fix(schematic): fix how schematic_api folder being copied in Dockerfile

[linglp]

Changes

• Currently the docker image of schematic is not being built correctly after https://github.com/Sage-Bionetworks/sage-monorepo/pull/2403 got merged. I think I introduced an error when I tried consolidating statements with this commit: https://github.com/Sage-Bionetworks/sage-monorepo/pull/2403/commits/fbbb74b92aa5934048d07e9eafe66200e4a41a20
• Since Thomas is introducing a feature to lint Dockerfile, I used the Dockerfile he linted for schematic. Please see Thomas's PR here: https://github.com/Sage-Bionetworks/sage-monorepo/pull/2573/files
• remove main.py since the original __main__ could still work. I pointed uWSGI file to look at __main__.py

Test

I made sure that the docker image could be built successfully and the container could be run (and swagger UI page is showing). Also ensured that nx build-image schematic-api and nx serve-detach schematic-api are working as expected.

[linglp]

@andrewelamb I would appreciate if both of you could take a look and try building docker container from your end. It should work as expected now.

And @tschaffter, after you merge your PR: https://github.com/Sage-Bionetworks/sage-monorepo/pull/2573, I could pull your PR and do another round of test.

[tschaffter]

@linglp It's best if you pull the changes from main to update the Dockerfile, then I'm happy to test building the container.

[linglp]

@linglp It's best if you pull the changes from main to update the Dockerfile, then I'm happy to test building the container.

Thanks Thomas. I did what you suggested. Could you test by building the container?

[tschaffter]

@linglp Is there something specific that you would like me to test? The CI workflow already confirms that the image can be built successfully.

[linglp]

@linglp Is there something specific that you would like me to test? The CI workflow already confirms that the image can be built successfully.

If you don't mind, could you spin up the container by using nx serve-detach schematic-api on your end and see if you could see the swagger UI page? Sometimes even though the image could be built successfully, the container could not be run without errors.

[tschaffter]

The container keeps restarting on my end.

$ nx build-image schematic-api
$ nx serve-detach schematic-api

...
*** Operational MODE: preforking ***
2024-03-20 15:46:55,776 INFO success: quit_on_failure entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-03-20 15:46:55,780 WARN received SIGTERM indicating exit request
2024-03-20 15:46:55,780 INFO waiting for quit_on_failure, uwsgi to die
2024-03-20 15:46:58,783 INFO waiting for quit_on_failure, uwsgi to die
2024-03-20 15:47:01,787 INFO waiting for quit_on_failure, uwsgi to die
...

[linglp]

hmm @tschaffter , did you run prepare_key_certificate.py before running the container? I just tried again and it worked on my end. In the log, I could see:

*** Starting uWSGI 2.0.21 (64bit) on [Wed Mar 20 22:41:09 2024] ***
compiled with version: 10.2.1 20210110 on 20 March 2024 22:40:31
os: Linux-4.14.336-257.562.amzn2.x86_64 #1 SMP Sat Feb 24 09:50:35 UTC 2024
nodename: 314337d6f196
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 8
current working directory: /app/app
detected binary path: /usr/local/bin/uwsgi
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: enabled
uwsgi socket 0 bound to UNIX address /tmp/uwsgi.sock fd 3
setgid() to 33
setuid() to 33
Python version: 3.10.13 (main, Mar 12 2024, 12:27:52) [GCC 10.2.1 20210110]
2024/03/20 22:41:09 [warn] 11#11: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/localhost.crt"
nginx: [warn] "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/localhost.crt"
2024/03/20 22:41:09 [warn] 11#11: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/localhost.crt"
nginx: [warn] "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/localhost.crt"
Python main interpreter initialized at 0x55594e6d6cd0
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 1727064 bytes (1686 KB) for 16 cores
*** Operational MODE: preforking ***
2024-03-20 22:41:10,176 INFO success: quit_on_failure entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
WSGI app 0 (mountpoint='') ready in 11 seconds on interpreter 0x55594e6d6cd0 pid: 12 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 12)
spawned uWSGI worker 1 (pid: 29, cores: 1)
spawned uWSGI worker 2 (pid: 30, cores: 1)
running "unix_signal:15 gracefully_kill_them_all" (master-start)...
172.19.0.1 - - [20/Mar/2024:22:41:49 +0000] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" "-"

[tschaffter]

I didn't. I didn't pay attention to the error message but does it say exactly what the issue is (key/certificate missing)? Otherwise, it's OK to merge the PR if it's working on your end.

[linglp]

I didn't. I didn't pay attention to the error message but does it say exactly what the issue is (key/certificate missing)? Otherwise, it's OK to merge the PR if it's working on your end.

So if I don't run the prepare certificate script, in the log I could see:

2024-03-21 14:46:23,148 INFO success: nginx entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2024-03-21 14:46:23,149 INFO success: uwsgi entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2024/03/21 14:46:23 [emerg] 9#9: cannot load certificate "/etc/ssl/certs/localhost.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/certs/localhost.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: [emerg] cannot load certificate "/etc/ssl/certs/localhost.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/certs/localhost.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
2024-03-21 14:46:23,158 INFO exited: nginx (exit status 1; not expected)

But the log is quite long.. you might have to scroll a little bit more to see the message.

[andrewelamb]

@linglp When I checked out this branch I got:

git checkout -b fix-Dockerfile linglp/fix-Dockerfile
Branch 'fix-Dockerfile' set up to track remote branch 'fix-Dockerfile' from 'linglp'.
Switched to a new branch 'fix-Dockerfile'
✨ Preparing Node.js environments
✨ Preparing Java environments
✨ Preparing Python dependencies
✨ Preparing R environments
Unable to read the environment variable `DEVCONTAINER_VERSION`.