generated from RyosukeDTomita/template_repository_all
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
71 lines (56 loc) · 1.87 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Dev Container
FROM debian:bookworm-20241223 AS devcontainer
ARG PYTHON_VERSION=3.12.4
WORKDIR /app
# aqua install
RUN <<EOF bash -ex
apt-get update -y
apt-get install -y --no-install-recommends wget ca-certificates
wget -q https://github.com/aquaproj/aqua/releases/download/v2.30.0/aqua_linux_amd64.tar.gz
rm -rf /usr/local/bin/aqua && tar -C /usr/local/bin/ -xzf aqua_linux_amd64.tar.gz
rm aqua_linux_amd64.tar.gz
rm -rf /var/lib/lists
EOF
# install packages and some tools.
# NOTE: rye is installed by aqua.
COPY ./aqua.yaml ./
RUN aqua install
# build
COPY ./ .
RUN <<EOF bash -ex
PATH=$PATH":$(aqua root-dir)/bin"
rye pin ${PYTHON_VERSION}
rye sync
rye build
EOF
FROM python:3.12.4-slim-bullseye AS run
WORKDIR /app
ARG VERSION="0.2.0"
LABEL version="${VERSION}" \
author="RyosukeDTomita" \
docker_compose_build="docker buildx bake" \
docker_build="docker buildx build . -t my_portscanner" \
docker_compose_run="docker compose run my_portscanner_app localhost" \
docker_run="docker run my_portscanner localhost"
# install sudo
RUN <<EOF bash -ex
apt-get update -y
apt-get install -y --no-install-recommends sudo
EOF
ARG USER_NAME="sigma"
# create execution user with sudo
RUN <<EOF bash -ex
echo 'Creating ${USER_NAME} group.'
addgroup ${USER_NAME}
echo 'Creating ${USER_NAME} user.'
adduser --ingroup ${USER_NAME} --gecos "my_portscanner user" --shell /bin/bash --no-create-home --disabled-password ${USER_NAME}
echo 'using sudo'
usermod -aG sudo ${USER_NAME}
echo "${USER_NAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
rm -rf /var/lib/lists
EOF
COPY --from=devcontainer --chown=${USER_NAME}:${USER_NAME} ["/app/dist/my_portscanner-${VERSION}-py3-none-any.whl", "/app/dist/my_portscanner-${VERSION}-py3-none-any.whl"]
# install app
RUN python3 -m pip install /app/dist/my_portscanner-${VERSION}-py3-none-any.whl
USER ${USER_NAME}
ENTRYPOINT ["sudo", "my_portscanner"]