pieter/eveAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- New Build and startup procedures for all services, compliant for both docker, podman and k8s

Browse Source
This commit is contained in:
Josako
2025-09-01 19:58:28 +02:00
parent 35f58f0c57
commit 593dd438aa
29 changed files with 527 additions and 691 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
docker/Dockerfile.base Normal file
View File

@@ -0,0 +1,36 @@
ARG PYTHON_VERSION=3.12.11
FROM python:${PYTHON_VERSION}-slim as base
ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gcc \
postgresql-client \
curl \
tini \
&& rm -rf /var/lib/apt/lists/*
ARG UID=10001
ARG GID=10001
RUN groupadd -g ${GID} appuser && useradd -u ${UID} -g ${GID} -M -d /nonexistent -s /usr/sbin/nologin appuser
WORKDIR /app
RUN mkdir -p /app/logs && chown -R appuser:appuser /app
COPY ../requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY ../common /app/common
COPY ../config /app/config
COPY ../scripts /app/scripts
RUN chown -R appuser:appuser /app && chmod +x /app/scripts/start.sh
ENV PYTHONPATH=/app:/app/patched_packages:${PYTHONPATH}
USER appuser
EXPOSE 8080
ENTRYPOINT ["/usr/bin/tini","-g","--"]
CMD ["bash","-lc","scripts/start.sh"]

63
docker/build_and_push_eveai.sh
View File

@@ -34,12 +34,16 @@ ACTION="both"
NO_CACHE=""
PROGRESS=""
DEBUG=""
BUILD_BASE=""
BASE_ONLY=""
# Function to display usage information
usage() {
echo "Usage: $0 [-b|-p] [--no-cache] [--progress=plain] [--debug] [service1 service2 ...]"
echo "Usage: $0 [-b|-p|-bb|--base-only] [--no-cache] [--progress=plain] [--debug] [service1 service2 ...]"
echo " -b: Build only"
echo " -p: Push only"
echo " -bb: Build base image (in addition to services)"
echo " --base-only: Build only base image (skip services)"
echo " --no-cache: Perform a clean build without using cache"
echo " --progress=plain: Show detailed progress of the build"
echo " --debug: Enable debug mode for the build"
@@ -59,6 +63,14 @@ while [[ $# -gt 0 ]]; do
ACTION="push"
shift
;;
-bb)
BUILD_BASE="true"
shift
;;
--base-only)
BASE_ONLY="true"
shift
;;
--no-cache)
NO_CACHE="--no-cache"
shift
@@ -82,6 +94,41 @@ while [[ $# -gt 0 ]]; do
esac
done
# Function to build base image
build_base_image() {
echo "🏗️ Building base image..."
local BASE_IMAGE_NAME="$REGISTRY/$ACCOUNT/eveai-base:$TAG"
echo "Building base image for platform: $PLATFORM"
echo "Base image tag: $BASE_IMAGE_NAME"
podman build \
--platform "$PLATFORM" \
$NO_CACHE \
$PROGRESS \
$DEBUG \
-t "$ACCOUNT/eveai-base:$TAG" \
-t "$BASE_IMAGE_NAME" \
-f Dockerfile.base \
..
if [ "$ACTION" = "push" ] || [ "$ACTION" = "both" ]; then
echo "Pushing base image to registry..."
podman push "$BASE_IMAGE_NAME"
fi
echo "✅ Base image built successfully"
}
# Function to check if we should build base image
should_build_base() {
if [ "$BUILD_BASE" = "true" ] || [ "$BASE_ONLY" = "true" ]; then
return 0 # true
else
return 1 # false
fi
}
# Function to build and/or push a service
process_service() {
local SERVICE="$1"
@@ -167,6 +214,20 @@ else
SERVICES=("$@")
fi
# Handle base-only mode
if [ "$BASE_ONLY" = "true" ]; then
echo "🎯 Base-only mode: Building only base image"
build_base_image
echo -e "\033[32m✅ Base image build completed!\033[0m"
exit 0
fi
# Build base image if requested
if should_build_base; then
build_base_image
echo "" # Empty line for readability
fi
echo "Using simplified AMD64-only approach for maximum compatibility..."
echo "Images will be tagged as: $REGISTRY/$ACCOUNT/[service]:$TAG"

