chore(infra): wire MLflow/Airflow env vars, fix healthcheck, add .dockerignore
Some checks failed
buf-check / Lint & breaking-change check (push) Has been cancelled
Some checks failed
buf-check / Lint & breaking-change check (push) Has been cancelled
- docker-compose: pass ML_SERVING_URL, MLFLOW_URL, AIRFLOW_URL + creds to api service - docker-compose: pass NEXT_PUBLIC_MLFLOW_URL/AIRFLOW_URL to admin service - docker-compose: replace wget healthcheck with node fetch (wget not in node image) - docker-compose: enable Airflow basic_auth API backend; add MLflow pip dep for DAGs - Dockerfiles: tighten layer caching, add .dockerignore Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
19
.dockerignore
Normal file
19
.dockerignore
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
**/node_modules
|
||||||
|
**/.next
|
||||||
|
**/dist
|
||||||
|
**/coverage
|
||||||
|
**/.vitest-cache
|
||||||
|
**/.turbo
|
||||||
|
.git
|
||||||
|
.gitea
|
||||||
|
.github
|
||||||
|
.vscode
|
||||||
|
.idea
|
||||||
|
**/.env
|
||||||
|
**/.env.local
|
||||||
|
**/*.log
|
||||||
|
docs
|
||||||
|
infra/docker/data
|
||||||
|
**/__tests__
|
||||||
|
**/*.test.ts
|
||||||
|
**/*.test.tsx
|
||||||
@@ -1,21 +1,22 @@
|
|||||||
FROM node:22-alpine AS base
|
# syntax=docker/dockerfile:1.7
|
||||||
RUN npm install -g pnpm
|
|
||||||
|
|
||||||
FROM base AS deps
|
FROM node:22-slim AS base
|
||||||
WORKDIR /app
|
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates \
|
||||||
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
COPY packages/shared-types/package.json ./packages/shared-types/
|
&& npm install -g pnpm
|
||||||
COPY apps/admin/package.json ./apps/admin/
|
ENV CI=true \
|
||||||
RUN pnpm install --frozen-lockfile
|
PNPM_HOME=/pnpm \
|
||||||
|
PATH=/pnpm:$PATH
|
||||||
|
RUN pnpm config set store-dir /pnpm/store
|
||||||
|
|
||||||
FROM base AS builder
|
FROM base AS builder
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY --from=deps /app/node_modules ./node_modules
|
COPY pnpm-lock.yaml ./
|
||||||
COPY --from=deps /app/packages/shared-types/node_modules ./packages/shared-types/node_modules
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch
|
||||||
COPY --from=deps /app/apps/admin/node_modules ./apps/admin/node_modules
|
COPY . .
|
||||||
COPY tsconfig.base.json ./
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
|
||||||
COPY packages/shared-types ./packages/shared-types
|
pnpm install --frozen-lockfile --offline \
|
||||||
COPY apps/admin ./apps/admin
|
--filter @oo/admin... --filter @oo/shared-types
|
||||||
RUN pnpm --filter @oo/shared-types build
|
RUN pnpm --filter @oo/shared-types build
|
||||||
ARG NEXT_PUBLIC_MLFLOW_URL=/mlflow
|
ARG NEXT_PUBLIC_MLFLOW_URL=/mlflow
|
||||||
ARG NEXT_PUBLIC_AIRFLOW_URL=/airflow
|
ARG NEXT_PUBLIC_AIRFLOW_URL=/airflow
|
||||||
@@ -24,7 +25,7 @@ ENV NEXT_TELEMETRY_DISABLED=1 \
|
|||||||
NEXT_PUBLIC_AIRFLOW_URL=$NEXT_PUBLIC_AIRFLOW_URL
|
NEXT_PUBLIC_AIRFLOW_URL=$NEXT_PUBLIC_AIRFLOW_URL
|
||||||
RUN pnpm --filter @oo/admin build
|
RUN pnpm --filter @oo/admin build
|
||||||
|
|
||||||
FROM node:22-alpine AS runner
|
FROM node:22-slim AS runner
|
||||||
ENV NODE_ENV=production NEXT_TELEMETRY_DISABLED=1 PORT=3080
|
ENV NODE_ENV=production NEXT_TELEMETRY_DISABLED=1 PORT=3080
