From f3f390f16ec1d44acb4e985f56aa07a83852a7da Mon Sep 17 00:00:00 2001 From: "Michele L." <37748899+xmichele@users.noreply.github.com> Date: Wed, 25 Sep 2024 18:28:05 +0200 Subject: [PATCH] Dockerfile update Test : [2/2] STEP 1/12: FROM rockylinux:9.3-minimal [2/2] STEP 2/12: RUN microdnf install -y --nodocs nodejs && microdnf clean all --> Using cache 667899aba51f2306da09f822e16fd050fdbdb75a07af3d34e454a153be8de365 --> 667899aba51 [2/2] STEP 3/12: ENV HOME=/home/wrapper --> Using cache 0a9aa50606757894af53f20712a907e259cf9ead35d87d142aa240823543b839 --> 0a9aa506067 [2/2] STEP 4/12: RUN useradd -u 1001 -r -g 0 -m -d ${HOME} -s /sbin/nologin -c "Default CWL Wrapper User" wrapper && mkdir -p /app && mkdir -p /prod && chown -R 1001:0 /app && chmod g+rwx ${HOME} /app --> Using cache 5800dea4f36d3f88b74059c268ab9198fee18f491019a00f6d9b889aa422af1b --> 5800dea4f36 [2/2] STEP 5/12: COPY --from=build /tmp/hatch /usr/bin/hatch --> Using cache c05669d27eb59cbf264e8ad7aeb94320efc4b77444f724d6687ce2023f5d22a0 --> c05669d27eb [2/2] STEP 6/12: USER wrapper --> fae4b9ba289 [2/2] STEP 7/12: COPY --chown=1001:0 . /app --> 6f4a7e88ea7 [2/2] STEP 8/12: WORKDIR /app --> d4c2ac31639 [2/2] STEP 9/12: ENV VIRTUAL_ENV=/app/envs/wrapper --> f08b369922e [2/2] STEP 10/12: ENV PATH="$VIRTUAL_ENV/bin:$PATH" --> afe7786f3d0 [2/2] STEP 11/12: RUN hatch env prune && hatch env create prod && rm -fr /tmp/* /app/.git /app/.pytest_cache Creating environment: prod Installing Python distribution: 3.12 Installing project in development mode Checking dependencies Syncing dependencies --> fb060933ca1 [2/2] STEP 12/12: CMD ["bash", "-c", "source /app/envs/wrapper/bin/activate && cwl-wrapper"] [2/2] COMMIT cwl-wrapper --> dced1594b00 Successfully tagged localhost/cwl-wrapper:latest dced1594b004868c722bed221891bbfbec0a98a5a7de10e014082c497f9cf5cb (base) jovyan@jupyter-mlongobardodev:~/projects/cwl-wrapper-hatch$ (base) jovyan@jupyter-mlongobardodev:~/projects/cwl-wrapper-hatch$ (base) jovyan@jupyter-mlongobardodev:~/projects/cwl-wrapper-hatch$ docker run -it --rm -v $PWD/myfolder/:/myfolder --entrypoint=bash localhost/cwl-wrapper:latest [wrapper@80ed5a42da87 app]$ cwl-wrapper --help Usage: cwl-wrapper [OPTIONS] CWL The cwl-parser Options: --output TEXT default main cel template assets/maincwl.yaml --stagein TEXT default stagein template assets/stagein.yaml --stageout TEXT default "stageout" template assets/stageout.yaml --maincwl TEXT default maincwl assets/maincwl.yaml --rulez TEXT rules default file assets/rules.yaml --assets TEXT use as maincwl from assets/ --workflow-id TEXT workflow id -c, --conf FILE Read options from FILE instead of command line; default file: /home/jovyan/.cwlwrapper/default.conf --help Show this message and exit. (base) jovyan@jupyter-mlongobardodev:~/projects/cwl-wrapper-hatch$ docker run -it --rm -v $PWD/myfolder/:/app/myfolder --entrypoint=bash localhost/cwl-wrapper:latest [wrapper@1929d7c0cc59 app]$ cwl-wrapper --help Usage: cwl-wrapper [OPTIONS] CWL The cwl-parser Options: --output TEXT default main cel template assets/maincwl.yaml --stagein TEXT default stagein template assets/stagein.yaml --stageout TEXT default "stageout" template assets/stageout.yaml --maincwl TEXT default maincwl assets/maincwl.yaml --rulez TEXT rules default file assets/rules.yaml --assets TEXT use as maincwl from assets/ --workflow-id TEXT workflow id -c, --conf FILE Read options from FILE instead of command line; default file: /home/jovyan/.cwlwrapper/default.conf --help Show this message and exit. [wrapper@1929d7c0cc59 app]$ cwl-wrapper myfolder/map-composition.cwl $graph: - $namespaces: cwltool: http://commonwl.org/cwltool# class: Workflow doc: Main stage manager hints: cwltool:Secrets: secrets: - ADES_STAGEIN_AWS_SERVICEURL - ADES_STAGEIN_AWS_ACCESS_KEY_ID - ADES_STAGEIN_AWS_SECRET_ACCESS_KEY - ADES_STAGEOUT_AWS_SERVICEURL - ADES_STAGEOUT_AWS_ACCESS_KEY_ID - ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY id: main inputs: ADES_STAGEIN_AWS_ACCESS_KEY_ID: type: string? ADES_STAGEIN_AWS_REGION: type: string? ADES_STAGEIN_AWS_SECRET_ACCESS_KEY: type: string? ADES_STAGEIN_AWS_SERVICEURL: type: string? ADES_STAGEOUT_AWS_ACCESS_KEY_ID: type: string? ADES_STAGEOUT_AWS_REGION: type: string? ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY: type: string? ADES_STAGEOUT_AWS_SERVICEURL: type: string? ADES_STAGEOUT_OUTPUT: type: string? base_map: id: base_map type: string bounding_box: id: bounding_box type: string? catalog_url: id: catalog_url type: string copyrights: id: copyrights type: string date: id: date type: string? input_raster: id: input_raster type: string[] legend: id: legend type: string[]? logo: id: logo type: string[]? map_desc: id: map_desc type: string? process: type: string subtitle: id: subtitle type: string title: id: title type: string label: macro-cwl outputs: s3_catalog_output: id: s3_catalog_output outputSource: - node_stage_out/s3_catalog_output type: string wf_outputs: id: wf_outputs outputSource: - node_stage_out/wf_outputs_out type: Directory requirements: InlineJavascriptRequirement: {} ScatterFeatureRequirement: {} SubworkflowFeatureRequirement: {} steps: node_stage_out: in: ADES_STAGEOUT_AWS_ACCESS_KEY_ID: ADES_STAGEOUT_AWS_ACCESS_KEY_ID ADES_STAGEOUT_AWS_REGION: ADES_STAGEOUT_AWS_REGION ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY: ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY ADES_STAGEOUT_AWS_SERVICEURL: ADES_STAGEOUT_AWS_SERVICEURL ADES_STAGEOUT_OUTPUT: ADES_STAGEOUT_OUTPUT process: process wf_outputs: on_stage/wf_outputs out: - s3_catalog_output - wf_outputs_out run: arguments: - copy - -v - -r - '4' - -o - $( inputs.ADES_STAGEOUT_OUTPUT + "/" + inputs.process ) - valueFrom: "${\n if( !Array.isArray(inputs.wf_outputs) )\n {\n \ \ return inputs.wf_outputs.path + \"/catalog.json\";\n }\n var\ \ args=[];\n for (var i = 0; i < inputs.wf_outputs.length; i++)\n \ \ {\n args.push(inputs.wf_outputs[i].path + \"/catalog.json\"\ );\n }\n return args;\n}\n" baseCommand: Stars class: CommandLineTool cwlVersion: v1.0 doc: Run Stars for staging results hints: DockerRequirement: dockerPull: terradue/stars:2.3.0 cwltool:Secrets: secrets: - ADES_STAGEOUT_AWS_SERVICEURL - ADES_STAGEOUT_AWS_ACCESS_KEY_ID - ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY id: stars inputs: ADES_STAGEOUT_AWS_ACCESS_KEY_ID: type: string? ADES_STAGEOUT_AWS_REGION: type: string? ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY: type: string? ADES_STAGEOUT_AWS_SERVICEURL: type: string? ADES_STAGEOUT_OUTPUT: type: string? process: type: string wf_outputs: type: Directory outputs: s3_catalog_output: outputBinding: outputEval: ${ return inputs.ADES_STAGEOUT_OUTPUT + "/" + inputs.process + "/catalog.json"; } type: string wf_outputs_out: outputBinding: glob: . type: Directory requirements: EnvVarRequirement: envDef: AWS_ACCESS_KEY_ID: $(inputs.ADES_STAGEOUT_AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY: $(inputs.ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY) AWS__AuthenticationRegion: $(inputs.ADES_STAGEOUT_AWS_REGION) AWS__Region: $(inputs.ADES_STAGEOUT_AWS_REGION) AWS__ServiceURL: $(inputs.ADES_STAGEOUT_AWS_SERVICEURL) PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin InlineJavascriptRequirement: {} ResourceRequirement: {} on_stage: in: base_map: base_map bounding_box: bounding_box catalog_url: catalog_url copyrights: copyrights date: date input_raster: input_raster legend: legend logo: logo map_desc: map_desc subtitle: subtitle title: title out: - wf_outputs run: '#cpe-map-composition' - arguments: - valueFrom: "${\n var input_reference=[];\n for (var i = 0; i < inputs.input_raster.length;\ \ i++) {\n input_reference.push(\"--input-raster\");\n input_reference.push(inputs.input_raster[i]);\n\ \ }\n if (inputs.logo && inputs.logo.length > 0) {\n for (var i = 0;\ \ i < inputs.logo.length; i++) {\n input_reference.push(\"--logo\");\n\ \ input_reference.push(inputs.logo[i]);\n }\n }\n if (inputs.legend\ \ && inputs.legend.length > 0) {\n for (var i = 0; i < inputs.legend.length;\ \ i++) {\n input_reference.push(\"--legend\");\n input_reference.push(inputs.legend[i]);\n\ \ }\n } \n return input_reference;\n}\n" baseCommand: