From 27f61aa94f43b01f65d7f195f30e372bf58d4a0a Mon Sep 17 00:00:00 2001 From: CaffeineFueled Date: Mon, 25 May 2026 03:23:06 +0200 Subject: [PATCH] deply: FIX redis problem with distroless deployment --- Dockerfile | 31 +++++++++++++++++-------------- app.py | 4 ++-- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 95e0386..fa0109a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1.7 # ============================================================================ -# Build stage: install Python dependencies into a dedicated prefix +# Build stage: create a self-contained venv with all dependencies # ============================================================================ FROM python:3.11-slim-bookworm AS builder @@ -10,15 +10,19 @@ ENV PYTHONDONTWRITEBYTECODE=1 \ PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=1 -# Install runtime deps into /install. --target keeps everything in one tree -# so we can copy it cleanly to a distroless image without venv/shebang issues. -RUN pip install --target=/install \ +# --copies bundles the Python binary itself into /opt/venv so the runtime +# stage gets a self-contained tree (no symlinks back to /usr/local/bin). +RUN python -m venv --copies /opt/venv +ENV PATH=/opt/venv/bin:$PATH + +# Install runtime deps into the venv's site-packages +RUN pip install \ fastapi==0.115.* \ "uvicorn[standard]==0.30.*" \ redis==5.0.* -# Pre-compile bytecode for faster cold start under a read-only rootfs -RUN python -m compileall -q /install +# Pre-compile bytecode for faster cold start on a read-only rootfs +RUN python -m compileall -q /opt/venv # ============================================================================ # Runtime stage: distroless Python 3.11, non-root, no shell @@ -29,21 +33,20 @@ RUN python -m compileall -q /install FROM gcr.io/distroless/python3-debian12:nonroot ENV PYTHONDONTWRITEBYTECODE=1 \ - PYTHONUNBUFFERED=1 \ - PYTHONPATH=/app/lib + PYTHONUNBUFFERED=1 WORKDIR /app -# Site-packages first (rarely changes → maximises layer cache) -COPY --from=builder --chown=nonroot:nonroot /install /app/lib +# Self-contained venv (its bin/python and site-packages travel together) +COPY --from=builder --chown=nonroot:nonroot /opt/venv /opt/venv -# Application source (changes most often → its own layer) +# Application source (its own layer so source-only changes don't bust dep cache) COPY --chown=nonroot:nonroot app.py favicon.ico /app/ USER nonroot EXPOSE 8000 -# Module form (-m uvicorn) sidesteps broken shebangs in /app/lib/bin/uvicorn -# (those were generated against the builder's Python path, not distroless's). -ENTRYPOINT ["/usr/bin/python3", "-m", "uvicorn"] +# Invoking the venv's Python directly makes its site-packages discoverable +# automatically (sys.prefix points inside /opt/venv) — no PYTHONPATH needed. +ENTRYPOINT ["/opt/venv/bin/python", "-m", "uvicorn"] CMD ["app:app", "--host", "0.0.0.0", "--port", "8000"] diff --git a/app.py b/app.py index 46d29ee..cb453bb 100644 --- a/app.py +++ b/app.py @@ -68,8 +68,8 @@ def init_valkey(): redis_client = redis.from_url(VALKEY_URL, decode_responses=True) redis_client.ping() # Test connection print(f"Valkey/Redis connected: {VALKEY_URL}") - except ImportError: - print("Warning: redis package not installed, falling back to memory-only storage") + except ImportError as e: + print(f"Warning: redis package import failed ({e}), falling back to memory-only storage") redis_client = None except Exception as e: print(f"Warning: Failed to connect to Valkey/Redis: {e}")