From 46e8e983f180a1bb68463c407b7087c2031ecdec Mon Sep 17 00:00:00 2001 From: Stijnvandenbroek Date: Wed, 4 Mar 2026 13:40:19 +0000 Subject: [PATCH] fix: isolate usercode container --- Dockerfile | 20 +++++++++++++++++--- docker-compose.yaml | 34 ++++++++++++++++++++++------------ pyproject.toml | 2 +- 3 files changed, 40 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index ee12247..28d5d9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ -FROM python:3.12-slim +# ── Usercode: full application (gRPC server) ───────────────────────── +FROM python:3.12-slim AS usercode WORKDIR /app -# Install uv COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv # Install dependencies before copying full source (layer caching) @@ -12,9 +12,23 @@ RUN uv sync --frozen --no-dev 2>/dev/null || uv sync --no-dev # Copy application source COPY . . -# Make the venv's binaries available on PATH ENV PATH="/app/.venv/bin:$PATH" ENV DAGSTER_HOME=/app/dagster_home RUN chmod +x /app/entrypoint.sh ENTRYPOINT ["/app/entrypoint.sh"] + +# ── Infrastructure: webserver / daemon (no user code) ──────────────── +FROM python:3.12-slim AS dagster-infra + +WORKDIR /app + +COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv + +# Only the Dagster packages needed to run webserver / daemon and reach +# the metadata store. No application code is installed. +RUN uv pip install --system dagster dagster-webserver dagster-postgres + +COPY dagster_home/ ./dagster_home/ + +ENV DAGSTER_HOME=/app/dagster_home diff --git a/docker-compose.yaml b/docker-compose.yaml index e00c881..d2fb1ca 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,10 +1,5 @@ -version: "3.9" - # Shared config for all dagster services x-dagster: &dagster-common - build: - context: . - dockerfile: Dockerfile env_file: .env environment: DAGSTER_HOME: /app/dagster_home @@ -37,34 +32,49 @@ services: # User code gRPC server dagster-usercode: <<: *dagster-common + build: + context: . + target: usercode container_name: dagster-usercode - command: ["dagster", "api", "grpc", "-h", "0.0.0.0", "-p", "4000", "-m", "data_platform"] + command: + ["dagster", "api", "grpc", "-h", "0.0.0.0", "-p", "4000", "-m", "data_platform.definitions"] volumes: - dbt-target:/app/dbt/target expose: - "4000" + healthcheck: + test: ["CMD", "dagster", "api", "grpc-health-check", "-p", "4000"] + interval: 15s + timeout: 10s + retries: 5 + start_period: 30s # Web UI dagster-webserver: <<: *dagster-common + build: + context: . + target: dagster-infra container_name: dagster-webserver - entrypoint: [] - command: ["dagster-webserver", "-h", "0.0.0.0", "-p", "3000"] + command: + ["dagster-webserver", "-h", "0.0.0.0", "-p", "3000", "-w", "/app/dagster_home/workspace.yaml"] ports: - "3000:3000" depends_on: dagster-usercode: - condition: service_started + condition: service_healthy # Schedules, sensors and run queuing dagster-daemon: <<: *dagster-common + build: + context: . + target: dagster-infra container_name: dagster-daemon - entrypoint: [] - command: ["dagster-daemon", "run"] + command: ["dagster-daemon", "run", "-w", "/app/dagster_home/workspace.yaml"] depends_on: dagster-usercode: - condition: service_started + condition: service_healthy volumes: postgres-data: diff --git a/pyproject.toml b/pyproject.toml index 28d2ad9..7f70114 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -20,7 +20,7 @@ build-backend = "hatchling.build" packages = ["data_platform"] [tool.dagster] -module_name = "data_platform" +module_name = "data_platform.definitions" attribute = "defs" [dependency-groups]