-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.test
More file actions
101 lines (81 loc) · 3.48 KB
/
Dockerfile.test
File metadata and controls
101 lines (81 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# Production-ready YugabyteDB to BigQuery CDC Processor
FROM python:3.11-slim
# --- Build metadata ---
ARG BUILD_TIMESTAMP
ARG GIT_COMMIT
ARG GIT_TAG
# --- Env ---
ENV BUILD_TIMESTAMP=${BUILD_TIMESTAMP} \
GIT_COMMIT=${GIT_COMMIT} \
GIT_TAG=${GIT_TAG} \
PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
# Tell the app where to find yb-admin
YB_ADMIN_PATH=/usr/local/bin/yb-admin
# System deps: curl/tar/grep for discovery, netcat for health checks
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates curl tar grep netcat-traditional git \
&& rm -rf /var/lib/apt/lists/*
# --- Install yb-admin (supports amd64 and arm64) ---
RUN set -eux; \
url="https://software.yugabyte.com/releases/2025.1.1.1/yugabyte-2025.1.1.1-b1-el8-aarch64.tar.gz"; \
echo "Downloading $url"; \
curl -fsSL "$url" -o /tmp/yb.tar.gz; \
ybdir="$(tar -tzf /tmp/yb.tar.gz | head -n1 | cut -d/ -f1)"; \
mkdir -p /opt; \
tar -xzf /tmp/yb.tar.gz -C /opt; \
ln -sf "/opt/${ybdir}/bin/yb-admin" /usr/local/bin/yb-admin; \
rm -f /tmp/yb.tar.gz; \
/usr/local/bin/yb-admin --version || true
# --- Security: non-root user ---
RUN useradd --create-home --shell /bin/bash cdc_user
WORKDIR /app
RUN chown cdc_user:cdc_user /app
# --- Python deps (cached layer) ---
COPY requirements.txt ./requirements.txt
RUN pip install --no-cache-dir -r requirements.txt
RUN git config --global user.name "YourUsername" && \
git config --global user.email "youremail@example.com"
# Install build tools and build debugpy from source
RUN apt-get update && apt-get install -y --no-install-recommends gcc g++ make \
&& pip install --no-cache-dir --force-reinstall git+https://github.com/microsoft/debugpy.git \
&& apt-get remove -y gcc g++ make \
&& apt-get autoremove -y \
&& rm -rf /var/lib/apt/lists/*
# Explicitly handle aarch64 architecture for compiling attach_aarch64.so
RUN apt-get update && apt-get install -y --no-install-recommends gcc g++ make cmake openssh-client \
&& mkdir -p ~/.ssh \
&& chmod 700 ~/.ssh \
&& ssh-keyscan github.com >> ~/.ssh/known_hosts \
&& git clone https://github.com/microsoft/debugpy.git /tmp/debugpy \
&& cd /tmp/debugpy/src/debugpy/_vendored/pydevd/pydevd_attach_to_process/linux_and_mac \
&& g++ -std=c++11 -shared -fPIC -O2 -D_FORTIFY_SOURCE=2 -nostartfiles attach.cpp -o attach_aarch64.so \
&& cp attach_aarch64.so /usr/local/lib/python3.11/site-packages/debugpy/_vendored/pydevd/pydevd_attach_to_process/ \
&& apt-get remove -y gcc g++ make cmake openssh-client \
&& apt-get autoremove -y \
&& rm -rf /tmp/debugpy \
&& rm -rf /var/lib/apt/lists/*
# --- Application code ---
COPY src/ ./src/
# Copy the tests directory explicitly
COPY tests/ ./tests/
# --- Healthcheck ---
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD curl -f http://localhost:8080/health || exit 1
# --- Drop privileges ---
USER cdc_user
# --- Expose health port ---
EXPOSE 8080
# --- Debug logs directory ---
ENV DEBUGPY_LOG_DIR="/app/debug_logs"
ENV DEBUGPY_FORCE_PYTHON=1
# Ensure the PYTHONPATH includes the root directory and the tests directory
ENV PYTHONPATH=/app/src:/app/tests
# --- Copy test config ---
COPY /sample/test_config.yaml /app/sample/test_config.yaml
COPY gcp-key.json /vault/secrets/gcp-key.json
# Set the working directory to /app
WORKDIR /app
# Add a script to handle dynamic command selection
COPY /init-scripts/entrypoint.sh /app/entrypoint.sh
CMD ["/app/entrypoint.sh"]