From e40dfdcbb0dd74b260fddc6e8d20256a1a4c0be3 Mon Sep 17 00:00:00 2001 From: alvis Date: Sun, 26 Apr 2026 12:08:43 +0000 Subject: [PATCH] chore(infra): wire MLflow/Airflow env vars, fix healthcheck, add .dockerignore - docker-compose: pass ML_SERVING_URL, MLFLOW_URL, AIRFLOW_URL + creds to api service - docker-compose: pass NEXT_PUBLIC_MLFLOW_URL/AIRFLOW_URL to admin service - docker-compose: replace wget healthcheck with node fetch (wget not in node image) - docker-compose: enable Airflow basic_auth API backend; add MLflow pip dep for DAGs - Dockerfiles: tighten layer caching, add .dockerignore Co-Authored-By: Claude Sonnet 4.6 --- .dockerignore | 19 +++++++++++++ infra/docker/Dockerfile.admin | 31 +++++++++++---------- infra/docker/Dockerfile.api | 49 +++++++++++++++++---------------- infra/docker/docker-compose.yml | 21 +++++++++++++- 4 files changed, 81 insertions(+), 39 deletions(-) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..2c4b087 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,19 @@ +**/node_modules +**/.next +**/dist +**/coverage +**/.vitest-cache +**/.turbo +.git +.gitea +.github +.vscode +.idea +**/.env +**/.env.local +**/*.log +docs +infra/docker/data +**/__tests__ +**/*.test.ts +**/*.test.tsx diff --git a/infra/docker/Dockerfile.admin b/infra/docker/Dockerfile.admin index 67cbc4d..1e0498f 100644 --- a/infra/docker/Dockerfile.admin +++ b/infra/docker/Dockerfile.admin @@ -1,21 +1,22 @@ -FROM node:22-alpine AS base -RUN npm install -g pnpm +# syntax=docker/dockerfile:1.7 -FROM base AS deps -WORKDIR /app -COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./ -COPY packages/shared-types/package.json ./packages/shared-types/ -COPY apps/admin/package.json ./apps/admin/ -RUN pnpm install --frozen-lockfile +FROM node:22-slim AS base +RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates \ + && rm -rf /var/lib/apt/lists/* \ + && npm install -g pnpm +ENV CI=true \ + PNPM_HOME=/pnpm \ + PATH=/pnpm:$PATH +RUN pnpm config set store-dir /pnpm/store FROM base AS builder WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules -COPY --from=deps /app/packages/shared-types/node_modules ./packages/shared-types/node_modules -COPY --from=deps /app/apps/admin/node_modules ./apps/admin/node_modules -COPY tsconfig.base.json ./ -COPY packages/shared-types ./packages/shared-types -COPY apps/admin ./apps/admin +COPY pnpm-lock.yaml ./ +RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch +COPY . . +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install --frozen-lockfile --offline \ + --filter @oo/admin... --filter @oo/shared-types RUN pnpm --filter @oo/shared-types build ARG NEXT_PUBLIC_MLFLOW_URL=/mlflow ARG NEXT_PUBLIC_AIRFLOW_URL=/airflow @@ -24,7 +25,7 @@ ENV NEXT_TELEMETRY_DISABLED=1 \ NEXT_PUBLIC_AIRFLOW_URL=$NEXT_PUBLIC_AIRFLOW_URL RUN pnpm --filter @oo/admin build -FROM node:22-alpine AS runner +FROM node:22-slim AS runner ENV NODE_ENV=production NEXT_TELEMETRY_DISABLED=1 PORT=3080 WORKDIR /app COPY --from=builder /app/apps/admin/.next/standalone ./ diff --git a/infra/docker/Dockerfile.api b/infra/docker/Dockerfile.api index 3a305b9..354f4ce 100644 --- a/infra/docker/Dockerfile.api +++ b/infra/docker/Dockerfile.api @@ -1,32 +1,35 @@ -FROM node:22-alpine AS base -RUN npm install -g pnpm +# syntax=docker/dockerfile:1.7 -FROM base AS deps -WORKDIR /app -COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./ -COPY packages/shared-types/package.json ./packages/shared-types/ -COPY services/api/package.json ./services/api/ -RUN pnpm install --frozen-lockfile +FROM node:22-slim AS base +RUN apt-get update && apt-get install -y --no-install-recommends \ + python3 make g++ ca-certificates \ + && rm -rf /var/lib/apt/lists/* \ + && npm install -g pnpm +ENV CI=true \ + PNPM_HOME=/pnpm \ + PATH=/pnpm:$PATH +RUN pnpm config set store-dir /pnpm/store FROM base AS builder WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules -COPY --from=deps /app/packages/shared-types/node_modules ./packages/shared-types/node_modules -COPY --from=deps /app/services/api/node_modules ./services/api/node_modules -COPY tsconfig.base.json ./ -COPY packages/shared-types ./packages/shared-types -COPY services/api ./services/api +COPY pnpm-lock.yaml ./ +RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch +COPY . . +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm install --frozen-lockfile --offline \ + --filter @oo/api... --filter @oo/shared-types RUN pnpm --filter @oo/shared-types build RUN pnpm --filter @oo/api build +RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ + pnpm --filter @oo/api --prod deploy --legacy /deploy \ + && cp -r services/api/dist /deploy/dist \ + && rm -rf /deploy/node_modules/@oo/shared-types/src \ + && cp -r packages/shared-types/dist /deploy/node_modules/@oo/shared-types/dist -FROM node:22-alpine AS runner +FROM node:22-slim AS runner WORKDIR /app -RUN npm install -g pnpm -COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./ -COPY packages/shared-types/package.json ./packages/shared-types/ -COPY services/api/package.json ./services/api/ -RUN pnpm install --prod --frozen-lockfile -COPY --from=builder /app/packages/shared-types/dist ./packages/shared-types/dist -COPY --from=builder /app/services/api/dist ./services/api/dist -WORKDIR /app/services/api +ENV NODE_ENV=production +COPY --from=builder /deploy/package.json ./ +COPY --from=builder /deploy/node_modules ./node_modules +COPY --from=builder /deploy/dist ./dist CMD ["node", "dist/index.js"] diff --git a/infra/docker/docker-compose.yml b/infra/docker/docker-compose.yml index f42847e..921784a 100644 --- a/infra/docker/docker-compose.yml +++ b/infra/docker/docker-compose.yml @@ -11,12 +11,18 @@ services: env_file: ../../.env.local environment: NODE_ENV: production + ML_SERVING_URL: "http://ml-serving:8000" + MLFLOW_URL: "http://mlflow:5000" + AIRFLOW_URL: "http://airflow-webserver:8080" + AIRFLOW_API_USER: "admin" + AIRFLOW_API_PASSWORD: "${AIRFLOW_ADMIN_PASSWORD:-admin}" + INTERNAL_API_TOKEN: "${INTERNAL_API_TOKEN:-}" volumes: - /mnt/ssd/dbs/oo:/mnt/ssd/dbs/oo ports: - "127.0.0.1:3078:3078" healthcheck: - test: ["CMD", "wget", "--spider", "-q", "http://localhost:3078/health"] + test: ["CMD", "node", "-e", "fetch('http://localhost:3078/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"] interval: 10s timeout: 5s retries: 5 @@ -49,6 +55,8 @@ services: PORT: "3080" HOSTNAME: "0.0.0.0" NEXT_PUBLIC_API_URL: "" + NEXT_PUBLIC_MLFLOW_URL: "/mlflow" + NEXT_PUBLIC_AIRFLOW_URL: "/airflow" INTERNAL_API_URL: "http://api:3078" ports: - "127.0.0.1:3080:3080" @@ -133,8 +141,14 @@ services: AIRFLOW__WEBSERVER__SECRET_KEY: ${AIRFLOW_SECRET_KEY:-change-me-in-prod} AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-} AIRFLOW__WEBSERVER__BASE_URL: ${AIRFLOW_BASE_URL:-https://o.alogins.net/airflow} + AIRFLOW__API__AUTH_BACKENDS: "airflow.api.auth.backend.basic_auth" + _PIP_ADDITIONAL_REQUIREMENTS: "mlflow==2.14.3 httpx" + MLFLOW_TRACKING_URI: "http://mlflow:5000/mlflow" + MLFLOW_TRACKING_USERNAME: "admin" + MLFLOW_TRACKING_PASSWORD: "${MLFLOW_ADMIN_PASSWORD:-password}" volumes: - ../../ml/pipelines:/opt/airflow/dags:ro + - ../../ml:/opt/airflow/ml:ro ports: - "127.0.0.1:8080:8080" depends_on: @@ -155,8 +169,13 @@ services: AIRFLOW__DATABASE__SQL_ALCHEMY_CONN: postgresql+psycopg2://airflow:${AIRFLOW_DB_PASSWORD:-airflow}@airflow-db/airflow AIRFLOW__CORE__EXECUTOR: LocalExecutor AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-} + _PIP_ADDITIONAL_REQUIREMENTS: "mlflow==2.14.3 httpx" + MLFLOW_TRACKING_URI: "http://mlflow:5000/mlflow" + MLFLOW_TRACKING_USERNAME: "admin" + MLFLOW_TRACKING_PASSWORD: "${MLFLOW_ADMIN_PASSWORD:-password}" volumes: - ../../ml/pipelines:/opt/airflow/dags:ro + - ../../ml:/opt/airflow/ml:ro depends_on: airflow-init: condition: service_completed_successfully