Dockerize prerelease website (#66)

This will allow the OSL to manage this as a docker container and handle updates
better in the long term. Some key changes:

- Add weekly dependabot checks
- Add requirements.txt
- Add basic CI
- Build and release container images on ghcr.io which will be used in the
  cookbook
- Do a weekly build regardless of any dependabot bumps
- Deploy website using gunicorn instead of mod_python
- Create wsgi.py for gunicorn

Signed-off-by: Lance Albertson <[email protected]>

Author: ramereth

.github/dependabot.yml

@@ -0,0 +1,7 @@
+---
+version: 2
+updates:
+  - package-ecosystem: pip
+    directory: /
+    schedule:
+      interval: weekly

.github/workflows/bootstrap.yml

@@ -0,0 +1,22 @@
+---
+name: Build and install python packages
+on: [push]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version:
+          - "3.11"
+          - "3.12"
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt

.github/workflows/ci.yml

@@ -0,0 +1,57 @@
+---
+name: Create and publish a Docker image
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+  schedule:
+    - cron: '45 18 * * 3'
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and export Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          tags: ros-infrastructure/prerelease_website:test
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      - name: Log in to the Container registry
+        if: contains(fromJSON('["push", "schedule"]'), github.event_name)
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        if: contains(fromJSON('["push", "schedule"]'), github.event_name)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=schedule,${{ github.ref_name }}
+      - name: Build and push Docker image
+        if: contains(fromJSON('["push", "schedule"]'), github.event_name)
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/container.yml

@@ -0,0 +1,8 @@
+FROM python:3.11-alpine
+
+COPY requirements.txt /prerelease_website/requirements.txt
+WORKDIR /prerelease_website
+RUN pip  --no-cache-dir install -r requirements.txt
+COPY . /prerelease_website
+ENTRYPOINT ["/prerelease_website/entrypoint.sh"]
+EXPOSE 5000

Dockerfile

@@ -0,0 +1,12 @@
+#!/bin/sh
+exec gunicorn \
+  -u nobody \
+  -g nobody \
+  --access-logfile '-' \
+  --error-logfile '-' \
+  --log-file "-" \
+  --access-logformat '%({x-forwarded-for}i)s %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"' \
+  --forwarded-allow-ips="140.211.9.104,2605:bc80:3010:104::8cd3:968" \
+  -w 4 \
+  -b 0.0.0.0:5000 \
+  'wsgi:app'

entrypoint.sh

@@ -0,0 +1,23 @@
+blinker==1.8.2
+catkin-pkg==1.0.0
+click==8.1.7
+configparser==7.0.0
+distro==1.9.0
+docutils==0.21.2
+empy==4.1
+Flask==3.0.3
+gunicorn==22.0.0
+itsdangerous==2.2.0
+Jinja2==3.1.4
+MarkupSafe==2.1.5
+packaging==24.1
+pyparsing==3.1.2
+python-dateutil==2.9.0.post0
+PyYAML==6.0.1
+ros-buildfarm==3.0.0
+rosdistro==0.9.1
+rosinstall-generator==0.1.23
+rospkg==1.5.1
+six==1.16.0
+vcstool==0.3.0
+Werkzeug==3.0.3

requirements.txt

@@ -0,0 +1,4 @@
+from prerelease_website import app
+
+if __name__ == "__main__":
+    app.run()