93
docker/compose_dev.yaml
View File

@@ -63,12 +63,20 @@ services:
context: ..
dockerfile: ./docker/eveai_app/Dockerfile
ports:
- 3001:5001 # Dev app volgens port schema
- 3001:8080 # Dev app volgens port schema
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_app
ROLE: web
PORT: 8080
WORKERS: 1 # Dev: lagere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- ../eveai_app:/app/eveai_app
- ../common:/app/common
@@ -86,7 +94,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5001/healthz/ready"]
test: ["CMD", "curl", "-f", "http://localhost:8080/healthz/ready"]
interval: 30s
timeout: 10s
retries: 3
@@ -104,6 +112,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_workers
ROLE: worker
CELERY_CONCURRENCY: 1 # Dev: lagere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- ../eveai_workers:/app/eveai_workers
- ../common:/app/common
@@ -127,12 +140,20 @@ services:
context: ..
dockerfile: ./docker/eveai_chat_client/Dockerfile
ports:
- 3004:5004 # Dev chat client volgens port schema
- 3004:8080 # Dev chat client volgens port schema
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_chat_client
ROLE: web
PORT: 8080
WORKERS: 1 # Dev: lagere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- ../eveai_chat_client:/app/eveai_chat_client
- ../common:/app/common
@@ -148,7 +169,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5004/healthz/ready"]
test: ["CMD", "curl", "-f", "http://localhost:8080/healthz/ready"]
interval: 30s
timeout: 10s
retries: 3
@@ -166,6 +187,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_chat_workers
ROLE: worker
CELERY_CONCURRENCY: 8 # Dev: lagere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- ../eveai_chat_workers:/app/eveai_chat_workers
- ../common:/app/common
@@ -187,12 +213,20 @@ services:
context: ..
dockerfile: ./docker/eveai_api/Dockerfile
ports:
- 3003:5003 # Dev API volgens port schema
- 3003:8080 # Dev API volgens port schema
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_api
ROLE: web
PORT: 8080
WORKERS: 1 # Dev: lagere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- ../eveai_api:/app/eveai_api
- ../common:/app/common
@@ -208,7 +242,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:5003/healthz/ready" ]
test: [ "CMD", "curl", "-f", "http://localhost:8080/healthz/ready" ]
interval: 30s
timeout: 10s
retries: 3
@@ -216,26 +250,28 @@ services:
networks:
- eveai-dev-network
eveai_beat:
image: ${REGISTRY_PREFIX:-}josakola/eveai_beat:latest
build:
context: ..
dockerfile: ./docker/eveai_beat/Dockerfile
environment:
<<: *common-variables
COMPONENT_NAME: eveai_beat
volumes:
- ../eveai_beat:/app/eveai_beat
- ../common:/app/common
- ../config:/app/config
- ../scripts:/app/scripts
- ../patched_packages:/app/patched_packages
- ./eveai_logs:/app/logs
depends_on:
redis:
condition: service_healthy
networks:
- eveai-dev-network
# eveai_beat:
# image: ${REGISTRY_PREFIX:-}josakola/eveai_beat:latest
# build:
# context: ..
# dockerfile: ./docker/eveai_beat/Dockerfile
# environment:
# <<: *common-variables
# COMPONENT_NAME: eveai_beat
# ROLE: beat
# CELERY_LOGLEVEL: INFO # Uppercase voor celery
# volumes:
# - ../eveai_beat:/app/eveai_beat
# - ../common:/app/common
# - ../config:/app/config
# - ../scripts:/app/scripts
# - ../patched_packages:/app/patched_packages
# - ./eveai_logs:/app/logs
# depends_on:
# redis:
# condition: service_healthy
# networks:
# - eveai-dev-network
eveai_entitlements:
image: ${REGISTRY_PREFIX:-}josakola/eveai_entitlements:latest
@@ -247,6 +283,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_entitlements
ROLE: worker
CELERY_CONCURRENCY: 1 # Dev: lagere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- ../eveai_entitlements:/app/eveai_entitlements
- ../common:/app/common

