forked from DefectDojo/django-DefectDojo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.django
109 lines (105 loc) · 3.26 KB
/
Dockerfile.django
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# code: language=Dockerfile
# The code for the build image should be idendical with the code in
# Dockerfile.nginx to use the caching mechanism of Docker.
# Using 3.5.7 to avoid compatibility issues that may be introduced by python 3.5.6 and 3.5.7.
# Please upgrade before end-of-life in september 2020!
# Ref: https://devguide.python.org/#branchstatus
FROM python:3.5.7-buster@sha256:4598d4365bb7a8628ba840f87406323e699c4da01ae6f926ff33787c63230779 as build
WORKDIR /app
RUN \
apt-get -y update && \
apt-get -y install \
dnsutils \
default-mysql-client \
postgresql-client \
xmlsec1 \
git \
&& \
apt-get clean && \
rm -rf /var/lib/apt/lists && \
true
COPY requirements.txt ./
RUN pip3 wheel --wheel-dir=/tmp/wheels -r ./requirements.txt
FROM python:3.5.7-slim-buster@sha256:127fee645393d311c7fbc5e8c2e5034f10a4e66b47c9273d4dbe5da2926fc3f2
WORKDIR /app
RUN \
apt-get -y update && \
# ugly fix to install postgresql-client without errors
mkdir -p /usr/share/man/man1 /usr/share/man/man7 && \
apt-get -y install --no-install-recommends \
# libopenjp2-7 libjpeg62 libtiff5 are required by the pillow package
libopenjp2-7 \
libjpeg62 \
libtiff5 \
dnsutils \
default-mysql-client \
libmariadb3 \
xmlsec1 \
git \
# only required for the dbshell (used by the initializer job)
postgresql-client \
&& \
apt-get clean && \
rm -rf /var/lib/apt/lists && \
true
RUN pip3 install --no-cache-dir --upgrade pip
COPY --from=build /tmp/wheels /tmp/wheels
COPY requirements.txt ./
RUN pip3 install \
--no-cache-dir \
--no-index \
--find-links=/tmp/wheels \
-r ./requirements.txt
COPY \
docker/entrypoint-celery-beat.sh \
docker/entrypoint-celery-worker.sh \
docker/entrypoint-initializer.sh \
docker/entrypoint-uwsgi.sh \
docker/entrypoint-uwsgi-dev.sh \
docker/entrypoint-unit-tests.sh \
docker/entrypoint-unit-tests-devDocker.sh \
docker/wait-for-it.sh \
/
COPY wsgi.py manage.py tests/unit-tests.sh ./
COPY dojo/ ./dojo/
# Legacy installs need the modified settings.py, do not remove!
RUN \
cp dojo/settings/settings.dist.py dojo/settings/settings.py
COPY tests/ ./tests/
RUN \
mkdir dojo/migrations && \
chmod g=u dojo/migrations && \
chmod g=u /var/run && \
true
USER root
RUN chmod 0777 /app
USER 1001
ENV \
DD_ADMIN_USER=admin \
DD_ADMIN_MAIL=admin@defectdojo.local \
DD_ADMIN_PASSWORD='' \
DD_ADMIN_FIRST_NAME=Administrator \
DD_ADMIN_LAST_NAME=User \
DD_ALLOWED_HOSTS="*" \
DD_CELERY_BEAT_SCHEDULE_FILENAME="/run/celery-beat-schedule" \
DD_CELERY_BROKER_SCHEME="amqp" \
DD_CELERY_BROKER_USER="defectdojo" \
DD_CELERY_BROKER_PASSWORD="defectdojo" \
DD_CELERY_BROKER_HOST="rabbitmq" \
DD_CELERY_BROKER_PORT="5672" \
DD_CELERY_BROKER_PATH="//" \
DD_CELERY_LOG_LEVEL="INFO" \
DD_DATABASE_ENGINE="django.db.backends.mysql" \
DD_DATABASE_HOST="mysql" \
DD_DATABASE_NAME="defectdojo" \
DD_DATABASE_PASSWORD="defectdojo" \
DD_DATABASE_PORT="3306" \
DD_DATABASE_USER="defectdojo" \
DD_SECRET_KEY="hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq" \
DD_CREDENTIAL_AES_256_KEY="&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw" \
DD_INITIALIZE=true \
DD_UWSGI_MODE="socket" \
DD_UWSGI_ENDPOINT="0.0.0.0:3031" \
DD_DJANGO_ADMIN_ENABLED="on" \
DD_TRACK_MIGRATIONS="on"
ENTRYPOINT ["/entrypoint-uwsgi.sh"]