Install Python dependencies with pipenv
#191
Conversation
This configuration includes a Pipfile configuration file and the generated Pipfile.lock file that pins to specific versions for the Python dependencies for this project. This will help us ensure repeatable builds. The pipenv package is added as a developmental requirement to support these files.
Now that we have a pipenv configuration we will use it to install the Python dependencies for the image. The `build` workflow is updated to no longer pass the VERSION build argument in line with this change.
Switch to using a multi-stage build in the Dockerfile. This reduces image size since pipenv and its dependencices are not needed in the final image. It also ensures that the system Python environment is unmodified.
Install the core Python packages (pip, setuptools, and wheel) into the system Python environment before installing pipenv. This keeps things consistent with our usual approach to Python environments.
mcdonnnj
added
breaking change
mcdonnnj
requested review from
dav3r,
felddy,
jasonodoom and
jsf9k
as code owners
There was a problem hiding this comment.
Outside the scope of this PR, but might as well clean it up while we are here - these versions in the README are out of sync with the current version (0.0.1):
Lines 142 to 144 in 8e03ad9
They should look like this:
|`cisagov/example:0.0.1`| An exact release version. |
|`cisagov/example:0.0`| The most recent release matching the major and minor version numbers. |
|`cisagov/example:0`| The most recent release matching the major version number. |
I couldn't find a way to make this a commit suggestion.
If you are amenable I will fix this in a later PR when I bump the version of cisagov/skeleton-python-library that is used. I think the original intent was to just use an example version vs. matching the version of the image 🤷 |
The comment references a command that is no longer being run. Co-authored-by: Shane Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
That's fine with me, thanks. 👍 |
mcdonnnj
merged commit 1b3e9d8
into
improvement/update_Dockerfile_configuration
Explicitly define permissions of `GITHUB_TOKEN` in our GitHub Actions workflows
…tion Install Python dependencies with `pipenv`
…tion Install Python dependencies with `pipenv`
🗣 Description
This pull request updates the image configuration to use Pipenv to install Python dependencies (finally worked up to a big change PR!). As part of that change it also switches to a multi-stage build.
Note
I am creating this pull request against a branch that will represent a larger body of work. This branch will later have a pull request against
developonce the body of work is completed.💭 Motivation and context
Since Docker image builds should be as repeatable as possible it makes sense to pin any Python dependencies to specific versions. Pipenv is used because it works well for Python deployment as it does not need any Python packaging. The multi-stage build just helps keep the final image slim as well as removing anything used for set up that is not needed for the image to function. You can see with other changes in place we are now at less than half the size of the previous image configuration:
🧪 Testing
Automated tests pass.
✅ Pre-approval checklist
to reflect the changes in this PR.