79
docker/compose_test.yaml
View File

@@ -65,12 +65,20 @@ services:
eveai_app:
image: ${REGISTRY_PREFIX:-}josakola/eveai_app:latest
ports:
- 4001:5001
- 4001:8080
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_app
ROLE: web
PORT: 8080
WORKERS: 2 # Test: hogere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- test_eveai_logs:/app/logs
depends_on:
@@ -79,7 +87,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5001/healthz/ready"]
test: ["CMD", "curl", "-f", "http://localhost:8080/healthz/ready"]
interval: 30s
timeout: 10s
retries: 3
@@ -95,6 +103,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_workers
ROLE: worker
CELERY_CONCURRENCY: 2 # Test: hogere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- test_eveai_logs:/app/logs
depends_on:
@@ -109,12 +122,20 @@ services:
eveai_chat_client:
image: ${REGISTRY_PREFIX:-}josakola/eveai_chat_client:latest
ports:
- 4004:5004
- 4004:8080
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_chat_client
ROLE: web
PORT: 8080
WORKERS: 2 # Test: hogere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- test_eveai_logs:/app/logs
depends_on:
@@ -123,7 +144,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5004/healthz/ready"]
test: ["CMD", "curl", "-f", "http://localhost:8080/healthz/ready"]
interval: 30s
timeout: 10s
retries: 3
@@ -139,6 +160,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_chat_workers
ROLE: worker
CELERY_CONCURRENCY: 2 # Test: hogere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- test_eveai_logs:/app/logs
depends_on:
@@ -151,12 +177,20 @@ services:
eveai_api:
image: ${REGISTRY_PREFIX:-}josakola/eveai_api:latest
ports:
- 4003:5003
- 4003:8080
expose:
- 8000
environment:
<<: *common-variables
COMPONENT_NAME: eveai_api
ROLE: web
PORT: 8080
WORKERS: 2 # Test: hogere concurrency
WORKER_CLASS: gevent
WORKER_CONN: 100
LOGLEVEL: info # Lowercase voor gunicorn
MAX_REQUESTS: 1000
MAX_REQUESTS_JITTER: 100
volumes:
- test_eveai_logs:/app/logs
depends_on:
@@ -165,7 +199,7 @@ services:
minio:
condition: service_healthy
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:5003/healthz/ready" ]
test: [ "CMD", "curl", "-f", "http://localhost:8080/healthz/ready" ]
interval: 30s
timeout: 10s
retries: 3
@@ -174,19 +208,21 @@ services:
- eveai-test-network
restart: unless-stopped
eveai_beat:
image: ${REGISTRY_PREFIX:-}josakola/eveai_beat:latest
environment:
<<: *common-variables
COMPONENT_NAME: eveai_beat
volumes:
- test_eveai_logs:/app/logs
depends_on:
redis:
condition: service_healthy
networks:
- eveai-test-network
restart: unless-stopped
# eveai_beat:
# image: ${REGISTRY_PREFIX:-}josakola/eveai_beat:latest
# environment:
# <<: *common-variables
# COMPONENT_NAME: eveai_beat
# ROLE: beat
# CELERY_LOGLEVEL: INFO # Uppercase voor celery
# volumes:
# - test_eveai_logs:/app/logs
# depends_on:
# redis:
# condition: service_healthy
# networks:
# - eveai-test-network
# restart: unless-stopped
eveai_entitlements:
image: ${REGISTRY_PREFIX:-}josakola/eveai_entitlements:latest
@@ -195,6 +231,11 @@ services:
environment:
<<: *common-variables
COMPONENT_NAME: eveai_entitlements
ROLE: worker
CELERY_CONCURRENCY: 2 # Test: hogere concurrency
CELERY_LOGLEVEL: INFO # Uppercase voor celery
CELERY_MAX_TASKS_PER_CHILD: 1000
CELERY_PREFETCH: 1
volumes:
- test_eveai_logs:/app/logs
depends_on:

69
docker/eveai_api/Dockerfile
View File

@@ -1,70 +1,5 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
curl \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_api /app/eveai_api
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
# Set permissions for entrypoint script
RUN chmod 777 /app/scripts/entrypoint.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Expose the port that the application listens on.
EXPOSE 5003
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_api.sh"]

