From 4978c7c72b8641dfe558daabe6d23e17970c0279 Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Sun, 5 May 2024 14:24:45 +0800
Subject: [PATCH 1/7] merge dockerfiles into one

---
 Dockerfile             | 45 ++++++++++++++++++------------------
 dev.Dockerfile         | 52 ------------------------------------------
 docker-compose-dev.yml |  9 ++++----
 docker-compose.yml     |  9 +++++---
 4 files changed, 34 insertions(+), 81 deletions(-)
 delete mode 100644 dev.Dockerfile

diff --git a/Dockerfile b/Dockerfile
index c1530aa90..17d2bd6d7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,9 @@
 # [Node Stage to get node_modolues and node dependencies]
-FROM node:8.16.0-buster-slim as node_stage
+FROM node:8.16.0-buster-slim as node_base
+# [Python Stage for Django web server]
+FROM python:3.10.14-slim-bullseye as python_base
 
+FROM node_base as node_dependencies
 COPY ./yarn.lock yarn.lock
 COPY ./package.json package.json
 
@@ -8,12 +11,9 @@ RUN apt-get update
 RUN apt-get install python-pip -y
 
 RUN npm install -g yarn
-RUN yarn install --dev --frozen-lockfile  \
- && rm -rf $HOME/.cache/yarn/*
-
+RUN yarn install --dev --frozen-lockfile
 
-# [Python Stage for Django web server]
-FROM python:3.10.14-slim-bullseye as python_stage
+FROM python_base as python_dependencies
 
 ENV PYTHONUNBUFFERED=1 \
     PYTHONDONTWRITEBYTECODE=1 \
@@ -26,15 +26,6 @@ ENV PYTHONUNBUFFERED=1 \
 ENV BASE_DIR /usr/local
 ENV APP_DIR $BASE_DIR/app
 
-COPY --from=node_stage /node_modules $APP_DIR/node_modules
-COPY --from=node_stage /usr/local/bin/node /usr/local/bin/node
-
-# make nodejs accessible and executable globally
-ENV NODE_PATH $APP_DIR/node_modules/
-ENV PATH /usr/local/bin:$PATH
-
-# Add bin directory used by `pip install --user`
-ENV PATH /home/docker/.local/bin:$PATH
 
 # Infrastructure tools
 # gettext is used for django to compile .po to .mo files.
@@ -49,23 +40,33 @@ RUN apt-get install -y \
     libxml2-dev \
     libxslt-dev
 
-# APP directory setup
-RUN adduser --system --disabled-login docker \
- && mkdir -p "$BASE_DIR" "$APP_DIR" "$APP_DIR/src/assets" "$APP_DIR/src/media" \
- && chown -R docker:nogroup "$BASE_DIR" "$APP_DIR"
-
 # Install Poetry
 RUN pip install --no-cache-dir pip==23.3.2 && \
     pip install --no-cache-dir poetry==1.8.2
 
-# Install Python dependencies (only main dependencies)
-COPY --chown=docker:nogroup pyproject.toml poetry.lock ./
+# Install Python dependencies
+COPY pyproject.toml poetry.lock ./
 RUN poetry install --no-root && \
     yes | poetry cache clear --all pypi
 
 # Add poetry bin directory to PATH
 ENV PATH="${WORKDIR}/.venv/bin:$PATH"
 
+COPY --from=node_dependencies /node_modules $APP_DIR/node_modules
+COPY --from=node_dependencies /usr/local/bin/node /usr/local/bin/node
+
+# Make nodejs accessible and executable globally
+ENV NODE_PATH $APP_DIR/node_modules/
+
+FROM python_dependencies as dev
+
+
+FROM python_dependencies as prod
+# APP directory setup
+RUN adduser --system --disabled-login docker \
+ && mkdir -p "$BASE_DIR" "$APP_DIR" "$APP_DIR/src/assets" "$APP_DIR/src/media" \
+ && chown -R docker:nogroup "$BASE_DIR" "$APP_DIR"
+
 # Finally, copy all the project files along with source files
 COPY --chown=docker:nogroup ./ $APP_DIR
 
