Add CI workflow and Containerfile for container image build#1
Add CI workflow and Containerfile for container image build#1omkarjoshi0304 wants to merge 5 commits intoopenstack-lightspeed:mainfrom
Conversation
omkarjoshi0304
force-pushed
the
OSPRH-25519
branch
from
3e68335 to
2022813
Compare
lpiwowar
left a comment
lpiwowar
left a comment
There was a problem hiding this comment.
Couple of things that crossed my mind while going through this for the first time:). Good start in a short time IMO! 🎉 👍
Containerfile
Outdated
| # Install the project and its dependencies | ||
| RUN pip install --no-cache-dir . | ||
|
|
||
| # Use the console_scripts entry point defined in pyproject.toml |
There was a problem hiding this comment.
issue (blocking): Let's add default user other than root.
Containerfile
Outdated
| COPY src/ src/ | ||
|
|
||
| # Install the project and its dependencies | ||
| RUN pip install --no-cache-dir . |
There was a problem hiding this comment.
issue (blocking): Let's use pdm to install the dependencies here (pip install ignores the lockfile).
Containerfile
Outdated
| # Install the project and its dependencies | ||
| RUN pip install --no-cache-dir . | ||
|
|
||
| # Use the console_scripts entry point defined in pyproject.toml |
There was a problem hiding this comment.
issue (blocking): Let's add EXPOSE for docs purposes.
|
|
||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
issue (blocking): Let's use the latest version from -> https://github.com/actions/checkout
There was a problem hiding this comment.
changed it to checkout@v6
Containerfile
Outdated
| # NOTE: UBI9 does not yet provide a Python 3.13 image (only up to 3.12). | ||
| # Since pyproject.toml requires python >= 3.13, we use the official Python | ||
| # slim image. Switch to a UBI-based image when one becomes available. | ||
| FROM python:3.13-slim |
There was a problem hiding this comment.
issue (blocking): Let's use full URL here.
| uses: redhat-actions/buildah-build@v2 | ||
| with: | ||
| image: ${{ github.event.repository.name }} | ||
| tags: v${{ env.VERSION }} latest |
There was a problem hiding this comment.
issue (blocking): Different people, different opinions:). But for now, I would follow the same pattern we use with the openstack-lightspeed/rag-content image. Use a commit hash only for the tag.
Containerfile
Outdated
| # NOTE: UBI9 does not yet provide a Python 3.13 image (only up to 3.12). | ||
| # Since pyproject.toml requires python >= 3.13, we use the official Python | ||
| # slim image. Switch to a UBI-based image when one becomes available. | ||
| FROM python:3.13-slim |
There was a problem hiding this comment.
I'll change it to python 3.12 so we can use the UBI9 image
| # Since pyproject.toml requires python >= 3.13, we use the official Python | ||
| # slim image. Switch to a UBI-based image when one becomes available. | ||
| FROM python:3.13-slim | ||
|
|
There was a problem hiding this comment.
Please add appropriate labels to the image.
References:
|
|
||
| # Install the project and its dependencies | ||
| RUN pip install --no-cache-dir . | ||
|
|
There was a problem hiding this comment.
We should define a user and the workdir.
Reference: https://github.com/openstack-k8s-operators/cinder-operator/blob/main/Dockerfile
omkarjoshi0304
force-pushed
the
OSPRH-25519
branch
2 times, most recently
from
d7d643b to
fe38070
Compare
omkarjoshi0304
force-pushed
the
OSPRH-25519
branch
from
9aacb18 to
6bc1ba5
Compare
omkarjoshi0304
force-pushed
the
OSPRH-25519
branch
from
a662a67 to
c8ff641
Compare
lpiwowar
left a comment
lpiwowar
left a comment
There was a problem hiding this comment.
Couple of things that need to be polished IMO:)
| ] | ||
| dependencies = ["mcp>=1.25.0", "openstackclient==4.0.0", "stevedore>=5.6.0", "pydantic>=2.12.5", "kubernetes>=35.0.0"] | ||
| requires-python = "==3.12" | ||
| requires-python = ">=3.12" |
There was a problem hiding this comment.
question (blocking): Why did you make this change? 👀 Also:
[lpiwowar@fedora rhos-mcps (OSPRH-25519)]$ pdm lock --check
WARNING: Lockfile hash doesn't match pyproject.toml, packages may be outdated
and
...
STEP 7/11: RUN pdm install --prod --no-editable --frozen-lockfile
WARNING: Lockfile hash doesn't match pyproject.toml, packages may be outdated
WARNING: Project requires a python version of >=3.12, The virtualenv is being created for you as it cannot be matched to the right version.
...
There was a problem hiding this comment.
The original requires-python was "==3.12", which means exactly Python 3.12.0. The UBI9 base image ships Python 3.12.12. Since 3.12.12 != 3.12.0, pdm treated them as incompatible and tried to download a separate CPython 3.12.0 during the container build, which failed. Changed to >=3.12 so it accepts any Python 3.12.x (including the 3.12.12 in the UBI9 image) and future versions.
Regarding the lockfile mismatch — you're right, the pdm.lock in this PR is stale. I'll regenerate it with pdm lock and push an updated commit.
Containerfile
Outdated
| # Copy dependency and build files first for better layer caching | ||
| COPY pyproject.toml pdm.lock README.md ./ | ||
|
|
||
| # Copy the source code |
There was a problem hiding this comment.
nit (non-blocking): These types of comments are not necessary. Nothing too complicated is happening here, hence no need to explain it:). I would rethink whether the other comments are really necessary in the containerfile as well.
| @@ -0,0 +1,32 @@ | |||
| FROM registry.access.redhat.com/ubi9/python-312:latest | |||
There was a problem hiding this comment.
suggestion (blocking): Short section in the readme about how to use the image could be nice:). No need to write the entire README. I think Gorka is working on this. For example, the REAMDE section can explain how can I use the image with custom configuration.
omkarjoshi0304
force-pushed
the
OSPRH-25519
branch
from
7f0f84f to
ac779f7
Compare
|
|
||
| ### Running the image | ||
| ```bash | ||
| podman run -p 8080:8080 quay.io/openstack-lightspeed/rhos-mcps:latest |
There was a problem hiding this comment.
question: What if I want to use custom config.yaml file for the mcp server? [1]
[1] https://github.com/openstack-lightspeed/rhos-mcps/blob/main/config.yaml.sample
| http://localhost:8080/mcp | ||
| ``` | ||
|
|
||
| ### IDE configuration |
There was a problem hiding this comment.
suggestion (non-blocking): I personally would not put this here since this is about the consumption of the MCP. The users of this MCP should consult with the documentation from their IDEs IMO.
3 participants
Adds CI pipeline to build and push the container image to quay.io.