diff options
| author |  Mark <[email protected]> | 2020-03-24 09:38:49 -0700 |
|---|---|---|
| committer |  GitHub <[email protected]> | 2020-03-24 09:38:49 -0700 |
| commit | 2ebea7ecdf146699d68942f4b27478554504fdbd (patch) | |
| tree | 9bdf8d022cf91a409ff7d41005a3d793188ac07b | |
| parent | Merge pull request #68 from python-discord/feat/doc/57/docker-run-cmd (diff) | |
| parent | Fix #66: venv being created in container (diff) | |
Merge pull request #69 from python-discord/bug/ci/66/pipenv-run-creates-venv
Fix venv being created in Dockerfile
| -rw-r--r-- | .dockerignore | 2 | ||||
| -rw-r--r-- | Pipfile | 10 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | config/gunicorn.conf.py | 5 | ||||
| -rw-r--r-- | config/snekbox.cfg (renamed from snekbox.cfg) | 0 | ||||
| -rw-r--r-- | docker/Dockerfile | 4 | ||||
| -rw-r--r-- | docker/venv.Dockerfile | 5 | ||||
| -rw-r--r-- | scripts/.profile | 2 | ||||
| -rw-r--r-- | snekbox/nsjail.py | 4 |
9 files changed, 17 insertions, 17 deletions
diff --git a/.dockerignore b/.dockerignore index 4f43e08..d030b2f 100644 --- a/.dockerignore +++ b/.dockerignore @@ -3,7 +3,7 @@ # Make exceptions for what's needed !snekbox -!snekbox.cfg +!config/ !tests !Pipfile !Pipfile.lock @@ -55,15 +55,7 @@ testb = """ -c 'pipenv run coverage run -m unittest' """ report = "coverage report" -snekbox = """ - gunicorn \ - -w 2 \ - -b 0.0.0.0:8060 \ - --logger-class snekbox.GunicornLogger \ - --access-logformat '%(m)s %(U)s%(q)s %(s)s %(b)s %(L)ss' \ - --access-logfile - \ - snekbox.api.app -""" +snekbox = "gunicorn -c config/gunicorn.conf.py snekbox.api.app" devsh = "sh scripts/dev.sh" build = """ docker build \ @@ -144,7 +144,7 @@ The alias can be found in `./scripts/.profile`, which is automatically added whe [1]: https://dev.azure.com/python-discord/Python%20Discord/_apis/build/status/Snekbox?branchName=master [2]: https://dev.azure.com/python-discord/Python%20Discord/_build/latest?definitionId=13&branchName=master -[`snekbox.cfg`]: snekbox.cfg +[`snekbox.cfg`]: config/snekbox.cfg [`snekapi.py`]: snekbox/api/snekapi.py [`resources`]: snekbox/api/resources [`docker run`]: https://docs.docker.com/engine/reference/commandline/run/ diff --git a/config/gunicorn.conf.py b/config/gunicorn.conf.py new file mode 100644 index 0000000..5ab11f4 --- /dev/null +++ b/config/gunicorn.conf.py @@ -0,0 +1,5 @@ +workers = 2 +bind = "0.0.0.0:8060" +logger_class = "snekbox.GunicornLogger" +access_logformat = "%(m)s %(U)s%(q)s %(s)s %(b)s %(L)ss" +access_logfile = "-" diff --git a/snekbox.cfg b/config/snekbox.cfg index 38f3ade..38f3ade 100644 --- a/snekbox.cfg +++ b/config/snekbox.cfg diff --git a/docker/Dockerfile b/docker/Dockerfile index 5ef8a88..b6c2f77 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,7 +1,7 @@ FROM pythondiscord/snekbox-venv:latest -ENTRYPOINT ["pipenv", "run"] -CMD ["snekbox"] +ENTRYPOINT ["gunicorn"] +CMD ["-c", "config/gunicorn.conf.py", "snekbox.api.app"] COPY . /snekbox WORKDIR /snekbox diff --git a/docker/venv.Dockerfile b/docker/venv.Dockerfile index fe5b10d..5c0fcfc 100644 --- a/docker/venv.Dockerfile +++ b/docker/venv.Dockerfile @@ -6,7 +6,7 @@ ENV PIP_NO_CACHE_DIR=false \ PIPENV_HIDE_EMOJIS=1 \ PIPENV_NOSPIN=1 -COPY Pipfile Pipfile.lock snekbox.cfg /snekbox/ +COPY Pipfile Pipfile.lock /snekbox/ WORKDIR /snekbox RUN if [ -n "${DEV}" ]; \ @@ -15,3 +15,6 @@ RUN if [ -n "${DEV}" ]; \ else \ pipenv install --deploy --system; \ fi + +# At the end to avoid re-installing dependencies when only a config changes. +COPY config/ /snekbox/config diff --git a/scripts/.profile b/scripts/.profile index 69ad959..9bf8e09 100644 --- a/scripts/.profile +++ b/scripts/.profile @@ -15,7 +15,7 @@ nsjpy() { echo "${MEM_MAX}" > /sys/fs/cgroup/memory/NSJAIL/memory.memsw.limit_in_bytes nsjail \ - --config "${NSJAIL_CFG:-/snekbox/snekbox.cfg}" \ + --config "${NSJAIL_CFG:-/snekbox/config/snekbox.cfg}" \ $nsj_args -- \ /usr/local/bin/python -Iqu -c "$@" } diff --git a/snekbox/nsjail.py b/snekbox/nsjail.py index c6a81b1..cafde6d 100644 --- a/snekbox/nsjail.py +++ b/snekbox/nsjail.py @@ -24,7 +24,7 @@ CGROUP_PIDS_PARENT = Path("/sys/fs/cgroup/pids/NSJAIL") CGROUP_MEMORY_PARENT = Path("/sys/fs/cgroup/memory/NSJAIL") NSJAIL_PATH = os.getenv("NSJAIL_PATH", "/usr/sbin/nsjail") -NSJAIL_CFG = os.getenv("NSJAIL_CFG", "./snekbox.cfg") +NSJAIL_CFG = os.getenv("NSJAIL_CFG", "./config/snekbox.cfg") MEM_MAX = 52428800 @@ -32,7 +32,7 @@ class NsJail: """ Core Snekbox functionality, providing safe execution of Python code. - See snekbox.cfg for the default NsJail configuration. + See config/snekbox.cfg for the default NsJail configuration. """ def __init__(self, nsjail_binary: str = NSJAIL_PATH, python_binary: str = sys.executable): |