grillazz · grillazz · Mar 8, 2025 · Mar 8, 2025 · Mar 8, 2025 · Mar 8, 2025
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
@@ -7,20 +7,19 @@ on:
       - main
 
 jobs:
-  test:
+  build:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         python-version: [ "3.13" ]
-        poetry-version: [ "1.8.5" ]
 
     env:
       PYTHONDONTWRITEBYTECODE: 1
       PYTHONUNBUFFERED: 1
       POSTGRES_DB: testdb
       POSTGRES_HOST: 127.0.0.1
-      POSTGRES_USER: app-user
+      POSTGRES_USER: panettone
       POSTGRES_PASSWORD: secret
       PGPASSWORD: secret
       REDIS_HOST: 127.0.0.1
@@ -37,7 +36,7 @@ jobs:
       sqldb:
         image: postgres:16
         env:
-          POSTGRES_USER: app-user
+          POSTGRES_USER: panettone
           POSTGRES_PASSWORD: secret
           POSTGRES_DB: testdb
         ports:
@@ -48,18 +47,13 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Create database schema
-        run: PGPASSWORD=secret psql -h 127.0.0.1 -d testdb -U app-user -c "CREATE SCHEMA shakespeare; CREATE SCHEMA happy_hog;"
-      - uses: actions/setup-python@v5
+        run: PGPASSWORD=secret psql -h 127.0.0.1 -d testdb -U panettone -c "CREATE SCHEMA shakespeare; CREATE SCHEMA happy_hog;"
+
+      - name: Install the latest version of uv and set the python version
+        uses: astral-sh/setup-uv@v5
         with:
           python-version: ${{ matrix.python-version }}
-      - name: Install Poetry
-        uses: abatilo/actions-poetry@v3
-        with:
-          poetry-version: ${{ matrix.poetry-version }}
-      - name: Install dependencies
-        if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
-        run: poetry install --no-interaction --no-root
-      - name: Test Code
-        run: poetry run pytest tests/
-      - name: Lint Code
-        run: poetry run ruff check .
+
+      - name: Test with python ${{ matrix.python-version }}
+        run: uv run --frozen pytest
+
diff --git a/Dockerfile b/Dockerfile
@@ -1,43 +1,62 @@
-FROM python:3.13-slim-bookworm AS base
-RUN apt-get update \
-    && apt-get upgrade -y \
-    && apt-get install -y --no-install-recommends curl git build-essential \
-    && apt-get autoremove -y
-ENV POETRY_HOME="/opt/poetry"
-RUN curl -sSL https://install.python-poetry.org | python3 -
-
-FROM base AS install
-WORKDIR /home/code
-
-# allow controlling the poetry installation of dependencies via external args
-ARG INSTALL_ARGS="--no-root --no-interaction --no-ansi"
-ENV POETRY_HOME="/opt/poetry"
-ENV PATH="$POETRY_HOME/bin:$PATH"
-COPY pyproject.toml poetry.lock ./
-
-# install without virtualenv, since we are inside a container
-RUN poetry config virtualenvs.create false \
-    && poetry install $INSTALL_ARGS
-
-# cleanup
-RUN curl -sSL https://install.python-poetry.org | python3 - --uninstall
-RUN apt-get purge -y curl git build-essential \
-    && apt-get clean -y \
-    && rm -rf /root/.cache \
-    && rm -rf /var/apt/lists/* \
-    && rm -rf /var/cache/apt/*
-
-FROM install AS app-image
-
-ENV PYTHONPATH=/home/code/ PYTHONHASHSEED=0 PYTHONASYNCIODEBUG=1
-
-COPY tests/ tests/
-COPY app/ app/
-COPY alembic/ alembic/
-COPY .env alembic.ini ./
-
-# create a non-root user and switch to it, for security.
-RUN addgroup --system --gid 1001 "app-user"
-RUN adduser --system --uid 1001 "app-user"
-USER "app-user"
-
+FROM ubuntu:oracular AS build
+
+RUN apt-get update -qy && apt-get install -qyy \
+    -o APT::Install-Recommends=false \
+    -o APT::Install-Suggests=false \
+    build-essential \
+    ca-certificates \
+    python3-setuptools \
+    python3.13-dev \
+    git
+
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
+
+ENV UV_LINK_MODE=copy \
+    UV_COMPILE_BYTECODE=1 \
+    UV_PYTHON_DOWNLOADS=never \
+    UV_PYTHON=python3.13 \
+    UV_PROJECT_ENVIRONMENT=/panettone
+
+COPY pyproject.toml /_lock/
+COPY uv.lock /_lock/
+
+RUN --mount=type=cache,target=/root/.cache
+RUN cd /_lock  && uv sync \
+    --locked \
+    --no-dev \
+    --no-install-project
+##########################################################################
+FROM ubuntu:oracular
+
+ENV PATH=/panettone/bin:$PATH
+
+RUN groupadd -r panettone
+RUN useradd -r -d /panettone -g panettone -N panettone
+
+STOPSIGNAL SIGINT
+
+RUN apt-get update -qy && apt-get install -qyy \
+    -o APT::Install-Recommends=false \
+    -o APT::Install-Suggests=false \
+    python3.13 \
+    libpython3.13 \
+    libpcre3 \
+    libxml2
+
+RUN apt-get clean
+RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY --from=build --chown=panettone:panettone /panettone /panettone
+
+USER panettone
+WORKDIR /panettone
+COPY /app/ app/
+COPY /tests/ tests/
+COPY .env app/
+COPY alembic.ini app/
+COPY alembic/ app/alembic/
+COPY logging-uvicorn.json /panettone/logging-uvicorn.json
+
+RUN python -V
+RUN python -Im site
+RUN python -Ic 'import uvicorn'