70
docker/eveai_app/Dockerfile
View File

@@ -1,72 +1,4 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
curl \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Copy the source code into the container.
COPY eveai_app /app/eveai_app
COPY common /app/common
COPY config /app/config
COPY migrations /app/migrations
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY content /app/content
# Set permissions for entrypoint script
RUN chmod 777 /app/scripts/entrypoint.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Expose the port that the application listens on.
EXPOSE 5001
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_app.sh"]

64
docker/eveai_beat/Dockerfile
View File

@@ -1,65 +1,5 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
#RUN apt-get update && apt-get install -y \
# build-essential \
# gcc \
# && apt-get clean \
# && rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Install Python dependencies.
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_beat /app/eveai_beat
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY --chown=root:root scripts/entrypoint_no_db.sh /app/scripts/
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint_no_db.sh"]
CMD ["/app/scripts/start_eveai_beat.sh"]

70
docker/eveai_chat_client/Dockerfile
View File

@@ -1,72 +1,6 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
curl \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_chat_client /app/eveai_chat_client
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY content /app/content
# Set permissions for scripts
RUN chmod 777 /app/scripts/entrypoint.sh && \
chmod 777 /app/scripts/start_eveai_chat_client.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Expose the port that the application listens on.
EXPOSE 5004
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_chat_client.sh"]

68
docker/eveai_chat_workers/Dockerfile
View File

@@ -1,68 +1,10 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Service-specific directories (preserve crewai_storage)
USER root
RUN mkdir -p /app/crewai_storage && chown -R appuser:appuser /app/crewai_storage
USER appuser
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_chat_workers /app/eveai_chat_workers
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY --chown=root:root scripts/entrypoint.sh /app/scripts/
# Set permissions for entrypoint script
RUN chmod 777 /app/scripts/entrypoint.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_chat_workers.sh"]

68
docker/eveai_entitlements/Dockerfile
View File

@@ -1,69 +1,5 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Install Python dependencies.
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_entitlements /app/eveai_entitlements
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY --chown=root:root scripts/entrypoint.sh /app/scripts/
# Set permissions for entrypoint script
RUN chmod 777 /app/scripts/entrypoint.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_entitlements.sh"]

70
docker/eveai_workers/Dockerfile
View File

@@ -1,70 +1,12 @@
ARG PYTHON_VERSION=3.12.7
FROM python:${PYTHON_VERSION}-slim as base
FROM registry.ask-eve-ai-local.com/josakola/eveai-base:latest
# Prevents Python from writing pyc files.
ENV PYTHONDONTWRITEBYTECODE=1
# Keeps Python from buffering stdout and stderr to avoid situations where
# the application crashes without emitting any logs due to buffering.
ENV PYTHONUNBUFFERED=1
# Create directory for patched packages and set permissions
RUN mkdir -p /app/patched_packages && \
chmod 777 /app/patched_packages
# Ensure patches are applied to the application.
ENV PYTHONPATH=/app/patched_packages:$PYTHONPATH
WORKDIR /app
# Create a non-privileged user that the app will run under.
# See https://docs.docker.com/go/dockerfile-user-best-practices/
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/bin/bash" \
--no-create-home \
--uid "${UID}" \
appuser
# Install necessary packages and build tools
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
postgresql-client \
# Service-specific packages (ffmpeg only needed for this service)
USER root
RUN apt-get update && apt-get install -y --no-install-recommends \
ffmpeg \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
USER appuser
# Create logs directory and set permissions
RUN mkdir -p /app/logs && chown -R appuser:appuser /app/logs
# Install Python dependencies.
# Download dependencies as a separate step to take advantage of Docker's caching.
# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds.
# Leverage a bind mount to requirements.txt to avoid having to copy them into
# into this layer.
COPY requirements.txt /app/
RUN python -m pip install -r /app/requirements.txt
# Copy the source code into the container.
# Copy the service-specific source code into the container.
COPY eveai_workers /app/eveai_workers
COPY common /app/common
COPY config /app/config
COPY scripts /app/scripts
COPY patched_packages /app/patched_packages
COPY --chown=root:root scripts/entrypoint.sh /app/scripts/
# Set permissions for entrypoint script
RUN chmod 777 /app/scripts/entrypoint.sh
# Set ownership of the application directory to the non-privileged user
RUN chown -R appuser:appuser /app
# Set entrypoint and command
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["/app/scripts/start_eveai_workers.sh"]