diff --git a/dev.Dockerfile b/dev.Dockerfile
deleted file mode 100644
index 7190fdf06..000000000
--- a/dev.Dockerfile
+++ /dev/null
@@ -1,52 +0,0 @@
-# [Node Stage to get node_modolues and node dependencies]
-FROM node:8.16.0-buster-slim as node_stage
-
-COPY ./yarn.lock yarn.lock
-COPY ./package.json package.json
-
-RUN apt-get update
-RUN apt-get install python-pip -y
-
-RUN npm install -g yarn
-RUN yarn install --dev --frozen-lockfile
-
-# [Python Stage for Django web server]
-FROM python:3.10.14-slim-bullseye as python_stage
-
-WORKDIR /app
-
-ENV PYTHONUNBUFFERED=1 \
-    PYTHONDONTWRITEBYTECODE=1 \
-    PIP_DISABLE_PIP_VERSION_CHECK=on \
-    PIP_DEFAULT_TIMEOUT=100 \
-    POETRY_HOME="/opt/poetry" \
-    POETRY_VIRTUALENVS_IN_PROJECT=true \
-    POETRY_NO_INTERACTION=1
-
-# Infrastructure tools
-# gettext is used for django to compile .po to .mo files.
-RUN apt-get update
-RUN apt-get install -y \
-    libpq-dev \
-    gcc \
-    zlib1g-dev \
-    libjpeg62-turbo-dev \
-    mime-support \
-    gettext \
-    libxml2-dev \
-    libxslt-dev
-
-# Install Poetry
-RUN pip install --no-cache-dir pip==23.3.2 && \
-    pip install --no-cache-dir poetry==1.8.2
-
-# Install Python dependencies
-COPY pyproject.toml poetry.lock ./
-RUN poetry install --no-root && \
-    yes | poetry cache clear --all pypi
-
-# Add poetry bin directory to PATH
-ENV PATH="${WORKDIR}/.venv/bin:$PATH"
-
-COPY --from=node_stage /node_modules ./node_modules
-COPY --from=node_stage /usr/local/bin/node /usr/local/bin/node
diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml
index da6ed1db1..807b62ca8 100644
--- a/docker-compose-dev.yml
+++ b/docker-compose-dev.yml
@@ -14,10 +14,11 @@ services:
     container_name: pycontw_dev
     build:
       context: .
-      dockerfile: dev.Dockerfile
+      dockerfile: Dockerfile
+      target: dev
     volumes:
-      - ./src:/app/src
-      - ./logs:/app/logs
+      - ./src:/usr/local/app/src
+      - ./logs:/usr/local/app/logs
     ports:
       - "8000:8000"
     depends_on:
@@ -26,5 +27,5 @@ services:
       - DJANGO_SUPERUSER_USERNAME=admin
       - DJANGO_SUPERUSER_PASSWORD=1234
       - DJANGO_SUPERUSER_EMAIL=admin@pycon.tw
-    working_dir: /app/src
+    working_dir: /usr/local/app/src
     command: tail -f /dev/null
diff --git a/docker-compose.yml b/docker-compose.yml
index d2f5b1f40..2b4e67b82 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,10 @@
 version: "3.5"
 services:
   web:
-    build: .
+    build:
+      context: .
+      dockerfile: Dockerfile
+      target: prod
     container_name: pycontw-2024
     hostname: pycontw-2024
     entrypoint: ""
@@ -37,9 +40,9 @@ services:
     volumes:
       - ${MEDIA_ROOT}:/usr/local/app/src/media
     networks:
-      - network
+      - network-2024
 
 networks:
-  network:
+  network-2024:
     external: true
     name: network-2024

From 06c7bdf741ca6a974220ee6b02b7e06f0d38d190 Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Tue, 7 May 2024 11:46:21 +0800
Subject: [PATCH 2/7] optimize Dockefile

---
 Dockerfile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 17d2bd6d7..b4e207c08 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,12 +11,11 @@ RUN apt-get update
 RUN apt-get install python-pip -y
 
 RUN npm install -g yarn
-RUN yarn install --dev --frozen-lockfile
+RUN yarn install --dev --frozen-lockfile && yarn cache clean
 
