dockerfiles and all terraform for builder and server

2026-01-09 23:28:07 -05:00 · 2024-07-18 11:10:14 +01:00
parent 354e626965
commit ab99c98772
5 changed files with 268 additions and 0 deletions
--- a/rnd/Dockerfile.builder
+++ b/rnd/Dockerfile.builder
@@ -0,0 +1,33 @@
+FROM node:21-alpine as base
+RUN apk add --no-cache g++ make py3-pip libc6-compat
+WORKDIR /app
+COPY autogpt_builder/package*.json ./
+EXPOSE 3000
+
+FROM base as builder
+WORKDIR /app
+COPY autogpt_builder .
+RUN npm run build
+
+FROM base as production
+WORKDIR /app
+
+ENV NODE_ENV=production
+RUN npm ci
+
+RUN addgroup -g 1001 -S nodejs
+RUN adduser -S nextjs -u 1001
+USER nextjs
+
+COPY --from=builder --chown=nextjs:nodejs /app/.next ./.next
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/package.json ./package.json
+COPY --from=builder /app/public ./public
+
+CMD npm start
+
+FROM base as dev
+ENV NODE_ENV=development
+RUN npm install
+COPY autogpt_builder .
+CMD npm run dev
--- a/rnd/Dockerfile.server
+++ b/rnd/Dockerfile.server
@@ -0,0 +1,46 @@
+# Use an official Python runtime as a parent image
+FROM python:3.11-slim-buster as server_base
+
+# Set environment variables
+ENV PYTHONDONTWRITEBYTECODE 1
+ENV PYTHONUNBUFFERED 1
+
+# Set work directory in the container
+WORKDIR /app
+
+# Install system dependencies
+RUN apt-get update \
+    && apt-get install -y build-essential curl ffmpeg wget libcurl4-gnutls-dev libexpat1-dev gettext libz-dev libssl-dev \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* \
+    && wget https://github.com/git/git/archive/v2.28.0.tar.gz -O git.tar.gz \
+    && tar -zxf git.tar.gz \
+    && cd git-* \
+    && make prefix=/usr all \
+    && make prefix=/usr install
+
+# Install Poetry - respects $POETRY_VERSION & $POETRY_HOME
+ENV POETRY_VERSION=1.1.8 \
+    POETRY_HOME="/opt/poetry" \
+    POETRY_NO_INTERACTION=1 \
+    POETRY_VIRTUALENVS_CREATE=false \
+    PATH="$POETRY_HOME/bin:$PATH"
+RUN pip3 install poetry
+
+# Copy only requirements to cache them in Docker layer
+WORKDIR /app
+COPY autogpt_server/pyproject.toml autogpt_server/poetry.lock* /app/
+
+# Project initialization:
+RUN poetry install --no-interaction --no-ansi
+
+FROM server_base as server_db
+
+RUN poetry run prisma generate
+
+FROM server_db as server
+COPY autogpt_server /app
+
+ENV PORT=8000
+
+CMD poetry run app
--- a/rnd/infra/terraform/environments/dev/main.tf
+++ b/rnd/infra/terraform/environments/dev/main.tf
@@ -0,0 +1,33 @@
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+module "cloudrun" {
+  source = "../../modules/cloudrun"
+
+  project_id    = var.project_id
+  region        = var.region
+  environment   = "dev"
+  server_image  = "gcr.io/${var.project_id}/autogpt-server:dev"
+  builder_image = "gcr.io/${var.project_id}/autogpt-builder:dev"
+}
+
+variable "project_id" {
+  description = "The ID of the Google Cloud project"
+  type        = string
+}
+
+variable "region" {
+  description = "The region to deploy the Cloud Run services"
+  type        = string
+  default     = "us-central1"
+}
+
+output "dev_server_url" {
+  value = module.cloudrun.server_url
+}
+
+output "dev_builder_url" {
+  value = module.cloudrun.builder_url
+}
--- a/rnd/infra/terraform/environments/prod/main.tf
+++ b/rnd/infra/terraform/environments/prod/main.tf
@@ -0,0 +1,34 @@
+
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+module "cloudrun" {
+  source = "../../modules/cloudrun"
+
+  project_id    = var.project_id
+  region        = var.region
+  environment   = "prod"
+  server_image  = "gcr.io/${var.project_id}/autogpt-server:prod"
+  builder_image = "gcr.io/${var.project_id}/autogpt-builder:prod"
+}
+
+variable "project_id" {
+  description = "The ID of the Google Cloud project"
+  type        = string
+}
+
+variable "region" {
+  description = "The region to deploy the Cloud Run services"
+  type        = string
+  default     = "us-central1"
+}
+
+output "prod_server_url" {
+  value = module.cloudrun.server_url
+}
+
+output "prod_builder_url" {
+  value = module.cloudrun.builder_url
+}
--- a/rnd/infra/terraform/modules/cloudrun/main.tf
+++ b/rnd/infra/terraform/modules/cloudrun/main.tf
@@ -0,0 +1,122 @@
+variable "project_id" {
+  description = "The ID of the Google Cloud project"
+  type        = string
+}
+
+variable "region" {
+  description = "The region to deploy the Cloud Run services"
+  type        = string
+}
+
+variable "environment" {
+  description = "The environment (e.g. dev or prod)"
+  type        = string
+}
+
+variable "server_image" {
+  description = "The Docker image for the server"
+  type        = string
+}
+
+variable "builder_image" {
+  description = "The Docker image for the builder"
+  type        = string
+}
+
+# Cloud Run service for the server
+resource "google_cloud_run_service" "server" {
+  name     = "autogpt-server-${var.environment}"
+  location = var.region
+
+  template {
+    spec {
+      containers {
+        image = var.server_image
+
+        resources {
+          limits = {
+            cpu    = "1000m"
+            memory = "512Mi"
+          }
+        }
+
+        env {
+          name  = "PORT"
+          value = "8000"
+        }
+      }
+    }
+  }
+
+  traffic {
+    percent         = 100
+    latest_revision = true
+  }
+}
+
+# Cloud Run service for the builder
+resource "google_cloud_run_service" "builder" {
+  name     = "autogpt-builder-${var.environment}"
+  location = var.region
+
+  template {
+    spec {
+      containers {
+        image = var.builder_image
+
+        resources {
+          limits = {
+            cpu    = "1000m"
+            memory = "512Mi"
+          }
+        }
+
+        env {
+          name  = "PORT"
+          value = "3000"
+        }
+      }
+    }
+  }
+
+  traffic {
+    percent         = 100
+    latest_revision = true
+  }
+}
+
+# IAM policy to make the services public
+data "google_iam_policy" "noauth" {
+  binding {
+    role = "roles/run.invoker"
+    members = [
+      "allUsers",
+    ]
+  }
+}
+
+# Apply the IAM policy to the server service
+resource "google_cloud_run_service_iam_policy" "server_noauth" {
+  location = google_cloud_run_service.server.location
+  project  = google_cloud_run_service.server.project
+  service  = google_cloud_run_service.server.name
+
+  policy_data = data.google_iam_policy.noauth.policy_data
+}
+
+# Apply the IAM policy to the builder service
+resource "google_cloud_run_service_iam_policy" "builder_noauth" {
+  location = google_cloud_run_service.builder.location
+  project  = google_cloud_run_service.builder.project
+  service  = google_cloud_run_service.builder.name
+
+  policy_data = data.google_iam_policy.noauth.policy_data
+}
+
+output "server_url" {
+  value = google_cloud_run_service.server.status[0].url
+}
+
+output "builder_url" {
+  value = google_cloud_run_service.builder.status[0].url
+}