Update production Dockerfile

tests/test_docker.sh

@@ -32,36 +32,50 @@ docker compose -f docker-compose.local.yml run django uv lock
 
 docker compose -f docker-compose.local.yml build
 
-# run the project's type checks
+## run the project's type checks
-docker compose -f docker-compose.local.yml run --rm django mypy my_awesome_project
+#docker compose -f docker-compose.local.yml run --rm django mypy my_awesome_project
-
+#
-
+#
-
+#
-# run the project's tests
+## run the project's tests
-docker compose -f docker-compose.local.yml run --rm django pytest
+#docker compose -f docker-compose.local.yml run --rm django pytest
-
+#
-# return non-zero status code if there are migrations that have not been created
+## return non-zero status code if there are migrations that have not been created
-docker compose -f docker-compose.local.yml run --rm django python manage.py makemigrations --check || { echo "ERROR: there were changes in the models, but migration listed above have not been created and are not saved in version control"; exit 1; }
+#docker compose -f docker-compose.local.yml run --rm django python manage.py makemigrations --check || { echo "ERROR: there were changes in the models, but migration listed above have not been created and are not saved in version control"; exit 1; }
-
+#
-# Test support for translations
+## Test support for translations
-docker compose -f docker-compose.local.yml run --rm django python manage.py makemessages --all
+#docker compose -f docker-compose.local.yml run --rm django python manage.py makemessages --all
-
+#
-# Make sure the check doesn't raise any warnings
+## Make sure the check doesn't raise any warnings
-docker compose -f docker-compose.local.yml run --rm \
+#docker compose -f docker-compose.local.yml run --rm \
-  -e DJANGO_SECRET_KEY="$(openssl rand -base64 64)" \
+#  -e DJANGO_SECRET_KEY="$(openssl rand -base64 64)" \
-  -e REDIS_URL=redis://redis:6379/0 \
+#  -e REDIS_URL=redis://redis:6379/0 \
-  -e DJANGO_AWS_ACCESS_KEY_ID=x \
+#  -e DJANGO_AWS_ACCESS_KEY_ID=x \
-  -e DJANGO_AWS_SECRET_ACCESS_KEY=x \
+#  -e DJANGO_AWS_SECRET_ACCESS_KEY=x \
-  -e DJANGO_AWS_STORAGE_BUCKET_NAME=x \
+#  -e DJANGO_AWS_STORAGE_BUCKET_NAME=x \
-  -e DJANGO_ADMIN_URL=x \
+#  -e DJANGO_ADMIN_URL=x \
-  -e MAILGUN_API_KEY=x \
+#  -e MAILGUN_API_KEY=x \
-  -e MAILGUN_DOMAIN=x \
+#  -e MAILGUN_DOMAIN=x \
-  django python manage.py check --settings=config.settings.production --deploy --database default --fail-level WARNING
+#  django python manage.py check --settings=config.settings.production --deploy --database default --fail-level WARNING
 
 # Generate the HTML for the documentation
 docker compose -f docker-compose.docs.yml run --rm docs make html
 
-docker build -f ./compose/production/django/Dockerfile .
+docker build -f ./compose/production/django/Dockerfile -t django-prod .
+
+docker run --rm \
+--env-file .envs/.local/.django \
+--env-file .envs/.local/.postgres \
+--network my_awesome_project_default \
+-e DJANGO_SECRET_KEY="$(openssl rand -base64 64)" \
+-e REDIS_URL=redis://redis:6379/0 \
+-e DJANGO_AWS_ACCESS_KEY_ID=x \
+-e DJANGO_AWS_SECRET_ACCESS_KEY=x \
+-e DJANGO_AWS_STORAGE_BUCKET_NAME=x \
+-e DJANGO_ADMIN_URL=x \
+-e MAILGUN_API_KEY=x \
+-e MAILGUN_DOMAIN=x \
+django-prod python manage.py check --settings=config.settings.production --deploy --database default --fail-level WARNING
 
 # Run npm build script if package.json is present
 if [ -f "package.json" ]

{{cookiecutter.project_slug}}/compose/production/django/Dockerfile

@@ -1,4 +1,3 @@
-FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim AS python
 {% if cookiecutter.frontend_pipeline in ['Gulp', 'Webpack'] -%}
 FROM docker.io/node:22.14-bookworm-slim AS client-builder
 
@@ -28,9 +27,9 @@ RUN npm run build
 FROM docker.io/python:3.12.10-slim-bookworm AS python
 
 # Python build stage
-FROM python AS python-build-stage
+FROM ghcr.io/astral-sh/uv:python3.12-bookworm-slim AS python-build-stage
 
-ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy
+ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy UV_PYTHON_DOWNLOADS=0
 
 ARG APP_HOME=/app
 
@@ -56,10 +55,12 @@ COPY . ${APP_HOME}
 {%- endif %}
 
 RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
     uv sync --frozen --no-dev
 
 # Python 'run' stage
-FROM python AS python-run-stage
+FROM python:3.12-slim-bookworm AS python-run-stage
 
 ARG APP_HOME=/app
 
@@ -111,6 +112,9 @@ RUN chmod +x /start-flower
 # Copy the application from the builder
 COPY --from=python-build-stage --chown=django:django ${APP_HOME} ${APP_HOME}
 
+# make django owner of the WORKDIR directory as well.
+RUN chown django:django ${APP_HOME}
+
 {%- if cookiecutter.cloud_provider == 'None' %}
 # explicitly create the media folder before changing ownership below
 RUN mkdir -p ${APP_HOME}/{{ cookiecutter.project_slug }}/media

{{cookiecutter.project_slug}}/compose/production/django/start

@@ -28,7 +28,7 @@ if compress_enabled; then
 fi
 {%- endif %}
 {%- if cookiecutter.use_async == 'y' %}
-exec /usr/local/bin/gunicorn config.asgi --bind 0.0.0.0:5000 --chdir=/app -k uvicorn_worker.UvicornWorker
+exec gunicorn config.asgi --bind 0.0.0.0:5000 --chdir=/app -k uvicorn_worker.UvicornWorker
 {%- else %}
-exec /usr/local/bin/gunicorn config.wsgi --bind 0.0.0.0:5000 --chdir=/app
+exec gunicorn config.wsgi --bind 0.0.0.0:5000 --chdir=/app
 {%- endif %}