 FROM python_base as python_dependencies
 
 ENV PYTHONUNBUFFERED=1 \
-    PYTHONDONTWRITEBYTECODE=1 \
     PIP_DISABLE_PIP_VERSION_CHECK=on \
     PIP_DEFAULT_TIMEOUT=100 \
     POETRY_HOME="/opt/poetry" \
@@ -30,6 +29,7 @@ ENV APP_DIR $BASE_DIR/app
 # Infrastructure tools
 # gettext is used for django to compile .po to .mo files.
 RUN apt-get update
+RUN apt-get upgrade -y 
 RUN apt-get install -y \
     libpq-dev \
     gcc \
@@ -46,7 +46,7 @@ RUN pip install --no-cache-dir pip==23.3.2 && \
 
 # Install Python dependencies
 COPY pyproject.toml poetry.lock ./
-RUN poetry install --no-root && \
+RUN poetry install --no-root --only main && \
     yes | poetry cache clear --all pypi
 
 # Add poetry bin directory to PATH
@@ -59,6 +59,7 @@ COPY --from=node_dependencies /usr/local/bin/node /usr/local/bin/node
 ENV NODE_PATH $APP_DIR/node_modules/
 
 FROM python_dependencies as dev
+RUN poetry install --no-root --only dev
 
 
 FROM python_dependencies as prod

From d6a5fa41116fd83ab318aac6af24cb38becf1632 Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Wed, 8 May 2024 10:35:42 +0800
Subject: [PATCH 3/7] rm direct chown in Dockerfile

---
 Dockerfile | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b4e207c08..759d44e5e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,7 +3,7 @@ FROM node:8.16.0-buster-slim as node_base
 # [Python Stage for Django web server]
 FROM python:3.10.14-slim-bullseye as python_base
 
-FROM node_base as node_dependencies
+FROM node_base as node_deps
 COPY ./yarn.lock yarn.lock
 COPY ./package.json package.json
 
@@ -13,8 +13,7 @@ RUN apt-get install python-pip -y
 RUN npm install -g yarn
 RUN yarn install --dev --frozen-lockfile && yarn cache clean
 
-FROM python_base as python_dependencies
-
+FROM python_base as python_deps
 ENV PYTHONUNBUFFERED=1 \
     PIP_DISABLE_PIP_VERSION_CHECK=on \
     PIP_DEFAULT_TIMEOUT=100 \
@@ -22,9 +21,7 @@ ENV PYTHONUNBUFFERED=1 \
     POETRY_VIRTUALENVS_IN_PROJECT=true \
     POETRY_NO_INTERACTION=1
 
-ENV BASE_DIR /usr/local
-ENV APP_DIR $BASE_DIR/app
-
+ENV APP_DIR /usr/local/app
 
 # Infrastructure tools
 # gettext is used for django to compile .po to .mo files.
@@ -52,23 +49,25 @@ RUN poetry install --no-root --only main && \
 # Add poetry bin directory to PATH
 ENV PATH="${WORKDIR}/.venv/bin:$PATH"
 
-COPY --from=node_dependencies /node_modules $APP_DIR/node_modules
-COPY --from=node_dependencies /usr/local/bin/node /usr/local/bin/node
-
 # Make nodejs accessible and executable globally
 ENV NODE_PATH $APP_DIR/node_modules/
 
-FROM python_dependencies as dev
+FROM python_deps as dev
 RUN poetry install --no-root --only dev
 
+COPY --from=node_deps /node_modules $APP_DIR/node_modules
+COPY --from=node_deps /usr/local/bin/node /usr/local/bin/node
 
-FROM python_dependencies as prod
-# APP directory setup
-RUN adduser --system --disabled-login docker \
- && mkdir -p "$BASE_DIR" "$APP_DIR" "$APP_DIR/src/assets" "$APP_DIR/src/media" \
- && chown -R docker:nogroup "$BASE_DIR" "$APP_DIR"
+FROM python_deps as build
+RUN mkdir -p "$APP_DIR" "$APP_DIR/src/assets" "$APP_DIR/src/media"
 
+FROM python_deps as prod
+# APP directory setup
+RUN adduser --system --disabled-login docker
 # Finally, copy all the project files along with source files
+COPY --chown=docker:nogroup --from=build $APP_DIR $APP_DIR
+COPY --chown=docker:nogroup --from=node_deps /node_modules $APP_DIR/node_modules
+COPY --chown=docker:nogroup --from=node_deps /usr/local/bin/node /usr/local/bin/node
 COPY --chown=docker:nogroup ./ $APP_DIR
 