map-composition class: CommandLineTool hints: DockerRequirement: dockerPull: cr.terradue.com/cpe/map-composition:0.1.5 NetworkAccess: networkAccess: true id: map-composition inputs: base_map: inputBinding: prefix: --basemap type: string bounding_box: inputBinding: prefix: --bbox type: string? catalog_url: inputBinding: prefix: --catalog-url type: string copyrights: inputBinding: prefix: --copyrights type: string date: inputBinding: prefix: --date type: string? input_raster: type: string[] legend: inputBinding: prefix: --legend type: string[]? logo: type: string[]? map_desc: inputBinding: prefix: --map-description type: string? subtitle: inputBinding: prefix: --subtitle type: string title: inputBinding: prefix: --title type: string outputs: results: outputBinding: glob: . type: Directory requirements: DockerRequirement: dockerPull: cr.terradue.com/cpe/map-composition:0.1.5 EnvVarRequirement: envDef: GDAL_CACHEMAX: '4096' GDAL_NUM_THREADS: ALL_CPUS LD_LIBRARY_PATH: /srv/conda/envs/env_map_composition/lib:/usr/lib64:$LD_LIBRARY_PATH PATH: /srv/conda/envs/env_map_composition/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/srv/conda/envs/env_map_composition/bin PREFIX: /srv/conda/envs/env_map_composition QT_QPA_PLATFORM: offscreen XDG_RUNTIME_DIR: /tmp/runtime-root InlineJavascriptRequirement: {} ResourceRequirement: coresMax: 4 ramMax: 8192 - class: Workflow doc: Map Composition Service id: cpe-map-composition inputs: base_map: type: string bounding_box: type: string? catalog_url: type: string copyrights: type: string date: type: string? input_raster: type: string[] legend: type: string[]? logo: type: string[]? map_desc: type: string? subtitle: type: string title: type: string label: map-composition outputs: wf_outputs: outputSource: mapComp_step/results type: Directory steps: mapComp_step: in: base_map: base_map bounding_box: bounding_box catalog_url: catalog_url copyrights: copyrights date: date input_raster: input_raster legend: legend logo: logo map_desc: map_desc subtitle: subtitle title: title out: - results run: '#map-composition' $namespaces: s: https://schema.org/ cwlVersion: v1.2 s:softwareVersion: 0.1.5 --- Dockerfile | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index 610128c..6372d28 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,14 +1,10 @@ # Stage 1: Build stage FROM rockylinux:9.3-minimal AS build -# Install necessary build tools -RUN microdnf install -y curl tar - -# Download the hatch tar.gz file from GitHub -RUN curl -L https://github.com/pypa/hatch/releases/latest/download/hatch-x86_64-unknown-linux-gnu.tar.gz -o /tmp/hatch-x86_64-unknown-linux-gnu.tar.gz - -# Extract the hatch binary -RUN tar -xzf /tmp/hatch-x86_64-unknown-linux-gnu.tar.gz -C /tmp/ +# Install necessary build tools & hatch +RUN microdnf install -y curl tar && \ + curl -L https://github.com/pypa/hatch/releases/latest/download/hatch-x86_64-unknown-linux-gnu.tar.gz -o /tmp/hatch-x86_64-unknown-linux-gnu.tar.gz && \ + tar -xzf /tmp/hatch-x86_64-unknown-linux-gnu.tar.gz -C /tmp/ && chmod +x /tmp/hatch # Stage 2: Final stage FROM rockylinux:9.3-minimal @@ -31,26 +27,21 @@ RUN useradd -u 1001 -r -g 0 -m -d ${HOME} -s /sbin/nologin \ # Copy the hatch binary from the build stage COPY --from=build /tmp/hatch /usr/bin/hatch -# Ensure the hatch binary is executable -RUN chmod +x /usr/bin/hatch - # Switch to the non-root user USER wrapper # Copy the application files into the /app directory -COPY --chown=1001:0 . /tmp -WORKDIR /tmp +COPY --chown=1001:0 . /app +WORKDIR /app # Set up virtual environment paths ENV VIRTUAL_ENV=/app/envs/wrapper ENV PATH="$VIRTUAL_ENV/bin:$PATH" # Prune any existing environments and create a new production environment -RUN cd /tmp && hatch env prune && \ +RUN hatch env prune && \ hatch env create prod && \ - rm -fr /tmp/* /tmp/.git /tmp/.pytest_cache - -WORKDIR /app + rm -fr /tmp/* /app/.git /app/.pytest_cache # Set the default command to run when the container starts -CMD ["cwl-wrapper"] \ No newline at end of file +CMD ["bash", "-c", "source /app/envs/wrapper/bin/activate && cwl-wrapper"]