILD -ENV BUILD ${BUILD} +ENV BUILD=${BUILD} ARG REQUIREMENTS_FILE=requirements.txt WORKDIR /app RUN groupadd -g 1000 www && useradd -u 1000 -ms /bin/bash -g www www -RUN apt-get update && \ + +# Only copy the requirements file first to leverage Docker cache +COPY $REQUIREMENTS_FILE . + +RUN mkdir -p /app/src/static && \ + chown www:www /app/src/static && \ + apt-get update && \ apt-get install -y \ binutils \ libpq-dev \ @@ -26,15 +37,13 @@ RUN apt-get update && \ libgdk-pixbuf2.0-0 \ libffi-dev \ shared-mime-info \ - gettext + gettext && \ + pip install --no-cache-dir -r $REQUIREMENTS_FILE -COPY --chown=www:www . . +# Copy the rest of the application +COPY . . -RUN mkdir /app/src/static && \ - chown www:www /app/src/static - -RUN pip install --no-cache-dir -r $REQUIREMENTS_FILE -RUN django-admin compilemessages +RUN django-admin compilemessages ENTRYPOINT ["./entrypoint.sh"] diff --git a/README.md b/README.md index be00381..3b878a9 100644 --- a/README.md +++ b/README.md @@ -98,3 +98,13 @@ hatch-pip-compile # Update requirements/requirements-dev.txt: hatch-pip-compile dev ``` + +#### Updating requirements + +If you want to update the requirements, you can run the following command: + +```bash +hatch run requirements +``` + +This uses [hatch-pip-compile](https://juftin.com/hatch-pip-compile/) to update the requirements. diff --git a/pyproject.toml b/pyproject.toml index 575383b..58bd69e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -13,16 +13,16 @@ authors = [ ] dependencies = [ "Django>=5.1b1,<5.2", - "django-money==3.5.2", - "django-allauth==0.63.6", - "psycopg[binary]==3.2.1", - "environs[django]==11.0.0", - "uvicorn==0.30.1", - "whitenoise==6.7.0", - "django-zen-queries==2.1.0", + "django-money~=3.5", + "django-allauth~=0.63", + "psycopg[binary]~=3.2", + "environs[django]>=11,<12", + "uvicorn~=0.30", + "whitenoise~=6.7", + "django-zen-queries~=2.1", "django-registries==0.0.3", "django-view-decorator==0.0.4", - "django-oauth-toolkit==2.4.0", + "django-oauth-toolkit~=2.4", "django_stubs_ext~=5.0", "stripe~=10.5", ] @@ -64,7 +64,7 @@ matrix.python.dependencies = [ { value = "typing_extensions==4.5.0", if = ["3.10"]}, ] -[tool.hatch.envs.dev.scripts] +[tool.hatch.envs.default.scripts] cov = "pytest --cov-report=term-missing --cov-config=pyproject.toml --cov=src --cov=tests --cov=append {args}" no-cov = "cov --no-cov {args}" typecheck = "mypy --config-file=pyproject.toml ." diff --git a/requirements.txt b/requirements.txt index 5a684f2..63b460a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,7 +16,7 @@ charset-normalizer==3.3.2 # via requests click==8.1.7 # via uvicorn -cryptography==42.0.8 +cryptography==43.0.0 # via jwcrypto dj-database-url==2.2.0 # via environs @@ -97,7 +97,7 @@ typing-extensions==4.12.2 # stripe urllib3==2.2.2 # via requests -uvicorn==0.30.1 +uvicorn==0.30.4 # via membersystem (pyproject.toml) whitenoise==6.7.0 # via membersystem (pyproject.toml) diff --git a/requirements/requirements-dev.txt b/requirements/requirements-dev.txt index 2acde9b..7d83b17 100644 --- a/requirements/requirements-dev.txt +++ b/requirements/requirements-dev.txt @@ -11,19 +11,19 @@ # - django-debug-toolbar==4.2.0 # - django-browser-reload==1.7.0 # - model-bakery==1.17.0 -# - django-allauth==0.63.6 -# - django-money==3.5.2 -# - django-oauth-toolkit==2.4.0 +# - django-allauth~=0.63 +# - django-money~=3.5 +# - django-oauth-toolkit~=2.4 # - django-registries==0.0.3 # - django-stubs-ext~=5.0 # - django-view-decorator==0.0.4 -# - django-zen-queries==2.1.0 +# - django-zen-queries~=2.1 # - django<5.2,>=5.1b1 -# - environs[django]==11.0.0 -# - psycopg[binary]==3.2.1 +# - environs[django]<12,>=11 +# - psycopg[binary]~=3.2 # - stripe~=10.5 -# - uvicorn==0.30.1 -# - whitenoise==6.7.0 +# - uvicorn~=0.30 +# - whitenoise~=6.7 # asgiref==3.8.1 @@ -49,7 +49,7 @@ coverage==7.3.0 # hatch.envs.dev # coverage # pytest-cov -cryptography==42.0.8 +cryptography==43.0.0 # via jwcrypto dj-database-url==2.2.0 # via environs @@ -86,7 +86,7 @@ django-registries==0.0.3 # via hatch.envs.dev django-stubs==1.16.0 # via hatch.envs.dev -django-stubs-ext==5.0.2 +django-stubs-ext==5.0.4 # via # hatch.envs.dev # django-stubs @@ -166,7 +166,7 @@ tomli==2.0.1 # via django-stubs types-pytz==2024.1.0.20240417 # via django-stubs -types-pyyaml==6.0.12.20240311 +types-pyyaml==6.0.12.20240724 # via django-stubs typing-extensions==4.12.2 # via @@ -180,7 +180,7 @@ typing-extensions==4.12.2 # stripe urllib3==2.2.2 # via requests -uvicorn==0.30.1 +uvicorn==0.30.3 # via hatch.envs.dev wheel==0.43.0 # via pip-tools