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY --from=builder /app/apps/admin/.next/standalone ./
|
COPY --from=builder /app/apps/admin/.next/standalone ./
|
||||||
|
|||||||
@@ -1,32 +1,35 @@
|
|||||||
FROM node:22-alpine AS base
|
# syntax=docker/dockerfile:1.7
|
||||||
RUN npm install -g pnpm
|
|
||||||
|
|
||||||
FROM base AS deps
|
FROM node:22-slim AS base
|
||||||
WORKDIR /app
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||||
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./
|
python3 make g++ ca-certificates \
|
||||||
COPY packages/shared-types/package.json ./packages/shared-types/
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
COPY services/api/package.json ./services/api/
|
&& npm install -g pnpm
|
||||||
RUN pnpm install --frozen-lockfile
|
ENV CI=true \
|
||||||
|
PNPM_HOME=/pnpm \
|
||||||
|
PATH=/pnpm:$PATH
|
||||||
|
RUN pnpm config set store-dir /pnpm/store
|
||||||
|
|
||||||
FROM base AS builder
|
FROM base AS builder
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY --from=deps /app/node_modules ./node_modules
|
COPY pnpm-lock.yaml ./
|
||||||
COPY --from=deps /app/packages/shared-types/node_modules ./packages/shared-types/node_modules
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch
|
||||||
COPY --from=deps /app/services/api/node_modules ./services/api/node_modules
|
COPY . .
|
||||||
COPY tsconfig.base.json ./
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
|
||||||
COPY packages/shared-types ./packages/shared-types
|
pnpm install --frozen-lockfile --offline \
|
||||||
COPY services/api ./services/api
|
--filter @oo/api... --filter @oo/shared-types
|
||||||
RUN pnpm --filter @oo/shared-types build
|
RUN pnpm --filter @oo/shared-types build
|
||||||
RUN pnpm --filter @oo/api build
|
RUN pnpm --filter @oo/api build
|
||||||
|
RUN --mount=type=cache,id=pnpm,target=/pnpm/store \
|
||||||
|
pnpm --filter @oo/api --prod deploy --legacy /deploy \
|
||||||
|
&& cp -r services/api/dist /deploy/dist \
|
||||||
|
&& rm -rf /deploy/node_modules/@oo/shared-types/src \
|
||||||
|
&& cp -r packages/shared-types/dist /deploy/node_modules/@oo/shared-types/dist
|
||||||
|
|
||||||
FROM node:22-alpine AS runner
|
FROM node:22-slim AS runner
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
RUN npm install -g pnpm
|
ENV NODE_ENV=production
|
||||||
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml* ./
|
COPY --from=builder /deploy/package.json ./
|
||||||
COPY packages/shared-types/package.json ./packages/shared-types/
|
COPY --from=builder /deploy/node_modules ./node_modules
|
||||||
COPY services/api/package.json ./services/api/
|
COPY --from=builder /deploy/dist ./dist
|
||||||
RUN pnpm install --prod --frozen-lockfile
|
|
||||||
COPY --from=builder /app/packages/shared-types/dist ./packages/shared-types/dist
|
|
||||||
COPY --from=builder /app/services/api/dist ./services/api/dist
|
|
||||||
WORKDIR /app/services/api
|
|
||||||
CMD ["node", "dist/index.js"]
|
CMD ["node", "dist/index.js"]
|
||||||
|
|||||||
@@ -11,12 +11,18 @@ services:
|
|||||||
env_file: ../../.env.local
|
env_file: ../../.env.local
|
||||||
environment:
|
environment:
|
||||||
NODE_ENV: production
|
NODE_ENV: production
|
||||||
|
ML_SERVING_URL: "http://ml-serving:8000"
|
||||||
|
MLFLOW_URL: "http://mlflow:5000"
|
||||||
|
AIRFLOW_URL: "http://airflow-webserver:8080"
