Use astral uv to build and manage dependencies (#87)

* chore: switch to uv for building * Update Dockerfile * Update image-build.yml * Update image-build.yml Update image-build.yml Revert "Revert "Bump setuptools from 72.0.0 to 75.3.0 (#83)" (#85)" (#86) This reverts commit 7ca0e6a.
ministryofjustice · Nov 12, 2024 · 04883c4 · 04883c4
1 parent 49d35a4
commit 04883c4
Show file tree

Hide file tree

Showing 6 changed files with 548 additions and 57 deletions.
diff --git a/.github/workflows/image-build.yml b/.github/workflows/image-build.yml
@@ -2,6 +2,10 @@ name: "Image Build"
 
 on:
   workflow_dispatch:
+    inputs:
+      tag:
+        required: true
+        type: string
   workflow_call:
     inputs:
       tag:
@@ -12,13 +16,14 @@ on:
       - opened
       - synchronize
       - reopened
-
 
 run-name: "Image Build for tag ${{ github.ref_name }}"
 
 permissions:
   packages: write
   contents: write
+  pull-requests: write
+  issues: write
 
 jobs:
   build-and-push:
@@ -40,12 +45,12 @@ jobs:
       - name: Output VERSION_REF
         id: output_version_ref
         run: |
-            if [ "${{ github.event_name }}" == "pull_request" ]; then
-              # if on a PR we need to get the current branch name
-              echo "VERSION_REF=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT
-            else
-              echo "VERSION_REF=${{ inputs.tag }}" >> $GITHUB_OUTPUT
-            fi
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
+            # if on a PR we need to get the current branch name
+            echo "VERSION_REF=${{ github.event.pull_request.head.ref }}" >> $GITHUB_OUTPUT
+          else
+            echo "VERSION_REF=${{ inputs.tag }}" >> $GITHUB_OUTPUT
+          fi
 
       - name: Set up Docker Buildx
         id: setup_buildx
@@ -65,11 +70,15 @@ jobs:
           context: .
           platforms: linux/amd64, linux/arm64
           push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
           tags: ghcr.io/ministryofjustice/hmpps-ldap-automation:${{ steps.safe_tag.outputs.SAFE_TAG }}
           build-args: |
             VERSION_REF=${{ steps.output_version_ref.outputs.VERSION_REF }}
-        
+
       - name: Comment image tag on PR
+        env:
+          GH_TOKEN: ${{ github.token }}
         if: github.event_name == 'pull_request'
         run: |
           gh pr comment ${{ github.event.pull_request.number }} --body "Image built and pushed to ghcr.io/ministryofjustice/hmpps-ldap-automation:${{ steps.safe_tag.outputs.SAFE_TAG }}"

diff --git a/Dockerfile b/Dockerfile
@@ -1,12 +1,45 @@
-FROM python:3.10-alpine
 
-LABEL org.opencontainers.image.source = "https://github.com/ministryofjustice/hmpps-ldap-automation-cli"
+FROM ghcr.io/astral-sh/uv:python3.12-bookworm AS builder
+ENV UV_COMPILE_BYTECODE=1 \
+    UV_LINK_MODE=copy \
+    UV_PYTHON_DOWNLOADS=never
 
-ARG VERSION_REF=main
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    bash \
+    ca-certificates \
+    git \
+    build-essential \
+    libffi-dev \
+    libldap2-dev \
+    ldap-utils \
+    python3-dev \
+    libssl-dev \
+    libsasl2-dev
 
-# Basic tools for now
-RUN apk add --update --no-cache bash ca-certificates git build-base libffi-dev openssl-dev gcc musl-dev gcc g++ linux-headers build-base openldap-dev python3-dev
+WORKDIR /code
 
-RUN python3 -m pip install --upgrade pip && python3 -m pip install git+https://github.com/ministryofjustice/hmpps-ldap-automation-cli.git@${VERSION_REF}
+# Install dependencies
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
+    uv sync --frozen --no-install-project --no-dev
 
+# install cli
+
+COPY . .
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --frozen --no-dev
+
+FROM python:3.12-slim-bookworm
+# RUN apk add --update --no-cache bash ca-certificates git build-base libffi-dev openssl-dev gcc musl-dev gcc g++ linux-headers build-base openldap-dev python3-dev
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    bash \
+    ca-certificates \
+    git \
+    ldap-utils
+
+COPY --from=builder /code /code
+ENV PATH="/code/.venv/bin:$PATH"
 CMD ["ldap-automation"]
+
+LABEL org.opencontainers.image.source=https://github.com/ministryofjustice/hmpps-ldap-automation-cli
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,16 +1,27 @@
-[tool.black]
-# PEP-8 line length is not very practical
-line-length = 88
-include = '\.pyi?$'
-exclude = '''
-/(
-    \.git
-  | \.py_cache
-  | \venv
-)/
-'''
+[project]
+name = "hmpps-ldap-automation-cli"
+version = "1.0.1"
+description = "An Automation CLI for HMPPS Delius LDAP"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "click>=8.1.7",
+    "gitpython>=3.1.43",
+    "jinja2>=3.1.4",
+    "ldap3>=2.9.1",
+    "oracledb>=2.5.0",
+    "pygithub>=2.5.0",
+    "pyjwt>=2.9.0",
+    "python-dotenv>=1.0.1",
+    "python-ldap>=3.4.4",
+    "requests>=2.32.3",
+    "setuptools>=75.4.0",
+]
 
-[tool.codespell]
-skip = './venv,./rbac,./rendered'
-count = ''
-quiet-level = 3
+[build-system]
+requires = ["setuptools"]
+build-backend = "setuptools.build_meta"
+
+
+[project.scripts]
+ldap-automation = "cli:main_group"
diff --git a/requirements.txt b/requirements.txt
@@ -1,11 +1,11 @@
 click==8.1.7
 ldap3==2.9.1
-oracledb==1.4
+oracledb==2.4.1
 PyGithub
 GitPython==3.1.43
 pyjwt==2.9.0
 python-dotenv==1.0.1
 Jinja2==3.1.4
 python-ldap
 requests==2.32.3
-setuptools==72.0.0
+setuptools==75.3.0
diff --git a/setup.py b/setup.py