-
Notifications
You must be signed in to change notification settings - Fork 234
/
Dockerfile
90 lines (73 loc) · 2.72 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
FROM ubuntu:22.04 AS base
# hadolint ignore=DL3005,DL3008
RUN apt-get update -qq \
# Make sure that all security updates are installed
&& apt-get dist-upgrade -y --no-install-recommends \
&& apt-get install -y --no-install-recommends \
python3 \
python3-venv \
python3-pip \
python3-dev \
&& apt-get autoremove -y \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 100 \
&& update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 100
FROM base AS python_builder
ARG POETRY_VERSION=1.8.2
# hadolint ignore=DL3008
RUN apt-get update -qq \
&& apt-get install -y --no-install-recommends \
curl \
&& apt-get autoremove -y
# install poetry
# keep this in sync with the version in pyproject.toml and Dockerfile
ENV POETRY_VERSION=$POETRY_VERSION
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL https://install.python-poetry.org | python
ENV PATH="/root/.local/bin:/opt/venv/bin:${PATH}"
# install dependencies
COPY . /app/
WORKDIR /app
# hadolint ignore=SC1091,DL3013
RUN python -m venv /opt/venv && \
. /opt/venv/bin/activate && \
pip install --no-cache-dir -U pip && \
pip install --no-cache-dir wheel && \
poetry install --no-dev --no-root --no-interaction
# install dependencies and build wheels
# hadolint ignore=SC1091,DL3013
RUN . /opt/venv/bin/activate && poetry build -f wheel -n \
&& pip install --no-cache-dir --no-deps dist/*.whl \
&& mkdir /wheels \
&& poetry export -f requirements.txt --without-hashes --output /wheels/requirements.txt \
&& poetry run pip wheel --wheel-dir=/wheels -r /wheels/requirements.txt \
&& find /app/dist -maxdepth 1 -mindepth 1 -name '*.whl' -print0 | xargs -0 -I {} mv {} /wheels/
WORKDIR /wheels
# install wheels
# hadolint ignore=SC1091,DL3013
RUN find . -name '*.whl' -maxdepth 1 -exec basename {} \; | awk -F - '{ gsub("_", "-", $1); print $1 }' | uniq > /wheels/requirements.txt \
&& rm -rf /opt/venv \
&& python -m venv /opt/venv \
&& . /opt/venv/bin/activate \
&& pip install --no-cache-dir -U pip \
&& pip install --no-cache-dir --no-index --find-links=/wheels -r /wheels/requirements.txt \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& rm -rf /wheels \
&& rm -rf /root/.cache/pip/*
# final image
FROM base
# copy needed files
COPY ./entrypoint.sh /app/
COPY --from=python_builder /opt/venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
# update permissions & change user
RUN chgrp -R 0 /app && chmod -R g=u /app
USER 1001
# change shell
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# create a mount point for custom actions and the entry point
WORKDIR /app
EXPOSE 5055
ENTRYPOINT ["./entrypoint.sh"]
CMD ["start", "--actions", "actions"]