|
||||||
|
AIRFLOW_API_USER: "admin"
|
||||||
|
AIRFLOW_API_PASSWORD: "${AIRFLOW_ADMIN_PASSWORD:-admin}"
|
||||||
|
INTERNAL_API_TOKEN: "${INTERNAL_API_TOKEN:-}"
|
||||||
volumes:
|
volumes:
|
||||||
- /mnt/ssd/dbs/oo:/mnt/ssd/dbs/oo
|
- /mnt/ssd/dbs/oo:/mnt/ssd/dbs/oo
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:3078:3078"
|
- "127.0.0.1:3078:3078"
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "wget", "--spider", "-q", "http://localhost:3078/health"]
|
test: ["CMD", "node", "-e", "fetch('http://localhost:3078/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 5
|
retries: 5
|
||||||
@@ -49,6 +55,8 @@ services:
|
|||||||
PORT: "3080"
|
PORT: "3080"
|
||||||
HOSTNAME: "0.0.0.0"
|
HOSTNAME: "0.0.0.0"
|
||||||
NEXT_PUBLIC_API_URL: ""
|
NEXT_PUBLIC_API_URL: ""
|
||||||
|
NEXT_PUBLIC_MLFLOW_URL: "/mlflow"
|
||||||
|
NEXT_PUBLIC_AIRFLOW_URL: "/airflow"
|
||||||
INTERNAL_API_URL: "http://api:3078"
|
INTERNAL_API_URL: "http://api:3078"
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:3080:3080"
|
- "127.0.0.1:3080:3080"
|
||||||
@@ -133,8 +141,14 @@ services:
|
|||||||
AIRFLOW__WEBSERVER__SECRET_KEY: ${AIRFLOW_SECRET_KEY:-change-me-in-prod}
|
AIRFLOW__WEBSERVER__SECRET_KEY: ${AIRFLOW_SECRET_KEY:-change-me-in-prod}
|
||||||
AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-}
|
AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-}
|
||||||
AIRFLOW__WEBSERVER__BASE_URL: ${AIRFLOW_BASE_URL:-https://o.alogins.net/airflow}
|
AIRFLOW__WEBSERVER__BASE_URL: ${AIRFLOW_BASE_URL:-https://o.alogins.net/airflow}
|
||||||
|
AIRFLOW__API__AUTH_BACKENDS: "airflow.api.auth.backend.basic_auth"
|
||||||
|
_PIP_ADDITIONAL_REQUIREMENTS: "mlflow==2.14.3 httpx"
|
||||||
|
MLFLOW_TRACKING_URI: "http://mlflow:5000/mlflow"
|
||||||
|
MLFLOW_TRACKING_USERNAME: "admin"
|
||||||
|
MLFLOW_TRACKING_PASSWORD: "${MLFLOW_ADMIN_PASSWORD:-password}"
|
||||||
volumes:
|
volumes:
|
||||||
- ../../ml/pipelines:/opt/airflow/dags:ro
|
- ../../ml/pipelines:/opt/airflow/dags:ro
|
||||||
|
- ../../ml:/opt/airflow/ml:ro
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:8080:8080"
|
- "127.0.0.1:8080:8080"
|
||||||
depends_on:
|
depends_on:
|
||||||
@@ -155,8 +169,13 @@ services:
|
|||||||
AIRFLOW__DATABASE__SQL_ALCHEMY_CONN: postgresql+psycopg2://airflow:${AIRFLOW_DB_PASSWORD:-airflow}@airflow-db/airflow
|
AIRFLOW__DATABASE__SQL_ALCHEMY_CONN: postgresql+psycopg2://airflow:${AIRFLOW_DB_PASSWORD:-airflow}@airflow-db/airflow
|
||||||
AIRFLOW__CORE__EXECUTOR: LocalExecutor
|
AIRFLOW__CORE__EXECUTOR: LocalExecutor
|
||||||
AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-}
|
AIRFLOW__CORE__FERNET_KEY: ${AIRFLOW_FERNET_KEY:-}
|
||||||
|
_PIP_ADDITIONAL_REQUIREMENTS: "mlflow==2.14.3 httpx"
|
||||||
|
MLFLOW_TRACKING_URI: "http://mlflow:5000/mlflow"
|
||||||
|
MLFLOW_TRACKING_USERNAME: "admin"
|
||||||
|
MLFLOW_TRACKING_PASSWORD: "${MLFLOW_ADMIN_PASSWORD:-password}"
|
||||||
volumes:
|
volumes:
|
||||||
- ../../ml/pipelines:/opt/airflow/dags:ro
|
- ../../ml/pipelines:/opt/airflow/dags:ro
|
||||||
|
- ../../ml:/opt/airflow/ml:ro
|
||||||
depends_on:
|
depends_on:
|
||||||
airflow-init:
|
airflow-init:
|
||||||
condition: service_completed_successfully
|
condition: service_completed_successfully
|
||||||
|
|||||||
Reference in New Issue
Block a user