 USER docker

From c87cf088f92bf5f23cdc19fd1455acd8e1b36152 Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Wed, 8 May 2024 13:19:04 +0800
Subject: [PATCH 4/7] add Dockerifle comment

---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 759d44e5e..ce0e491bb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -64,7 +64,8 @@ RUN mkdir -p "$APP_DIR" "$APP_DIR/src/assets" "$APP_DIR/src/media"
 FROM python_deps as prod
 # APP directory setup
 RUN adduser --system --disabled-login docker
-# Finally, copy all the project files along with source files
+# Use COPY --chown instead of RUN chown -R directly to avoid increasing image size
+# https://github.com/pycontw/pycon.tw/pull/1194
 COPY --chown=docker:nogroup --from=build $APP_DIR $APP_DIR
 COPY --chown=docker:nogroup --from=node_deps /node_modules $APP_DIR/node_modules
 COPY --chown=docker:nogroup --from=node_deps /usr/local/bin/node /usr/local/bin/node

From ca2483881e77b2bd37204f6c06c238378847f09f Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Wed, 8 May 2024 17:34:45 +0800
Subject: [PATCH 5/7] fix Docker comment

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index ce0e491bb..924cb2a72 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -65,7 +65,7 @@ FROM python_deps as prod
 # APP directory setup
 RUN adduser --system --disabled-login docker
 # Use COPY --chown instead of RUN chown -R directly to avoid increasing image size
-# https://github.com/pycontw/pycon.tw/pull/1194
+# https://github.com/pycontw/pycon.tw/pull/1194#discussion_r1593319742
 COPY --chown=docker:nogroup --from=build $APP_DIR $APP_DIR
 COPY --chown=docker:nogroup --from=node_deps /node_modules $APP_DIR/node_modules
 COPY --chown=docker:nogroup --from=node_deps /usr/local/bin/node /usr/local/bin/node

From 095b2961c775e008be33bf84161883a4edff7e40 Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Wed, 8 May 2024 18:39:32 +0800
Subject: [PATCH 6/7] rm unnecessary environment variables

---
 Dockerfile | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 924cb2a72..7dc31c9f3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,13 +14,6 @@ RUN npm install -g yarn
 RUN yarn install --dev --frozen-lockfile && yarn cache clean
 
 FROM python_base as python_deps
-ENV PYTHONUNBUFFERED=1 \
-    PIP_DISABLE_PIP_VERSION_CHECK=on \
-    PIP_DEFAULT_TIMEOUT=100 \
-    POETRY_HOME="/opt/poetry" \
-    POETRY_VIRTUALENVS_IN_PROJECT=true \
-    POETRY_NO_INTERACTION=1
-
 ENV APP_DIR /usr/local/app
 
 # Infrastructure tools
@@ -37,6 +30,10 @@ RUN apt-get install -y \
     libxml2-dev \
     libxslt-dev
 
+ENV PIP_DISABLE_PIP_VERSION_CHECK=on \
+PIP_DEFAULT_TIMEOUT=100 \
+POETRY_VIRTUALENVS_IN_PROJECT=true
+
 # Install Poetry
 RUN pip install --no-cache-dir pip==23.3.2 && \
     pip install --no-cache-dir poetry==1.8.2

From 0fa245418a5b5282a991ed2cd01d1428c4e9ee7d Mon Sep 17 00:00:00 2001
From: min <minhsiungw@gmail.com>
Date: Wed, 8 May 2024 18:41:35 +0800
Subject: [PATCH 7/7] re-add PYTHONUNBUFFERED

---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 7dc31c9f3..56a7bab4a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -30,7 +30,8 @@ RUN apt-get install -y \
     libxml2-dev \
     libxslt-dev
 
-ENV PIP_DISABLE_PIP_VERSION_CHECK=on \
+ENV PYTHONUNBUFFERED=1 \ 
+PIP_DISABLE_PIP_VERSION_CHECK=on \
 PIP_DEFAULT_TIMEOUT=100 \
 POETRY_VIRTUALENVS_IN_PROJECT=true