From e427fd6f4a186784e345b8f88424d74c004f1e5a Mon Sep 17 00:00:00 2001
From: "Michael Maeng (AWS)" <83842446+mmaeng@users.noreply.github.com>
Date: Wed, 12 Oct 2022 17:23:12 -0400
Subject: [PATCH] fix(lambda-python): commands run non-sequentially on Graviton
 when building container image (#22398)

fixes #22012

There were reports that Dockerfile RUN commands are done out of order when building the container image on Graviton.  I combined all the separate RUN commands into a single command and using the shell to explicitly enforce the sequence.

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
* [] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 .../@aws-cdk/aws-lambda-python/lib/Dockerfile | 38 +++++++++----------
 1 file changed, 18 insertions(+), 20 deletions(-)

diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
index c2a6aca7829b6..28bde8baf87a7 100644
--- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
+++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile
@@ -7,32 +7,30 @@ ARG PIP_INDEX_URL
 ARG PIP_EXTRA_INDEX_URL
 ARG HTTPS_PROXY
 
-# Create a new location for the pip cache
-# Ensure all users can write to pip cache
-RUN mkdir /tmp/pip-cache && \
-    chmod -R 777 /tmp/pip-cache
+# Add virtualenv path
+ENV PATH="/usr/app/venv/bin:$PATH"
 
-# set the cache location
+# set the pip cache location
 ENV PIP_CACHE_DIR=/tmp/pip-cache
 
-# create a new virtualenv for python to use
-# so that it isn't using root
-RUN python -m venv /usr/app/venv
-ENV PATH="/usr/app/venv/bin:$PATH"
+# set the poetry cache
+ENV POETRY_CACHE_DIR=/tmp/poetry-cache
 
+RUN \
+# create a new virtualenv for python to use 
+# so that it isn't using root
+    python -m venv /usr/app/venv && \
+# Create a new location for the pip cache
+    mkdir /tmp/pip-cache && \
+# Ensure all users can write to pip cache
+    chmod -R 777 /tmp/pip-cache && \
 # Upgrade pip (required by cryptography v3.4 and above, which is a dependency of poetry)
-RUN pip install --upgrade pip
-
-
-# pipenv 2022.4.8 is the last version with Python 3.6 support
-RUN pip install pipenv==2022.4.8 poetry
-
+    pip install --upgrade pip && \
 # Create a new location for the poetry cache
+    mkdir /tmp/poetry-cache && \
 # Ensure all users can write to poetry cache
-RUN mkdir /tmp/poetry-cache && \
-    chmod -R 777 /tmp/poetry-cache
-
-# set the poetry cache
-ENV POETRY_CACHE_DIR=/tmp/poetry-cache
+    chmod -R 777 /tmp/poetry-cache && \
+# pipenv 2022.4.8 is the last version with Python 3.6 support
+    pip install pipenv==2022.4.8 poetry
 
 CMD [ "python" ]