forked from EHV/sejeteralo
fix prod : Eau2018.xls hors du volume /app + pin Trivy
Le volume backend-data monté sur /app masquait Eau2018.xls copié dans l'image à /app/Eau2018.xls — d'où le FileNotFoundError au step seed CI. - Dockerfile : copie Eau2018.xls dans /opt/ (hors mount) - seed.py : résolution multi-chemin avec /opt en priorité (Docker) - .woodpecker.yml : trivy:latest -> trivy:0.70.0 (pin reproductibilité) Note : si le seed replante avec la même erreur après ce commit, c'est que le volume backend-data en prod a aussi un seed.py figé (shadowing de /app entier). Fix de fond à venir : déplacer le mount sur /app/data.
This commit is contained in:
syoul
@@ -67,7 +67,7 @@ steps:
|
|||||||
|
|
||||||
# NOTE: volumes + pas de from_secret : compatible
|
# NOTE: volumes + pas de from_secret : compatible
|
||||||
- name: sbom-scan
|
- name: sbom-scan
|
||||||
image: aquasec/trivy:latest
|
image: aquasec/trivy:0.70.0
|
||||||
volumes:
|
volumes:
|
||||||
- /home/syoul/trivy-cache:/root/.cache/trivy
|
- /home/syoul/trivy-cache:/root/.cache/trivy
|
||||||
commands:
|
commands:
|
||||||
|
|||||||
@@ -17,9 +17,12 @@ from app.services.auth_service import hash_password
|
|||||||
from app.services.import_service import generate_auth_code
|
from app.services.import_service import generate_auth_code
|
||||||
from app.engine.pricing import HouseholdData, compute_p0
|
from app.engine.pricing import HouseholdData, compute_p0
|
||||||
|
|
||||||
XLS_PATH = os.path.join(os.path.dirname(__file__), "Eau2018.xls")
|
_XLS_CANDIDATES = [
|
||||||
if not os.path.exists(XLS_PATH):
|
"/opt/Eau2018.xls", # image Docker (hors volume monté sur /app)
|
||||||
XLS_PATH = os.path.join(os.path.dirname(__file__), "..", "Eau2018.xls")
|
os.path.join(os.path.dirname(__file__), "Eau2018.xls"),
|
||||||
|
os.path.join(os.path.dirname(__file__), "..", "Eau2018.xls"), # dev local depuis backend/
|
||||||
|
]
|
||||||
|
XLS_PATH = next((p for p in _XLS_CANDIDATES if os.path.exists(p)), _XLS_CANDIDATES[-1])
|
||||||
|
|
||||||
|
|
||||||
# Codes fixes — identiques dans le dev hint frontend
|
# Codes fixes — identiques dans le dev hint frontend
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ COPY backend/requirements.txt .
|
|||||||
RUN pip install --no-cache-dir -r requirements.txt
|
RUN pip install --no-cache-dir -r requirements.txt
|
||||||
|
|
||||||
COPY backend/ .
|
COPY backend/ .
|
||||||
COPY Eau2018.xls /app/Eau2018.xls
|
COPY Eau2018.xls /opt/Eau2018.xls
|
||||||
|
|
||||||
# Production
|
# Production
|
||||||
FROM base AS production
|
FROM base AS production
|
||||||
@@ -22,6 +22,7 @@ COPY --from=build /usr/local/lib/python3.11/site-packages /usr/local/lib/python3
|
|||||||
COPY --from=build /usr/local/bin/uvicorn /usr/local/bin/uvicorn
|
COPY --from=build /usr/local/bin/uvicorn /usr/local/bin/uvicorn
|
||||||
COPY --from=build /usr/local/bin/alembic /usr/local/bin/alembic
|
COPY --from=build /usr/local/bin/alembic /usr/local/bin/alembic
|
||||||
COPY --from=build /app /app
|
COPY --from=build /app /app
|
||||||
|
COPY --from=build /opt/Eau2018.xls /opt/Eau2018.xls
|
||||||
|
|
||||||
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
||||||
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/docs')" || exit 1
|
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/docs')" || exit 1
|
||||||
|
|||||||
Reference in New Issue
Block a user